With ransomware attacks on the rise, many organizations today are feeling helpless and unsure of how to reduce their vulnerability. The solution, though, is surprisingly clear. A successful defense against ransomware and other incidents of malware is as simple as implementing an effective backup plan.
Ransomware is having a good year. CNN recently reported that ransomware events have collected $209 million in Q1 2016, and are on pace to collect $1 Billion in 2016. This leaves companies of all sizes asking how to successfully defend against a ransomware attack. At Druva, we offer our own advice which will go a long way towards improving the security posture of your company and make you much more resilient when faced with today’s inevitability of attack.
While it may seem basic, experts agree that a solid backup plan is still the best prescription for addressing the threat of ransomware.
But what exactly does implementing a backup plan really mean, and what does a well-executed plan look like?
Here then, from the front lines of our data protection experts, are the six proactive steps we recommend for keeping your data safe:
- Protect Distributed Data
An enterprise-grade automated backup solution acts as insurance policy in case of an intrusion such as a ransomware strike. Regular backups across devices and desktops in your organization provide a secondary store of data—stored off-site, no less—as a fallback mechanism in the event of a malicious attack.
If you don’t already have a backup solution in place, this step alone offers not only backup and peace of mind, but further business benefit in terms of information governance. Make sure, though, to select a cloud-based backup solution as it provides off-site storage for additional peace of mind when your on-premise data is at risk. Offsite storage that leverages any of the AWS or Azure storage locations not only provides off-site capabilities, but also complies with local data residency laws by storing it in the same region.
Tip: Druva inSync offers a user-friendly automated data backup solution to customers with greater choice (AWS or Microsoft Azure) for global storage options to better meet their data storage, privacy and security needs, and also offers choice regarding their preferred infrastructure vendor. See why inSync is the industry leader in cloud backup.
- Backup Distributed Data
Are teams distributed across regions (e.g., U.S.A., Australia, India, and others) covered by your backup policy? Does your current backup plan ensure that 100% of your user base is covered—however you define that base—to reduce exposure of employee data? Review and validate the deployment scope of your current backup plan to ensure that your chosen backup solution is deployed automatically to all end users who need to be protected. At a minimum, you should ensure that key users (Executive Management, Faculty, etc.) are covered by your data protection policy.
Tip: Reduce your exposure to potential data loss in the event of a ransomware attack or other catastrophic event by reviewing and validating who in your organization is covered by backup.
- Review the scope of your data backup
What are you backing up? You’re probably protecting desktops and email, but what about other locations where users can store data?
These could include:
■ User Profile (%userprofile%)
■ User specific System & App Settings
■ User-created custom folders
We highly recommend that you review, validate, and, if needed, modify backup content (as defined in your backup policy) to ensure that all important data for protected users is being backed up. This may require you to expand your scope to add custom folders where users can store data.
You may also allow users to self-select the data that is backed up by enabling inSync’s ‘Allow users to add folders’ feature. This can be extremely useful in ensuring that all important data is protected. By implementing the “allow users to add folders” feature, users can easily add folders through its intuitive design within seconds to ensure all their data is successfully backed up.
Tip: Review the types of backup happening today and consider creating custom folders in users’ profiles, to back up other types of content and reduce the potential impact of data loss. This gives users the flexibility to add more folders so that more data is captured for a comprehensive plan.
- Check backup frequency across distributed teams
How often are you backing up? Every 2 days? 8 hours? 4 hours? Do you need an even more aggressive schedule for executives? Review, validate and, if needed, modify backup frequency (defined as part of your backup policy) to ensure automated, periodic backup for all protected users. As a general rule, we recommend you backup at minimum once every 4 hours, and every 2 hours for key users.
Tip: For “mission critical data” or highly sensitive information, apply a different backup frequency based on specific user’s/group’s requirements.
- Validate your retention policy
How long are you keeping your backups? 14 days? 7 weeks? 6 months? Review, validate and, if needed, modify the retention policy (as defined in your backup policy) to ensure a sufficient Recovery Point Objective (RPO). This may vary depending on your particular industry and regulations, and internal IT policies — IT, Legal, and Compliance teams — will make the call on data retention needs. Rest assured that no matter what length you choose, Druva offers unlimited retention for organizations in need of this option.
Tip: Consider applying a longer retention policy to meet internal objectives, especially for key people and departments. Even for people who have important and sensitive data that leave the company, we can retain all of it and protect it.
- Re-Assess policies periodically
While the preceding measures might provide sufficient protection for the foreseeable future, we highly recommend that you revisit your backup policies on a periodic basis (approximately once every six months) to ensure that they are aligned with your organization’s requirements. IT often has the primary responsibility for this routine, and in some cases acts in coordination with the Legal team.
Following these steps will ensure that you have a rock-solid backup routine in place. In the case that a network or end user is compromised, your team will be less vulnerable and less likely to be forced to meet an attacker’s onerous demands—as happens all too often today. Instead, you can take a defensive posture and quickly restore data from time-indexed copies. Without these steps, even with a plan in place, you may still have gaps in your backup execution, leading to significant and costly data loss and business downtime.
Ready to get started with the industry’s #1 rated enterprise end-user data protection solution? Contact Druva today for an obligation-free demo of inSync. And stay tuned for a follow-up blog post outlining the reactive measures you need to take after a ransomware attack strikes.
For more on this topic, we suggest:
- Ransomware Roundup: 5 Recent Healthare Hacks and Outcomes. Read here.
- Five Things You Need To Know About Ransomware. Read here.
- Is IT Ignorant When It Comes To Compliance? Read here.
- OS Migration Workflow documentation for Druva InSync
- Support Community (Support team is reachable 24*7*365)