Ransomware-resilient backup from Mimecast
Backups are a critical line ofdefense against ransomware attacks, but hard drives andexternal storagecan be clunky and inconvenient. Cloud-based backups, while more efficient, can be a target for cybercriminals, too, if not properly secured.
Solutions likeMimecast’s cloud backup and recovery for emailhelpto protect backups from ransomware andallowyour organization to recover quickly without massive data loss or disruptions to business.
Ransomware backup best practices
Before we explorewaysto protect backups from ransomware,it’sworth taking a moment to discussbest practices for creating backups in the first place.
- Focus on the end goal:The ultimate purpose of a backup is to use it to effectively restore business operations without significant data loss. Consider the end goal as you begin creating a ransomware backup strategy.
Once youdeterminewhatcritical business operationsyou’llneed to restore in the event of an attack, you can begin to build a backup process to make it possible.
- Backup likeyou’llbe attacked:According toMimecast’s State of Email Securityreport, 75% of businesses suffered a ransomware attack last year. Those businesses experienced an average of six days of downtime. Ransomware attacks are no longer an “if” but a “when.”
Preparation iscritical, andchoosing the right partner to back up your email data puts you one step ahead of cybercriminals.Plus, properly stored and encrypted cloud-based backups are more difficult for cybercriminals to find and breach.
- Create a multi-pronged approach to fend off ransomware attacks:Backups are a great step in protecting your organization from ransomware. Butit’snot going to solve the problem alone.
It’scritical to look at more preventive approaches to combat ransomware, like software thatscans incoming emails for malicious attachmentsorSecurity Awareness Trainingto get employees involved in keeping your organization safe. Even more critically, having a cybersecurity ecosystem of partnerships designed to deliver end-to-end ransomware protection decreases the likelihood of its ability to move through your environment.
In the event of a successful breach,implementation of these backup best practicesgives your companya betterchance for a low-impactransomwareevent with a speedy, full recovery.
Ransomware backup strategies
Here are eight ways to protect your organization’s backup data from ransomware attacks.
1. Develop a disaster recovery plan
Disaster recovery plans (DRP) are process documents that outline how a business responds to anything that could negativelyimpactsystems and regular business operations. Weather events, human error, hardware failure, and cybercrimes like ransomware are all instances where a company needs to fall back to its DRP to restore systems.
A well-crafted disaster recovery plan includes a plan for protecting backups from ransomware. It addresses questions like:
- What data will the organization back up?Organizations create tons of data, and it would be virtually impossible to back up every system 100%.That’swhyit’simportant to assess what the business most needs. For many organizations, email proves to be one of the most critical data points thatneedto be quickly restored and should take priority when considering what to back up.
- Howfrequentlywill data be backed up?Choosing a backup interval enables you to understand your maximum potential data loss. If you back up once per day, your maximum loss would be 24 hours of company data. A shorter backup interval could cut down data loss dramatically to only a few hours.Mimecast offerscloud backup and recovery solutionsfor email that automatically syncs up to six times per day.
- Where will data be stored?Traditionally, backups were stored in hard drives on-premises.This has the major advantage of storing data completely offline, making it completely inaccessible tocybercriminals.
But as organizations move to remote work and expand to more office locations, cloud-based storage becomes much more convenient.
Today’s cloud-based storage solutions make it possible to storelarge amountsof data completely off-site or take a hybrid approach to data storage,leveragingelements of cloud andon-premisestorage, all while keeping data protected from ransomware attacks.
- How will the data be secured?Based on the sensitivity of the data being stored, it should be backed up with comparable security controls. For example, datacontainingprotected health information (PHI)needsto becompliant with regulatory agencies such asHIPAAorGDPR.
- Howfrequentlywill the organization test backups?The disaster recovery plan should outline an interval in which the company will test backups. Annual tests are common for companies, with other tests happening ad hoc if there are major changes to the company hardware or software solutions.
2. Keep at least one backup offsite or offline
Aside fromactually implementingbackups, the most important aspect of protecting backups from ransomware is making sure theycan’tbe breached. Keeping a backup offline or physically offsite is one of the best ways to ensurethere’sno way ransomware can touch them.
3. Store backups in multiple locations
Whether you use physical locations or cloud-based data centers,it’scritical to keep data in more than one place. Redundancy is a corecomponentof disaster recovery as it ensures system reliability through duplication. Keeping backup data in multiple locations means even if ransomware corrupts one backup, the company has others to fall back on.
4. Choose a reasonable backup interval
The right frequency to backup data is “as frequently as possible within reason.” Of course, it depends on your storagecapacity, the systems you have in place to create backups, and the amount of data your organization generates.
Ifyou’rea small business with a few employees,maybe youcan afford to backup once per day. Large enterprises with thousands of employees may find more frequent backups better support the business continuity goals.
5. Regularly perform software updates
Ransomware looks to exploit vulnerabilities in your system, and few things make systems easier to exploit thanfailing to performregular software updates. Since the data you backup needs to be the cleanest and most recent available,it’scritical that all systems are regularly backed up and kept on the most up-to-date version.
Otherwise, restoring data fromprevioussystem versions could causeanimport to fail.
6. Educate employees on backup protocol
Backups happen on individual employee machines, your organization’s email system, and your broader infrastructure. Unless your organization has automatic cloud backups for employee information,it’simportant to educate employees on the importance of backing up their data using a physical drive or cloud-based solution.
Training courses, likeMimecast’s Security Awareness Training, can educate employees on the importance of backup dataandhow to do their part to prevent ransomware attacks from happening.
7. Limit employee access to backups
It’ssmart to restrict access to backups to a few individuals or one system account. Fewer people with access to the credentials means less opportunity for human error in compromising the password.
8. Test backups
Simply backing up your data is great, but it means absolutely nothing until a team can use that backup to restore system access. The ideal situation would be to automate your system recovery. That means putting the necessary code in place to push a button and automatically retrieve and restore the latest data.
If your teamdoesn’thave thecapacityto perform regular tests, you can always outsource backups to a vendor like Mimecast. They can work with you to keep backups safe from ransomware and enable fast recovery of email mailboxes, contact lists, calendars, and personal foldersin the event ofan attack.
Keeping backups protected from ransomware
Data loss following a ransomware attack can have significant financial and operational impacts on a company. Reducing the time to recovery iscritical, andpartnering with a software solution like Mimecast enables your company to recover fully, faster.
Check outMimecast’s email backup and recovery solutionsto learn more about how you can protect your organization’s backups from ransomware.
Enterprise ransomware protection for businesses
The best enterprise ransomware protections for enterprises can adapt to meet challenges unique to large organizations. Mimecast specializes in meeting these challenges for enterprises, and keeping you informed on the latest ransomware threats and how to protect against them. With that in mind, we offer fully customizable solutions for your organization, schedule anemail security demoto see how Mimecast can integrate with your organization.
