Ransomware is back in the news, with multiple attacks on cities, schools and smaller municipalities. But while you’re hearing about publicly funded entities being shut down, private firms and organizations also getting hit.
You may not hear about them, but we do. Private businesses generally aren’t keen to publicly talk about a data breach or ransomware attack.
But organizations prepared for a ransomware attack will experience less damage and less recovery costs. A key element in your ransomware recovery plan: Back up your data.
How you do this is critical.
You should be backing up your data at least once a day. Frequency is driven by how long it would take to reconstruct lost records, documents and software to continue operating.
You should also review periodically what’s getting backed up to ensure newer important documents and data are included.
The review also should check to ensure recent software or operating system updates aren’t causing incomplete or failed backups. They can, sometimes.
Third, use high quality drives with redundant power sources for your local backup. Cutting corners with cheap or aging equipment could introduce errors if the gear is misconfigured or wears out.
Fourth, also back up to two offsite locations. Preparing for ransomware is also great preparation for a fire, flood or other building failure.
At least one offsite backup should not be connected to your system. This prevents the attacker from locking up all your backup copies, which they try to do. They want you to pay, not stiff them with a backup.
Finally, data backup should be assigned to someone who understands the technical issues behind a failed backup, and who knows how to make sure updates and patches haven’t garbled your backup. If being an IT geek is not your preferred line of work, get help with cyber security issues.
We work with many companies ensuring they have secure and compliant backup systems for their data. If something happens, they can keep operating.
A robust data backup system is worth it. Recovery from ransomware attacks can run into the millions of dollars in cost – and can open the door for competitors to steal your clients. Further, having a solid backup plan could save you a third of the cost of recovery.
Finally, a robust backup system could be better than hoping your insurance covers the ransomware payment. It’s faster, it won’t increase your premium – and you will actually recover your systems.
Hackers don’t adhere to a code of ethics when they make promises to restore your data after getting paid. And who wants to send hundreds of thousands of dollars to a crook who will be mark you as willing to pay and try again in the future?
Don’t encourage them – be prepared!