Robust data backup is a vital ransomware defence

Issue 1 2022 IT infrastructure

It’s common knowledge that ransomware attacks are on the rise and organisations need to be realistic about what this means for their security. The number of entry points into IT systems that attackers can exploit has skyrocketed in recent years. According to the FBI, there has been a 300% rise in cybercrimes during the pandemic as more people log in to their work systems from home networks and personal devices.

Ransomware isn’t going anywhere. Rising global connectivity, the recent rapid adoption of digital communication technologies and remote working all create potential new ‘doors’ into IT systems. Growing technologies such as the cloud, 5G and the IoT means our connectivity will continue to multiply, meaning more doors and more opportunity for ransomware success.

Ideally, you’ll stop all attacks in their tracks, but that’s not always possible. Having a robust backup strategy is essential if you’re going to be able to take back control and recover your data in the event of an attack.

So, what are the three key areas you should be focusing on when it comes to data protection?

1, Create robust backups and immutable storage

You can never know when an attack may mean you have to restore your entire estate. So where do you start?

Recognise that your biggest challenge is probably that your data is getting increasingly harder to manage and control, due to spiralling levels of data volumes and types. It might also be spread across multiple locations or saved on a hybrid network which uses cloud storage, in itself increasing vulnerability. This can complicate your data backup processes and your IT teams can quickly find themselves relying on multiple different backup tools which are costly, confusing to manage and a drain on resources.

It’s important to ensure that you have clean, non-infected backup copies that you can rely on as your last line of defence. Prioritise finding a backup solution that’s flexible enough to handle complex data requirements, including cloud storage and that will simplify management so that you can back up everything at the click of a button, or even automatically.

2. Factor in security

Take a realistic look at your legacy tools because they tend to become outdated quickly and are unable to match the wide range of assets and threat types. In my experience, they can’t provide robust data protection because they rely on how a system used to work, rather than on how it currently works.

Moving to a modern tool with high specification security is vital in your battle against the effects of ransomware. The best solutions will provide WORM storage (write once, read many), with the option to turn on object lock, meaning that once data has been written it can’t be erased, not even by the administrator. And more importantly, this feature needs to be available across multiple hosting points, whether it be public clouds, on premises or hosted private clouds.

Data protection and network security are interdependent, so your storage and backup solution choices should also consider network security and the anti-malware functionality of your current set up, including any networks that remote workers may be using. Consider using a separate network for your backup data, with just one link between the production data and the storage data.

3. Build in consistent monitoring

Your security team needs to have constant visibility of any attacks in order to thwart them at the right time, so continuous 24/7 threat monitoring is important. Look for a single solution that can span all your sites and multiple storage locations, or it’ll be impossible to get a complete overview of your whole estate. This will also make reporting easier and simpler and a system that incorporates automation can provide round-the-clock monitoring without draining your resources.

Updating your data backup system can also simplify your security processes, offering single-click orchestration capabilities, so your policy-driven backup and replication is always available. It’s important for the solution you choose to have capabilities to proactively track unusual usage behaviour and raise alerts for deep dive diagnosis.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

ACaaS should be on your radar
IoT Revolution Technologies Access Control & Identity Management IT infrastructure
Access Control-as-a-Service provides many benefits and can reduce CAPEX costs without compromising security when handled correctly and with the right partner.

Five IT trends to watch in 2023
IT infrastructure
The efforts made by South African companies in 2021 and 2022 have positioned them well for the next wave of growth and innovation — or for continued economic disruption.

Boost enterprise data resilience
Arcserve Southern Africa IT infrastructure
Arcserve Unified Data Protection 9.0 offers unified, multi-tenant cloud-based management, enhanced data availability, durability, and scalability with Cloud Object Storage, and expanded support for Oracle DB and Microsoft SQL Server.

SAN market set for growth
Technews Publishing News IT infrastructure
Storage-area network (SAN) market to hit US$ 26,86 billion in revenue by the end of 2029 due to factors like widespread adoption of Hybrid SAN-NAS solutions.

Advanced server performance and energy efficient design
Editor's Choice IT infrastructure Products
Dell PowerEdge server portfolio expansion offers more performance, including up to 2.9x greater AI inferencing while Dell Smart Flow design and Dell Power Manager software advancements deliver greater energy efficiency.

CA Southern Africa unmasks container security
Technews Publishing IT infrastructure Cyber Security
Adoption of software containers has risen dramatically as more organisations realise the benefits of this virtualised technology.

Best practices for cybersecurity and network health in 2023
Axis Communications SA IT infrastructure
Securing a network from outside threats while making it easily accessible to employees can be challenging. What are the tell-tale signs of poor network security, and what should organisations do to secure their networks?

Fast, reliable and secure cloud services
Technews Publishing Editor's Choice Cyber Security IT infrastructure
Security and speed are critical components of today’s cloud-based services infrastructure. Cloudflare offers a range of services supporting these goals beyond what most people think it does.

ALM a key element of data security
IT infrastructure
ALM is core to any data security framework in the digital age and it is an element that no business can afford to be careless with.

Integrate, integrate, integrate
IT infrastructure
Security and speed will always war for dominance in DevOps but it’s time to integrate the two as the landscape becomes increasingly fractious and complex.