Story image

Three effective strategies for protecting your backups from ransomware

25 Jun 2018

Article by Altaro technical evangelist Andy Syrewicze

According to a 2018 Ponemon Institute study, the occurrence of ransomware attacks is projected to continue increasing over the next three years.

Are you prepared?

How do you prepare yourself for increasing amounts of ransomware?

Being the attack vector for ransomware is often the human aspect of any organisation.

It’s not really a matter of if you’ll be infected by ransomware, but when.

With that in mind, what are you left with in the event of an attack? Backups.

Backups are your ace-in-the-hole for any ransomware attack.

It doesn’t matter how bad you’re infected.

If you’re able to successfully recover data from an untainted backup, you’ll win the ransomware game every time.

Sadly, it’s not enough to just have backups running.

You must have them running in a way that hardens them from ransomware as well.

Here are the three key things you should be doing with your data protection strategy to make sure your backups are there when you need them most. 

Compartmentalised backup storage

In the days of tape storage, you didn’t really need to worry about this.

Tapes not actively being written to are on a shelf somewhere and “offline”.

There was no way for malicious software to tamper with them.

With disk-based backup storage, it takes more effort to protect it.

A key piece of advice I always give customers concerned about ransomware is to make sure they are utilising compartmentalised backup storage.

This means that the location hosting the backup storage should be as separated as possible from the production network.

The easiest way of doing this is through offsite backups.

Offsite locations are often on different network segments, making them unreachable by malicious software from the production site.

Follow just enough access (JEA) best practices

The idea of JEA is that any/all user accounts are only configured with the exact permissions needed to perform their function.

When it comes to backups, this really boils down to 2 things.

  1. The backup storage (Local and Offsite) should only be accessible by a single service account in Active Directory
  2. Said service account should only be used for backup operations and the storage of backups, nothing else.

Regular penetration testing

Sure, maybe your backups are secure today, but what happens 6 months down the road?

Infrastructure and security can change a lot in 6 months.

If you don’t have a tight change control process, the hardened system you had in place at one point in time can become another method for being victimised.

To prevent this from happening, practise regular penetration testing for your backup processes, both technical and social.

This will help ensure that the hard work you put into your backup solution doesn’t go to waste down the road.

Wrap-up

Are you in need of a backup solution to help you with your backup strategy?

Altaro VM Backup can assist you with many of the concepts mentioned here.

Download Altaro VM Backup for free to back up unlimited VMs for 30 days, then enjoy forever free backup for 2 VMs.

Protecting data centres from fire – your options
Chubb's Pierre Thorne discusses the countless potential implications of a data centre outage, and how to avoid them.
Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
365 Data Centers secures additional funding for expansion
The company asserts the financing commitments come as it looks to invest in further substantial internal and external growth.
HPE launches 'right mix' hybrid cloud assessment tool
HPE has launched an ‘industry-first assessment software’ to help businesses work out the right mix of hybrid cloud for their needs.
ADLINK and Charles announce multi-access pole-mounted edge AI solution
The new solution is a compact low profile pole or wall mountable unit based on an integration of ADLINK’s latest AI Edge Server MECS-7210 and Charles’ SC102 Micro Edge Enclosure.