olly - Fotolia
As external threat actors who use ransomware, phishing and other attack vectors continue to evolve their capabilities, so, too, must IT cybersecurity and data protection professionals continually up their game. A ransomware attack that prevents access to IT systems and data can shut down an organization.
Given the threat environment IT professionals face in 2020, effective preventive measures for your ransomware backup strategy include having a highly protected network perimeter plus data backup and disaster recovery plans. But are they enough?
Ransomware protection that uses artificial intelligence is currently gaining momentum. An AI component not only examines data packets using a large database of digital signatures, it also analyzes suspicious data packets.
From a data backup perspective, perhaps the best ransomware backup strategy is to have critical data, systems and resources backed up to an alternate location. On-site and remote storage options are plentiful and varied, so examine the options carefully. Some of the issues to examine include:
- location of storage resources, particularly how close they are to the organization's primary location;
- on-site versus hosted storage options;
- amount of network bandwidth for large data downloads and system recoveries in an emergency;
- criticality of the data and systems being backed up, so your organization can access them on a priority basis in an emergency;
- frequency of data backups, especially as stated by recovery point objectives;
- multiple data storage facilities, so that data can be backed up to two or more storage locations;
- data encryption technologies to further protect data;
- secure access methodologies;
- periodic testing and verification that backed up data and systems are operational and accessible; and
- a data backup policy that addresses ransomware situations.
The cost of data storage resources is a major consideration for your ransomware backup strategy, especially if you use a brick-and-mortar platform. Organizations with multiple data centers must be able to justify the overhead expense associated with these facilities. Cloud storage can save money by reducing the need for physical footprints, but your organization must assure security and data protection. From a threat perspective, however, more data points mean increased access points for threat actors.
Issue No. 4 above is a key consideration. If a ransomware attack blocks access to critical systems and data, those critical resources must remain available and not threatened. Do your disaster recovery and data backup plans address such a situation? Use a business impact analysis (BIA) to identify the mission-critical systems and data needed to run the business. The BIA can also identify the recovery time objectives and recovery point objectives of these critical resources.
These resources and metrics are essential for your ransomware backup strategy and for recovering after an attack. When planning data backup resources, carefully consider these factors. Could your current data backup facilities be compromised? If there's any concern about the recoverability of critical resources, then you must investigate alternate storage platforms that you can more securely protect.
Dig Deeper on Data backup security
Related Q&A from Paul Kirvan
Business continuity and resilience go hand in hand and play a role in an organization's disaster recovery plan. Essentially, business continuity is ... Continue Reading
Loss or theft of sensitive data can lead to legal, compliance and business consequences. Be sure to take proper precautions to securely store that ... Continue Reading
During data storage audit preparation, gather documentation on storage practices, test results and storage security plans. Evidence is crucial for a ... Continue Reading