How to Protect Your Backups From Ransomware Now

AUGUST 10TH, 2022

You’re likely already doing everything you can to protect your organization’s data from all the cyber threats out there. But ransomware is the threat that’s undoubtedly making most of the headlines. And it’s one of the costliest threats we see, with the FBI’s Internet Crime Complaint Center (IC3) having 3,729 complaints identified as ransomware in 2021 with adjusted losses of nearly $50 million. Another report found a 13 percent increase in ransomware attacks over the year the report covers. That increase equals the growth in attacks seen over the last five years combined.

Most companies—73 percent, according to the Sophos State of Ransomware 2022 report—rely on their backups as their primary defense against ransomware. But backups aren’t always safe from attacks. CSO Online recently reported how Conti ransomware encrypts files and deletes backups. So just taking regular backups isn’t enough.

The 3-2-1-1 Rule: Protect Your Backups From Ransomware With Immutability

You can expect a unanimous “yes” when you ask anyone in IT if backups are essential. But how you back up your data is crucial if your efforts will be of any use. That’s why we firmly recommend that you employ a 3-2-1-1 backup strategy. The strategy is simple:

  • Keep three copies of your data (one primary and two backups)
  • Store two copies locally on two formats (network-attached storage, tape, or local drive)
  • Store one copy offsite in the cloud or secure storage
  • Ensure one copy is immutable

Immutable storage is a write-once, read-many-times format that can’t be altered or deleted, even if a ransomware attack successfully gets to your backups. Arcserve OneXafe’s file system is based on an immutable object store, delivering that extra level of protection. Any modification to the file system always results in the creation of new objects, with OneXafe continuous data protection taking low-overhead snapshots every 90 seconds, capturing a view of the file system at the instant the snapshot is taken.

Because the underlying objects are immutable and can’t be changed, the snapshots inherit this immutability, rendering ransomware ineffective at destroying your backups. And you can go back to any snapshot at any specific point in time and recover your entire file system in minutes.

Air-Gapping and Tape Backup Software: No Path In, No Damage Done

We recently posted about how air-gap cyber security technologies help stop ransomware attacks. Put simply, air-gapping means physically disconnecting your backups from all your systems. While an air-gap strategy may take a bit of IT time and effort, it is a highly effective means of ensuring access to your backups is controlled and online access is impossible.

Tape backup is a tried and true strategy for air-gapped backups because you simply remove and store each tape cartridge securely offline on a predetermined schedule. Arcserve Tape Backup software lets you leverage the benefits of tape with a modern approach that includes a centralized management and storage resource manager (SRM) and the ability to monitor the status of all backup activities.

Arcserve Tape Backup lets you incorporate sophisticated functionality into your VMware, Microsoft Hyper-V, and Citrix XenServer platforms, too. You even get smart restore capabilities that let you redirect restore jobs to other media containing the same data without manual intervention and quickly restore individual application objects from Active Directory, Microsoft Exchange, Microsoft SQL Server, and Microsoft SharePoint. And you can count on faster, more efficient backups and restores with UNIX and Linux data movers for SAN-based backups.

Understand Your Options

Talk to an expert Arcserve technology partner for help putting solutions in place that protect your backups from ransomware—and all the other threats you face. To learn more about Arcserve data protection, backup, and disaster recovery solutions, check out our free product demos.

You May Also Like