Backups of your company’s data will protect it from a ransomware attack, right? Maybe not. Recently the UK’s National Cyber Security Centre (NCSC) updated its regulations on what companies need to do after they suffer a ransomware attack. The guidelines were updated following incidents of ransomware attacks in which the company backups and encrypted data which were connected to the company server left it vulnerable to the attack.
It’s a best practice to keep a backup copy of all the company’s vital data in an offsite location AND in more than one form. Multiple and offsite location storage will help your company get back in business following a ransomware attack. Additionally, if the company data and/or server have been infected with ransomware or malware and it’s captured and encrypted by the hacker, the data – no matter how well backed up – will render it unusable.
Will Company Data Backups Protect You
Your company’s ability to recover from a ransomware attack is only as good as its ability to access the data that is not infected with ransomware.
The NCSC’s new regulations emphasize offline and offsite backups of data as one of the best defenses against ransomware. This offsite and offline data backups can also help assure it remains free of ransomware. Online backup of data can be encrypted and held for ransom along with the live site and data.
The best way to mitigate and recover from a ransomware attack is to ensure company data is backuped offsite and offline. Even using cloud-sync services such as OneDrive, Dropbox, Google Drive or any of the others may be used as a backup but not as your company’s ONLY backup. If the data is backed up to an external drive or a USB device, if those devices are connected to the network, they can also be compromised in a ransomware attack.
To best way protect company data is to follow the 3-2-1 rule (three backups, two forms, one offsite)
Having data backups protocols in place is a start, testing those protocols, procedures and systems are necessary. You need to ascertain if your company suffers a ransomware attack that your data has been backed up and that you can recover quickly — the systems need to be tested. If you’re not certain whether your company could survive following a ransomware attack (and many don’t!) you need to be proactive and continually testing.
WareGeeks Solutions is a Roselle, New Jersey-based full-service IT solutions and service provider of cybersecurity, managed IT services and data backups protection. Our team specializes in Data Protection, specifically Business Continuity and Disaster Recovery (BCDR). We work with medium and large companies, with a focus on law firms and the healthcare industry.
WareGeeks Solutions help organizations transform technology, operations and service delivery to meet business challenges. We first seek to understand your business needs and then apply our in-depth knowledge of Data Protection, Business Continuity and Disaster Recovery (BCDR), Cyber Security whether in the cloud or your data backups center environments to drafting a roadmap for transformation.