Good backup policy as cornerstone of company’s disaster recovery strategy on ransomware era

We all know data loss will cause problems for any business. Although it is still common that a great number of companies don’t have disaster recovery (DR) plan in place.

One of the main building blocks of DR strategy is to have a good backup policy. One might ask – what makes backup policy a good one? Also, how to ensure that your backups are immune to ransomware – growing threat to every organisation. There is a general trend that ransomware attacks get more targeted over time – cybercriminals are choosing their targets carefully and attacks are sharper and demands for ransom are also higher.

Good old mantra for discussion around good backup strategy is 3-2-1 rule. In a nutshell it stands for:

  • Keep at least 3 copies of data
  • Store the copies at least 2 different types of media
  • Keep at least 1 copy offsite

Keep at least 3 copies of data

More copies you have then higher chance data survives in case of disaster. In case all copies are digitally connected then probably does not help in case of ransomware – possibly all copies of data will be affected

Store the copies at least 2 different types of media

All data storing appliances fail sooner or later. By having different types of devices this risk can be drastically reduced. Usually companies are backing data up to two different storage devices locally – local drives, NAS devices etc. Tape is a good option, but rarely used nowadays. Tape is almost ransomware proof, but usage flexibility has fallen behind today’s standards in most use cases and therefore rarely an option.

Keep at least 1 copy offsite

To enhance protection even further you should have at least 1 copy offsite. Cloud backup offers modern solutions for creating and keeping offsite backups. Usually cloud storage service providers are hosting their infrastructure in secure datacenters with extra physical security, autonomous power supply systems, fire extinguishing systems etc to ensure maximum security for your offsite backup.

One thing to point out though is that cloud storage is not the same as cloud backup, but cloud storage can be used for cloud backup if there is functionality like versioning, data immutability, encryption methods for transferring data etc in place. Good cloud backup service can be an excellent option to keep your offsite copy also ransomware proof.

Good old 3-2-1 rule should be interpreted nowadays as 3-2-1-1 rule instead.

The latter “1” means that it is good to have at least one copy of data stored offsite and also offline. This ensures that in case of ransomware attack when all online copies of data will be affected with ransomware – even the same can happen to your offsite copy in the cloud.

Adding additional „1“ to the rule can be tricky in case you don’t use tape archives or external drives that are offline – how to ensure your offsite copy in the cloud will not be affected? Possibilities although exist. For example use different tools and access credentials exclusively adding data to offline copy. Limit access to offline backups only for those who have clear legitimate need. Have offline storage as part of your DR strategy.

Other elements, beyond good backup policy, are – establish a DR team and train them, test and update your plan regularly, and have good communication channels in place.

To conclude – having a good backup policy is not good enough. Businesses need a good DR strategy to be safe in the era of ransomware. More copies are better and cloud storage is generally considered a good choice for this if properly implemented. Also if you choose the right service provider like Storadera, then costwise having multiple copies of your data can be really affordable.

Storadera Space is S3 compatible cloud storage service which currently supports most of the common use cases. In case your use case is not yet supported then we catch this information from logs and add it to our development roadmap.

Take your time and test Storadera cloud storage service and you’ll be positively surprised how easy it is to set up.

Interested in Storadera Space service?Join us and start using Storadera!

Leave a Reply