Only Using Onsite Backups? Reconsider your Disaster Recovery Plan
Despite the lack of news coverage until recently, ransomware is still well and truly alive in 2020.
In fact, Toll Australia recently fell victim to the Mailto Ransomware Attack. Being a huge company with 44,000+ employees, this breach provides a hard lesson for all of us about data protection and network security.
Although what happened is an absolute shame, it shows that despite investing heavily in IT security, you can still fall victim to online attacks, whether due to human error (such as in social engineering and phishing) or by unknown Zero-day attacks;
see our ransomware explainer article for more info on zero-day attacks and how they have been used by other ransomware, most notably, WannaCry.
What’s the best way to protect ourselves and ensure business continuity?
In my mind, it’s simple. Invest in a proper backup regime (incorporating onsite and offsite backups) and a disaster recovery plan.
After all, as the old saying goes, the best offence is a good defence and in IT what defence is better than having multiple, separated copies of all your documents and data?
What are onsite backups?
Onsite backups are the simplest aspect of any disaster recovery plan and it’s likely that you already have this set up in your business.
Onsite backups are perfect for ensuring that a single failed computer doesn’t wipe out years of records and important documents or ensuring that a file isn’t accidentally deleted.
In addition, onsite backups are often cheaper and easier to implement than an offsite backup and come with the key benefit of you physically storing your data, rather than trusting a 3rd party to do so and, when backups are needed, data can be quickly transferred over your local network. However, onsite backups alone are not a be-all and end-all solution. They do have their limitations.
Due to onsite backups being connected to your network and constantly updating whenever a file is changed/updated they are, unknowingly, the perfect target for ransomware. Most ransomware is designed to spread over networks from machine to machine to backups and, once they get it, (depending on the attack) it can be near-impossible to recover data.
On top of the cyber-security risks, onsite backups also don’t protect against physical threats, such as burglary or natural disasters. As your data is stored in a single location on your premises, if a fire occurs, or natural disaster, or burglary, not only do you lose all your hardware, but also all your data.
So, how do you protect yourself from this?
With offsite (aka off-premises) backups.
What are offsite backups?
Offsite backups essentially work the same as on-premises backups. However, instead of hosting the data on your premises, which is connected to your network, all data is uploaded to remote servers via the internet at predefined intervals (often daily or weekly).
Offsite backups are rapidly becoming a highly used element for business continuity and IT infrastructure plan.
The initial hesitations many had for offsite backups were primarily due to security and privacy issues. I.e., if we back up our data to the cloud, someone can infiltrate it, or we could get locked out of our account.
But, as the data is not stored within your network, data breaches and ransomware attacks are often entirely negated, especially if more than a single backup is retained, as is common with most offsite backup services.
Now, it must be said that most of the time you do not own the servers used for these backups, rather 3rd parties (such as Amazon, Google, and Microsoft) own and manage them. However, if you are worried about privacy and security, don’t be. All offsite backup providers have teams of technicians focusing entirely on security and encrypt your data so that not even they know what’s on their servers.
In addition, if you have an incredibly large amount of data to be stored or want that extra layer of security and control, it is possible to use your own servers located in a large data centre. After all, the only thing that matters with offsite backups is that they are located off-premises, providing you with physical and geographical security.
The best security measure: A hybrid approach
Although it might appear that we love offsite backups and rave about their benefits (which is true, we think they’re fantastic) they have limitations. So, despite the fact that every business is different and unique in their requirements, our recommendation is to always adopt a hybrid approach to backups.
A hybrid backup plan consists of having an onsite and offsite backup strategy implemented.
Onsite for managing most day-to-day tasks and just providing a second (or third, or fourth) copy of all data and offsite for recovering data in case of huge disasters, such as cyber-attack or natural disaster.
Although it may not be cheap to implement both onsite and offsite backups, it is worth the investment. After all, think of it as an insurance policy. You really don’t want to have it, but you know that when you have to use it, it will quite literally save your business.
Kon Katsieris - Group Vendor Partnership Manager
As the Group Vendor Manager at the Netway Networks, Kon’s role is to understand the specific needs of Netway’s client base and deliver innovative solutions to ensure client satisfaction, business efficiency, and growth is achieved.
Kon has been working with the PNORS Technology Group for over 25 years and played a significant role in the growth of the company due to his passion for discovering and implementing emerging and innovative tech while taking pride in helping his clients grow their business through digital transformation.
Join our Mailing List today
Our IT insights are yours.
Join our mailing list today and receive free IT insights straight into your inbox.