Ever since floppy disks, the need for businesses to back up data has been a necessity and continues to grow in its complexity. Harboring assumptions that your data and your backups are safe is dangerous and potentially damaging.
Data loss happens for a few reasons: Viruses, hard drive crashes, theft, and Ransomware among others. Most people using any type of technology have experienced data loss at least once.
Every week there are about 140,000 hard drive crashes in the US – averaging out at 20,000 per day. Every five years, 20% of Small and Mid-size Businesses (SMBs) suffer data loss due to a major disaster. This has helped to fuel a robust cloud backup market that continues to grow.
The problem there stems from another mistaken assumption: That your data backups are automatically protected once they’re in the cloud. They are NOT.
But one thing that continues to evolve and change in regard to data backup is Cybersecurity. Simply backing up data to avoid losing it is just not enough anymore. Backing up has morphed into data protection.
What is the meaning of data protection?
It means that backups need more Cybersecurity protection than what is typically in play with the main network. They face threats such as sleeper ransomware and supply chain attacks. Cloud-based backup has the benefit of being convenient, accessible, and effective. But there is also a need for certain security considerations with an online service.
None of the major cloud providers like Microsoft Azure, Google Cloud Platform (GCP), or Amazon Web Services (AWS) guarantee that your data is protected against data breach – that is up to you and whatever IT services you use.
Companies need to consider data protection when planning a Backup and Disaster Recovery strategy. The tools you use need to protect against an ever-growing number of threats.
Modern threats to data backups include:
Data Center Mishap: The cloud is just a data center filled with servers that house your data. Those servers are internet accessible and can be hacked. They can also crash. Data centers holding the servers can have outages and are not immune to floods, fires and earthquakes.
Sleeper Ransomware: Unlike ‘standard’ Ransomware which locks up your system as soon as it’s let in, this strain is crafty. It stays silent and waits for a predetermined cue after infecting a device. It uses that time to snake through the system and infect all your backups. Once activated, the victim doesn’t have a clean backup to restore – unless the victim has good IT Support which has set up backups unconnected to the operating network.
Supply Chain Attacks: We’ve been hearing a lot about the supply chain in the last couple of years and attacks on aspects of the supply chain for the IT services industry have been growing. They include attacks on cloud vendors that companies use. Once those vendors suffer a cyberattack it can easily be spread to their clients.
Misconfiguration: Misconfiguration (click the link to learn more) of security settings is a very real problem. It can allow attackers to gain access to cloud storage. Those attackers can then download and delete files as they like.
What should I look for in a backup solution?
You need to make sure the application you use provides adequate data protection. Here are some of the things to look for when reviewing a backup solution:
Ransomware Prevention
The methodology of Ransomware is to spread throughout a network to infect any data that exists. This includes data on computers, servers, and mobile devices. It also includes data in cloud platforms syncing with those devices. 95% of ransomware attacks also try to infect data backup systems.
It’s important that any data backup solution you use must have protection from ransomware. This type of feature restricts automated file changes that can happen to documents.
A reliable backup system should be unconnected to the main network. One relatively inexpensive solution is a solid state external hard drive.
Continuous Data Protection
This differs from systems that back up on a schedule, such as once per day. Continuous data protection will back up files as users make changes.
It mitigates data loss that can occur if a system crashes before the next backup. With the speed of data generation these days, losing a day’s or even a few hours’ worth of data can be very costly.
Threat Identification
Data protection incorporates proactive measures to protect files. Look for threat identification functions - a type of malware and virus prevention tool, in a backup service.
It seeks out and identifies malware in new and existing backups. This helps stop sleeper ransomware and similar malware from infecting all backups.
Zero-Trust Tactics
Zero-trust security measures are a necessity for any bona-fide Cybersecurity professional. This includes measures such as multi-factor authentication and application ‘safelisting’. The zero-trust approach requires that all users and applications need ongoing authentication.
Some of the zero-trust features to look for include:
Multi-factor authentication
Distinct file and folder permissions
Contextual authentication
Verification of permissions for file changes
Redundancy
If you back up to a USB drive or CD, you have one copy of those files. If something happens to that copy, you could experience data loss. You should have at least 3 copies of your data – as in the 3-2-1 strategy: 2 local copies on different devices and 1 copy off-site.
Cloud backup providers should have backup redundancy in place. This means that the server holding your data mirrors that data to another server (cloud to cloud). This prevents data loss in the case of a server crash, natural disaster, or cyberattack.
Air Gapping for More Sensitive Data
Air gapping is a system that keeps a copy of your data offline or separated in another way. This would entail making a second backup copy of your data, then putting it on another server which is unconnected from external sources (internet).
If you deal with highly sensitive data, this is a feature that you would be wise to look into. It helps to ensure that you have at least one other copy of your backup. A copy walled off from common internet-based attacks.
Frequently Asked Questions
Q: Are external hard drives good for backup?
A:
They have their pros and cons:
Pros
Internet Access Unnecessary
Hard drives don’t require Internet access. You can connect it to your computer and access the backup at any point in time. External hard drive speeds up the overall backup process, as you don’t need to be online to back up or access files. This data backup strategy can come in handy when you want to access a few files from backup.
Low Cost
Hard drives are comparatively less pricey than other backup mediums. 2TB external hard disk costs you around $60. Small organizations can save their backups on external HDDs with minimal costs.
Data is Safer
An unconnected hard drive is not exposed to hackers. The hard drive is only vulnerable to attacks when it is connected to a computer.
Compatibility
External hard disk drives are compatible with most operating systems: macOS, Windows, Linux PCs, etc.
Unlimited Write Cycles
You can rewrite the hard drive as many times as you want.
Cons
Can fail because of a hardware issue
Needs to be connected to a computer for use
Can be lost, stolen, or misplaced by anyone
Transporting the hard drive from one place to another can be a tedious task
Backup needs to be maintained manually (if not configured to do this automatically)
Q: What backups are necessary?
A: Ideally, you should have these three:
Q: How do I protect my cloud data from hackers?
A: 1) Back up your data locally – in a solid state external hard drive and a NAS or SAN unit not connected to your main network – so you maintain control of your data that hackers cannot get to. You may want to go the extra mile and secure your most sensitive data locally, rather than in the cloud.
2) Use a cloud service that automatically encrypts your data, and make sure it is set up to do so.
Q: What is the best backup for Office 365?
A: According to afi.di, a Georgia company that specializes in digital data protection, the best is actually one of the software platforms we use here at IT Support LA. They ranked the top 9 providers based on a number of factors from performance and reliability to cost and the #1 backup software was Veeam.
How secure is your network?
As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.
The best defense is the best Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.
With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Need Help With Secure Backup & Data Protection Solutions?
Have you updated your backup process for today’s threats? Give us a call today to schedule a chat about data backup and protection.
IT Support LA is an award-winning Managed Services Provider (MSP):
o 3 Years awarded Best IT by the Small Business Expo
o Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o Awarded Best IT in California by Channel Futures
o Winner of Best IT Support in Los Angeles 2021 by Channel Futures
o Listed as one of the world’s Top 501 Managed Services Providers by CRN and in the top 250 in the ‘Pioneer’ listing
o 4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o Named Best of IT Services winner for 2021 by UpCity
o Winner of Local Excellence Award for 2021, 2022 and 2023 by UpCity
o Named Best of Cloud Consulting winner for 2021 by UpCity
o Certified as Top MSP and Cybersecurity Pro for 2021 by UpCity
o Named Best IT Support in Los Angeles for 2021 by Expertise.com.
For more information, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at:
818-805-0909