Ransomware attacks are a global problem. Attacks have doubled over the past year and are causing trillions of dollars in damage.
There are technologies available to try and prevent an attack like anti-virus, patch management, endpoint security, network monitoring and multi-factor authentication, but even with all these tools, attackers find ways to get to your data.
Data backups are your last line of defense but attackers know this too and are now including your backups in their attack plan. This means you need a hardened backup and recovery solution, one that protects itself as well as your backup data.
Here are the top 5 ransomware protection and recovery features to look for in your backup and recovery solution:
- Abstracted backup storage. The storage where your backup data sits should present a layer or barrier against intrusion. Utilization of non-published protocols and separate connection authentication are highly desirable.
- Alternate operating systems. Consider having your backup server and storage system running on different operating systems from your production systems. This provides another layer forcing an attacker to change, slowing down progress and providing time for you to react.
- Immutable backup data. It used to be a straight forward thing to make your backup data immutable, just by clicking the ‘write protect’ tab on a tape. Now though, with the demands of exponential data growth, faster disk-based systems have become the norm for backup. However, they bring the innate ability to be ‘always-on’ which means they are more exposed. Ensuring that your backup data on disk can be stored in an immutable way helps fight against ransomware attackers and ensures you can recover your data and applications.
- Recycle Bin. We all know what a recycle bin is, deleted items get moved there in case you need them or you made a mistake. Adding a recycle bin to your backup storage seems like an obvious thing, however if you make that recycle bin immutable, with only the option to recover data, you have another safety net to fall back on after an attack.
- Fast recovery. Solutions that offer fast data recovery sometimes can only do that if the backup data is in its original format, i.e., not encrypted or deduplicated. Both encryption and deduplication are important for ransomware protection so there should be no compromise of backup data storage to enable instant recovery. Compromising on this can expose data and provides the potential for a data content extorsion based ransom. Having the ability to recover instantly without compromise is a ‘must have’ option.