Data protection for your business
Instinctively, you reach into your pocket to grab your iPhone.
The bride and groom are about to cut their wedding cake as the sun dips behind the hills.
You jostle to get into position, ready to grab the photo.
Then, raising the iPhone to take a stunning image, it greets you with a blank, black screen.
You tap furiously on the screen, forcing the power button to wake it.
Panic sets in.
You’re going to miss the shot.
“What’s going on here?” you think to yourself.
At that crucial moment, not only has your iPhone failed, you’ve lost the precious photos of your daughter’s wedding as you had not backed them up to the cloud.
And in 2022 alone, Apple reported over 3 trillion photos were taken on iPhone – making the risk of losing them even more significant for the average user.
So, you will not be surprised to learn that over 140,000 hard drives crash in the United States every week. And on average, 20% of small-to-medium enterprises (SMEs) suffer data loss every five years due to a significant disaster. Due to substantial data loss, a growing cloud backup market has developed to address this problem.
With those kinds of stats, it’s no wonder businesses, and companies have been concerned about data backup since floppy disks were commonplace in the 1980s.
Data loss can happen due to viruses, hard drive failures and other human errors. Many people have experienced a loss of their data and information at least once in their lifetime.
But for many, the experience can be even more frustrating if the backup data isn’t protected securely. It’s no longer good enough to simply back up your data.
Your backup must be secure.
With the ever-increasing cyber threats, your backup is potentially vulnerable to sleeper ransomware and supply chain attacks if it’s not secured.
For many businesses, cloud-based backup is convenient, accessible, and effective. However, with a cloud-based solution, there are specific security considerations you should take. To ensure optimum data protection when planning a backup, you should include a recovery strategy and the tools to protect against growing threats.
Some current threats to data backups include:
- Data Centre Outage: The “cloud” means data on a server accessible by the internet. Unfortunately, cloud-based servers and data centres can crash, leading to outages.
- Sleeper Ransomware: Infects your backup by installing ransomware that operates silently in the background. Then, when deployed, the victim doesn’t have a clean backup to restore.
- Supply Chain Attacks: These attacks have been growing and focus on attacking cloud vendors that many companies rely upon. So that when a vendor experiences a cyberattack, it will spread throughout their client base.
- Misconfiguration: When security settings are not established correctly, this can lead to hackers gaining access to your cloud storage. Once the hackers can access your storage, they can download and erase as many files as they like.
Data protection backup: What do you need?
If you only back up your data, you expose your business. Therefore, you must check which application you use provides adequate data protection. Here is what you need to know when investigating potential backup solutions.
Ransomware is able to spread rapidly across your network, infecting existing data – think, stored data on computers, servers, and smartphones. And any data stored in the cloud syncing with those devices.
Concerningly, 95% of ransomware attacks also try to infect data backup systems. That’s why any data backup solution you use must be protected from ransomware, which restricts automated file changes that may occur to documents.
Continuous Data Protection
Unlike scheduled backup, which generally occurs daily, continuous data protection will back up files as users make changes.
With continuous data protection, you ensure that the system captures the latest file changes – mitigating data loss if a system crashes before the next backup.
Imagine losing a day’s worth of data through a system crash. It would be a costly experience to impact your business’s ability to function.
When looking for data protection, ensure it includes threat identification functions in a backup service to protect files. A threat identification tool identifies malware and viruses in new or existing back-ups. This tool can help stop sleeper ransomware and similar malware from infecting your business’s backups.
Introduce a zero-trust approach.
Globally, cybersecurity professionals encourage companies to adopt zero-trust security measures, including application safelisting and multi-factor authentication.
A zero-trust approach is when a hold is in place, so all users and applications need continuous authentication. So, if a user logs into the system today, it doesn’t mean they are completely trusted.
Here are some examples of the zero-trust features to consider:
- Multi-factor authentication
- Distinct file and folder permissions
- Contextual authentication
- Verification of permissions for file changes
Ensure you have a backup redundancy.
When you back up only to a USB drive (or CD), you only have one copy of those files. So, if something happens to that copy, you will experience a data loss.
Many cloud backup providers will offer a backup redundancy, which means that the server holding your data mirrors that data to another server. Doing so can prevent data loss in the case of a server crash, cyberattack or natural disaster.
Use air gapping to secure sensitive information.
Air gapping is a system that maintains a copy of your data offline or separated differently. Usually, this means making a second backup copy of your data and storing it on another server disconnected from external sources.
If you have highly-sensitive data, this feature is worth looking for to ensure you have another backed-up copy that is ‘fenced off’ from common cyber threats.
Is your backup protected?
If you still need to protect your backup process or develop a roadmap to plan for one, contact us today to help.
About the author
Yener is the founder and Managing Director of Intuitive IT. Prior to running his own business Yener worked for a number of corporate organisations where he gained invaluable experience and skills, as well as an understanding of how IT can complement and improve business outcomes.