How the right backup can save your Business in the event of a Ransomware attack

Ransomware is becoming so common in everyday IT life, that it’s now a case of “when” not “if” an infection strikes you or your business.

Ransomware hackers are finding more ingenious ways to infect your systems, commonly preying on simple human error to deploy the virus rather than a brute force attack.

Read our blog on spotting the “dodgy emails” for more information and guidance on spotting ransomware before it strikes.

When the attack does take place, there are only 2 viable options available, as ransomware is a particularly nasty form of intrusion.

Pay the ransom, which Is not recommended in any circumstances, as there is still no guarantee of retrieving your ransomed data.

Or, resort to the recovery of your files from a backup.

It’s at this point when you go for your backup does the backup solution you employed start to pay dividends. Only the quality and validity of your backups will save the day.

Prevention is always better than cure, so can you ever have enough backups?

Well, simply no, the more the merrier. The more you cover your business, the stronger chance you have of recovering. Ransomware hackers are getting more and more sophisticated, even to the point now of encrypting backup services, like Dropbox. So, if your backup is encrypted, it’s useless as a point of recovery.

So a multi-level backup approach is the only sensible approach a business can take.

Backup Best Practices

Accepted Best Business Practice is to have a 3-stage approach to backup solutions which means having your Data Live + Local Backup for fast recovery + Secure Off-Site Data

• Live backups – Active processing systems and data.  Devices and services that are attached to your systems all the time, offer the fastest recovery time in the event of a loss, but are the first to be compromised, and are usually rendered useless by most ransomware strains.
• External Storage – Devices that are not permanently connected either logically or physically to your live systems, historically this means media such as external Hard drives, Tape drives, duplicate Systems’s and servers that are powered off most of the time or only connect or are connected for the purpose of the backup.
• Offsite storage – this is the best solution not only for viruses and ransomware but for all types of DR, such as Fire, Theft, flood or any form or data or site loss. Offsite storage can take the longest time to recover from but offers the best chance of a full and viable recovery.

For offsite storage it is critical that it is not connected to your systems, if your systems can’t see it, then a virus can’t infect it.

Disaster Recovery (DR) Planning and Testing

It’s important that all backups are tested, checked and verified, as if every night your backup is backing up corrupt information or to a corrupt or damaged medium, the backup is useless in the event of a recovery. So It’s vital to check its valid, current and functional, on a frequent basis, to make sure when you need it, you have it.

Also, consider testing your DR plan at least annually, create the scenario, what if, just pretend the worst has happened and you reach for your backup and ask these simple questions…

1. Does it work?
2. Does it do what you expected?
3. Is everything you need there?
4. How long would it take to get back up and running again?

A DR plan is critical to measure the potential impact a ransomware strike could have on your business. Would you know what to do, if it happens to you? How would you deal with it?

Use Computer Friendly Consultants to provide your complete backup solution

It’s a simple answer, as we offer a varied range of solutions to fit all business requirements, whether you need Business Recovery in minutes, or your requirement is to get it all back at all even if it takes a while. We have solutions to cover your needs…

• We copy/backup your live data encrypted encrypt during the process to devices on your site on a scheduled basis and replicate this encrypted data offsite to our data facility daily or as often as your internet connection will allow
• Our data facility is Private, run by us, controlled by us, we manage all aspects  of Security and Verification
• The automated system checks the data as it arrives and the system reports daily for errors and failures.
• It’s not oversubscribed, so recovery is as fast as possible
• We also can provide a controlled environment for test recoveries, so you know that in the event of strike you have a point of recovery