Cybersecurity, IT Maturity
Simply having business continuity plans is not enough.
Every savvy businessperson knows they need to back up their operating systems and data. It would be irresponsible not to. Utilizing backups to store your data is the most basic step to making sure your information is protected against accidental loss.
Ransomware is one of the largest threats to viable backup plans. Every day it seems like there is a new report of a company or government entity being hit with ransomware. The story is always the same. An employee receives an email with a link or attachment that appears to be legitimate, but is far from it. The unsuspecting employee clicks the link or opens the attachment and in minutes, no one on the network can access their files. All company files are encrypted and the business is given a ransom message demanding payment via cryptocurrency with no way to guarantee that their files will even be restored after payment.
What’s even more troubling is that the amount of money these ransoms are asking for is rising and attacks are becoming more targeted. Hackers can now surveil their victims. When ransomware is triggered, the hacker knows exactly what data they have seized and what that data is worth to you.
It’s not uncommon to see ransom requests over six figures now, where they were rarely over four figures just a year ago. This speaks to the growing sophistication of these criminal enterprises.
Now that you’ve evaluated the importance of maintaining an effective business continuity plan, here are some ways that you can continue to improve your own:
Test your backup plan regularly.
Most organizations have some kind of a business continuity plan. However, most businesses do not regularly test and update their plans.
Test your backups regularly to ensure your business can be restored efficiently and effectively. Just as your infrastructure changes with time, so too should your business continuity plan. Test regularly to identify any unforeseeable gaps or weaknesses and to make improvements.
Leverage versioning and geographical redundancy.
Backups should exist in multiple locations so that, even if one location is compromised through ransomware or natural disaster, you can reboot. Don’t have multiple office locations? Pay a third party to replicate your systems in a different location.
The only way to avoid paying ransom once you’ve been compromised is to have a viable backup to recover from. It may be minutes, days, or weeks before malware is detected, therefore it’s critically important to have versioning and redundancy built in and to test that it works. Versioning means that you maintain x number of copies of your backed-up data. In other words, you don’t have just one back up, you have several.
Additionally, most organizations backup in near real-time. That means their backups run often throughout the course of the day, taking snapshots of critical data as frequently as every fifteen minutes.
Instill security into your company culture.
Business leaders must instill a culture of security within their organization, or they risk running into trouble. For example, encourage your employees to promptly report suspected ransomware or other attacks. Rapid notification is critical to stopping the ransomware from doing severe damage. If too much time passes from initial infection to remediation, even the backups may become encrypted as the systems will start backing up the encrypted data.
Organizations need a comprehensive backup plan that considers the current threat landscape so, even if a ransomware attack takes place, at least one current backup remains viable. This may involve replication, isolation, or other techniques to ensure you have the ability to restore your data without paying a ransom.