If ransomware infiltrates your data center, your backups are your best chance to restore uncorrupted data. That ability disappears if the ransomware has managed to encrypt the backup media or if the backup process isn’t effective. How can a business ensure its backups will allow it to recover from ransomware? The three keys are to start with a backup strategy; make sure the backup process works; and protect backups from ransomware and other malware.
1. Have a backup strategy.
Businesses should have a strategy for their backup process. Businesses need to ensure that all critical data is backed up, and that systems are backed up frequently enough to minimize the impact of data loss if restoring files is necessary; this requires doing detailed analysis of each workload to establish recovery time objectives and recovery point objectives. Most strategies should include backing up entire virtual machines as well as files.
2. Verify the backup process works.
The backup process should be monitored, with alerts to operations staff in case of failures. However, verifying the process means more than checking the exit code after the nightly job run. Verifying the process means also testing the restore process to confirm that the necessary data was saved and can be loaded back into systems. This testing can be part of the business’ disaster recovery test. Veritas NetBackup with APTARE Analytics can discover hosts that aren’t being backed up
3. Protect backups from infection.
If the backups are corrupted, they aren’t usable for recovery. There are several different ways to ensure that backups can’t be attacked by ransomware:
Use immutable storage.
This ensures that even if ransomware is able to access the backup media, it can’t corrupt the files.
Isolate backup media.
The 3-2-1 backup rule, which requires keeping a copy of the backup offsite, helps, but isn’t enough. That’s because cloud storage, often used as the offsite storage location, can itself be targeted by ransomware. Instead, backup devices should be unmounted except when the backup process is running. This ensures they can’t be accessed and corrupted by the malware.
Limit access to backups.
Strong identity and access management controls, along with keeping up with patches and maintenance, ensure that only authorized users are able to access backup systems.
VAST IT Services offers managed backup services and disaster recovery services to protect business systems from ransomware and other threats. Contact us to learn how you can ensure your backup solution is keeping your business safe from ransomware.
