Not a day passes without an organization being held hostage by an encryption-based ransom, or ransomware. And I’m sure the irony of these ransomware attacks are not lost on IT admins: the same tool that’s supposed to help secure your data is now used against you in a criminal endeavor. Adding insult to injury, if you didn’t establish the backup strategies that protect against ransomware beforehand, there’s no real way out – and you’d better have a bit coin account ready to pay up.
Here’s the good news: while it’s not perfect, you have a ransomware protection solution already in place; good old backup.
Yes, the unsexy backup function is becoming quite attractive when it comes to ransomware recovery. However, there are some backup best practices you must follow to ensure you can recover from a ransomware attack.
Remember, your backup server is a target too.
Leveraging backup for ransomware recovery
With an advanced backup solution, you can recover a system from scratch and minimize data loss. Of course, you’d have to get rid of the ransomware-infected systems and stop the virus from spreading first. However with regularly scheduled backups, you can significantly reduce your exposure and have the confidence you can recreate a “clean” system.
After all, this is a “logical” incident. You would do the same thing if somehow you had corrupted a system and its data; the big difference is the source of the problem.
Many customers have used our solution, Arcserve UDP, for this purpose – to successfully recover affected systems and save their businesses from succumbing to encryption extortionists.
Backup strategies that protect against ransomware
After discussions with our technical experts, we’ve developed ransomware protection best practices that will help you stay out of the headlines, and keep your business running as usual.
Protect the source machine
- Take precautions to prevent ransomware infection in the first place, such as training users to not click on links within emails, downloading attachments from unknown sources, and updating software on a timely basis.
- Perform regular backups, which may include rethinking your service level agreements to ensure critical business data is backed up more frequently.
- Follow the 3-2-1 strategy for backup: maintain three copies, one of your copies should be offline, and at least one of the copies should be offsite.
- Make sure your chosen backup solution includes virtual standby for critical systems so you can get back on your feet very quickly.
Protect backups from ransomware
If your backup server gets infected or if your backup data is on a shared network that’s accessible from an infected machine, ransomware can encrypt your backup data, as well. It sounds obvious, but it’s important to remember.
- Replicate data offsite / cloud
- Periodically, copy recovery points to offline media, such as USB disks
- Consider leveraging tape as a backup medium for critical data. Yes, tape! This oldie, but goodie comes in handy when sending periodic recovery points offline.
There is no magic bullet or perfect answer, but it’s important to remember that with an advanced backup solution, such as Arcserve UDP, you have the great tool you need to fight against ransomware.
And it starts with educating your end users and applying the backup best practices that really do protect against ransomware.