In an ideal world, no hacker would ever breach your defences, and you’d happily go about your business without having to think about recovering from cyber-security events. The real world isn’t like that. 62% of businesses are attacked at least weekly, with one in ten being hit every hour or continuously1. In the game of cat-and-mouse between hackers and the organisations they target, there are no guarantees.
A New Breed of Hacker
Hackers are getting smarter. Not only are they finding new ways to access business IT environments, they are also attacking backups as well as servers, to make sure victims are taken fully down and forced to pay huge ransoms. Businesses, more dependent than ever on IT, are unable to function without their vital systems.
Aha, but what about cloud? In the past, cloud systems have been safe (and the right ones do offer some security advantages), but hackers are now starting to find ways to attack your cloud environment as well. That isn’t to say you should haul everything back on-premise, more that it is worth chatting with your IT partner about how to prepare for the worst and plan for the best.
Recovering from a Cyber-Security Event
Backup is the number one way to recover from a cyber-security event. To reduce potential damage, making for faster recovery and to limit data loss, there are five keys to successful backups:
- Ensure backups are sufficiently regular. How often will depend on your business – for some, daily is sufficient, but for those with large numbers of transactions or the most data dependent businesses, at least hourly is necessary. This can be done without disrupting your operations, but it may take a little help to establish the right process.
- Retention. Your backups should be retained for a minimum of 30 days, with some industries requiring a much longer period, giving you the chance to recover from a point before the damage was done.
- Offsite storage. There are plenty of good reasons to store backups off-site, safely away from any disasters. Your IT partner should be able to guide you through offsite options, and help you to navigate the as-a-service choices available.
- Ensure backups are full server images, not just data. This allows you to reduce restore times and minimise reconfiguration costs. The sooner you are back in business, the better.
- Test your backup and recovery routine regularly: test that you can restore and boot up servers from your backup. We’ve encountered businesses that think they have backups, only to discover too late that a device failed or a mistake was made.
Have a Cyber-Attack Plan
In the middle of a crisis is the very worst time to start making a plan. It is critical to decide exactly how you will proceed in the event of your systems being compromised, and make sure everyone knows the role they must play. Alarmingly, 75% of organisations don’t have a managed incident response plan1 – choose to be among the 25% that have a documented and tested response.
Getting your backups working efficiently is a key element of survival in the face of ever-more-sophisticated cyber-attacks, and a little time now can save a lot of heartache later. Those prepared have a good chance of weathering the storm and turning away hackers empty-handed.
Time to re-think your backup plan? Contact the TechPath experts for more tips and advice.
Related Article: Disaster Recovery Checklist: What Should be on Every Plan
1. IDC 2018, Investigation or Exasperation: The State of Security Operations, https://bitpipe.computerweekly.com/data/demandE