Can you even afford partial or total data loss in business?
Imagine a scenario where you are the owner of a successful business and from one day to the next, you can “close shop”. The attacker targets not only the personal data of employees and customers, but also the company’s information systems and production data, including backups. For many organizations, a hacking attack like this can cause incalculable damage that can run into the hundreds of millions and even existentially threaten their operations.
Backup is not archiving
Often these two terms are used interchangeably, but they are far from being the same process.
Archiving is done for data that you use infrequently or not at all, often to comply with legislation. You make a single copy to keep for several years and the speed of eventual recovery is not important to you (tax, grant or project documentation, photographs, videos, etc.).
You always need a backup if you work with files and folders that are constantly active, undergoing editing and you don’t want to lose them under any circumstances. Reliability and speed of subsequent recovery are key.
Basic rules
The 3-2-1 method, which in practice means:
- have at least 3 copies of the data (original and two copies)
- use 2 different media (ideally NAS and cloud or external hard drive)
- keep 1 copy offsite (different location than the previous two)
These rules ensure that if one of the two mediums fails, the other will save you. The solution even takes into account a natural disaster in which both media would be lost. Your data will be safe, as you have a copy stored offsite at the affected location.
In case this method is insufficient, just supplement it with additional copies, media or locations (4-3-2) or just add another offsite copy (3-2-1-1).
Backup as a service
The appeal of the cloud is undeniable to users. Your data is stored conveniently
and available at any time from a variety of devices/apps. In addition, all services such as automatic updates, patches and encryption are provided by the cloud solution provider. All you need is an internet connection and access from an authorized user.
However, we recommend checking the speed and price of data recovery. These are very high for some cloud services. Access to backups when restoring to a nearby DC Faster is also possible physically, which can make the process much more efficient.
A bit of statistical data
Surveys report that more than 90% of cyber attacks target backup storage. Attackers then extort ransom payments. There is no guarantee that you will get your data back or that you won’t be reinfected after paying the ransom.
The 2023 Ransomware Trends Study reports 20% of organisations are unable to recover their data even after paying the ransom.
The average recovery time after an attack is up to 4 weeks, which can be devastating.
More Veeam 2023 Ransomware Trends Report
!! Adopting cloud storage as the only backup solution exposes an organization to a high level of risk from a cybersecurity perspective.
Off-line backup
If a virus or hacker breaks into your network, they can encrypt anything they can get their hands on. And that includes any online backups your system has control over.
Ideally, add a backup that is disconnected from the network outside of backup time. This is then not accessible to the system or the attacker. In addition, our off-line backup system defines the immutability of backups and manages the backup process from its side, including blocking any external requests. Thus, it is not vulnerable even at this time.
Renew before you need to
When an unexpected attack and data loss occurs, we want our data back quickly, intact and, most importantly, complete. We recommend having a recovery plan in place for these cases. It will save you valuable time when you are under pressure and stress. You don’t have to hastily figure out the order of server recovery, search for drivers, etc.
Trying to refresh your data at regular or random intervals is the most important assurance of the perfection of the chosen solution.
Cyber risk insurance a necessity today
Today’s times are favourable for cyber attacks and the number of targets is increasing. It is therefore natural for insurance companies to offer Cyber Risk Insurance as a complementary product. It’s an effective tool against the fallout, you get coverage for your company’s costs and liability in case of data leakage or misuse, protection in case of extortion or business interruption in case of system failures.
However, make sure you set the terms and conditions correctly so that you don’t end up with important areas excluded from your insurance.
In general, do not underestimate the situation, minimize risks and take time to adequately prepare for possible critical scenarios.
In the event of data loss, we will resuscitate you back to an active company without permanent consequences, with a contractually defined time guarantee depending on the type of technology used and the volume of data.
