Take Backups to the Next Level

World Backup Day was initiated in 2011 by Ismail Jadun, a digital consultant who believed that data loss and theft needed to be a more significant priority for organisations.

Today, twelve years on, the growing frequency and sophistication of cyberattacks has spotlighted business resiliency as an essential boardroom priority.

In recent years, ransomware attacks have shifted from a worst-case scenario to an almost guaranteed threat for modern-day organisations. A recent Veeam survey found that 85% of organisations experienced one or more ransomware incidents in 2022, with the impacted organisations only recovering 55% of their data on average. And cybercriminals are increasingly targeting smaller businesses: 74% of SMEs reported seeing a rise in the number of cyberattacks against them in the last year, making cyber resiliency and business continuity a vital priority for organisations big and small.

While World Backup Day should still serve as a reminder to us all to reassess our approach to backup and recovery, these statistics show that backing up infrequently and without a true understanding of the frequency and retention goals of the business is no longer enough. Cybercriminals look for the holes in your cyber defences, and insufficient backup and recovery strategies can increase vulnerability.

It’s time we started thinking about backup and recovery as a year-round priority and defending our backups with a multi-layer approach.

Confronting cyber complexity

There are a lot of disasters that could require a backup and recovery strategy. A fire in your data centre, a flood, or even a human error deletion would require a process for recovery. Recovering data after these incidents isn’t necessarily predictable, but the backup process is simple.

In the case of a cyber incident, however, disaster recovery becomes far more complex. Organisations not only need to recover their workloads from a backup, but they need to ensure that the backup set they use is verified and without malware. If an infected backup is used, organisations are at risk of further damage and downtime.

Organisations can benefit from having multiple, up-to-date backups after a cyber incident by implementing a continuous backup strategy. Further investment into routine testing and managed security then allows organisations to verify backups in the case of a malware incident to reduce the risks of a failed recovery.

Worse still, unlike other disasters, ransomware attacks involve malicious actors working to make data recovery as tricky as possible. Last year alone, 97% of ransomware attacks intentionally targeted backup data, with many ransomware varieties attempting to delete or encrypt backups. Any robust backup and recovery strategy needs to acknowledge the specific complexities of ransomware as a disaster and plan accordingly.

Don’t leave it to chance

Once you have established a regular backup and recovery process and ingrained this into your security culture, it is vital to ensure your organisation’s backups are protected. Like any good cybersecurity strategy, the best defence is multi-layered.

Traditionally, experts have promoted the 3-2-1 strategy for data protection, in which organisations ensure they have three copies of data on two different media, such as disk and tape, with one copy stored offsite. In today’s evolving landscape, however, CISOs should ensure their data protection strategy follows the 3-2-1-1-0 rule at a minimum.

The 3-2-1-1-0 strategy builds upon the typical framework. Still, where the 3-2-1 process ends with recommending one copy be stored offsite to remove single points of failure, this more sophisticated framework also demands one air-gapped copy of data to remove threats. Going further, the last step of a 3-2-1-1-0 is to have 0 errors, meaning that backups are validated and verified.

For any modern business, failing to plan for data loss incidents is planning to fail. This World Backup Day, ensure your organisation has a strategy to protect and recover, but then implement backup and recovery as part of your data security culture throughout the rest of the year and beyond.

By making backup and recovery a focus of every day, no matter when an incident strikes, you can be confident in your business’s resiliency.

About the Author

Sam Woodcock is Senior Director of Cloud Strategy at 11:11 Systems. 11:11 Systems is a managed infrastructure solutions provider that holistically addresses the challenges of next-generation managed cloud, connectivity and security requirements. 11:11 combines the teams and technology behind market leading, analyst vetted companies like Green Cloud Defense and iland to deliver increased performance, optimization and savings. 11:11 provides cloud, connectivity and security solutions from its global footprint of data centers throughout North America, Europe, Australia and Asia.

Featured image: ©monsitj