Effectively Protect Your Data From Ransomware attacks
One of the best ways to prevent ransomware from crippling your business is to have a reliable backup strategy. At its fundamental level, backup is the process of creating copies of your data and storing them in a separate location, so that you can restore them in case of a disaster. Backup can help you recover from ransomware attacks by allowing you to restore your files without paying the ransom or losing your data permanently.
However, not all backup methods are equally effective against ransomware…Some backup solutions may be vulnerable to ransomware infection, corruption, or deletion, especially if they are connected to your network or use the same credentials as your primary storage. Therefore, you need to implement a backup solution that offers the highest level of security, reliability, and flexibility for your data protection needs.
The 3-2-1 BCDR Strategy with Cloud Backup
A 3-2-1 BCDR strategy is a best practice for backup and disaster recovery that involves having at least three copies of your data, stored on two different media, and one of them being offsite. A 3-2-1 BCDR strategy can help you minimise the risk of data loss, improve your recovery time and recovery point objectives, and reduce your operational costs. Here is how you can implement a 3-2-1 BCDR strategy with cloud backup:
- Have at least three copies of your data. You should have one copy of your data on your primary storage. You should also have two backup copies of your data, one on a local backup device, such as an ExaGrid or other backup appliance with immutable storage and another on a cloud backup service, such as Azure.
- Store your data on two different media. You should store your data on different types of storage media, such as disk, tape, or cloud. This way, you can prevent data loss due to hardware failure, theft, or damage. For example, you can store your data on disk for your primary storage and local backup, and on cloud for your offsite backup.
- Keep one copy of your data offsite. You should keep one copy of your data in a remote location, such as a cloud backup service, that is separate from your primary storage and local backup. This way, you can protect your data from natural disasters, power outages, or network failures that may affect your onsite location.
By implementing a 3-2-1 BCDR strategy with cloud backup, you can ensure that your data is always protected, available, and recoverable, no matter what happens. You can also leverage the benefits of cloud backup, such as security, reliability, flexibility, and control, to enhance your ransomware recovery capabilities.
Is 3-2-1 Still Enough?
Cloud backup can be a valuable solution for ransomware recovery, as it can help you protect your data from ransomware attacks, restore your data quickly and easily, and adapt your backup strategy to your changing needs.
However, if attackers have gained access to your domain, your backups and Cloud environments could be compromised and lead to your backups being deleted.
Best practice is to create an “Air-Gapped” second cloud environment using a separate subscription on immutable storage with user accounts not linked to your primary Active Directory environment.
This creates a barrier or “Air-Gap”between your production systems and your backups. If your entire production environment and backups are deleted, you have a copy to restore from.
This is a typical architecture utilising Azure and Azure Immutable Storage Account and Veeam to achieve this:
Implementing Backup Has Become Strategic
Having now been involved with many customers that have been targeted by Ransomware houses, we are of the belief that it’s not about “If” you suffer a cyber-attack. The reality is that it is “When”.
In the past, backup was often to satisfy an audit requirement or to make sure that James in accounts can get back the file he deleted when his cat walked across his keyboard.
We have to move our thinking beyond this and realise that Backup is the last strategic stand we can make against these unscrupulous fraudsters and protect our businesses from their fraud.
Creating a backup strategy and plan that allows you to restore your environment in a timeframe that doesn’t damage the business is of paramount importance.
Whether that is using Cloud technologies like Azure or On-Premises solutions like ExaGrid (Or a combination of both), careful consideration and planning needs to go into the architecture and practical planning of a solution that will safeguard your business.
