Companies rely on their backup files when data or infrastructure are inoperative or missing (independently from the cause) to resume the activity.
The recent pandemic has been a real "game changer" for data protection and backup strategy procedures. The acceleration of cyber-attacks, their quantity as well as their cleverness, highlights the importance of backup files, but also reveals backups their limits: from 2021, backup files are essentials but do not ensure companies to recover from disasters anymore!
Is YOUR backup strategy compromised?
Data Protection risks
Shutdowns & cyber-crime
Axa 2021 future risk report is transparent clear: backup is unavoidable tool to recover from shutdowns of essential services or critical infrastructure. The report is also unambiguous about cyber-crime menace, often leading to money and data extortion, identity theft, and paralysis or shutdown of services and infrastructures.
Backups that cannot be restored are of no use
Data recovery is at stake!
The Covid pandemic has been a real “game changer” in terms of data security and backup strategies as 43% of businesses were not able to recover data within the past 12 months in April 2021 (IDC).
Data Recovery is even more tightly embedded with cyber-security
Cyber-attacks are nowadays threatening companies on every front: surfing on the internet is no longer the main source of business infection. 94% of ransomware enter companies via emails!
Phishing emails and deceitful email attachments are how ransomware enter company networks, encrypt files, data, systems and even backup files.
Backup files are essential but not sufficient anymore. Companies must review their backup and cyber-security strategies:
Antispam MUST scan attachments and email content
Free spam filters are often insufficient: they do block well-known spams and ransomware, but sophisticated threats require adequate protection with email scans across content, links and attachments.
Ensure backup files cannot be encrypted
Backups are your safe buoy when everything else has failed. Encrypted backups could be a game-over scenario like it’s been the case for Swisswindows AG company and its 170 employees.
- Implement a 3-2-1 backup strategy to have at least one copy of backup files offsite, out of the network, and out of reach of cyber-attacks on the network,
- Isolate local backup files so only your backup software can access them,
- Test backup restorability regularly (not only backup creation or consistency, restore backup themselves to see if systems and data are there once restored),
- Monitor efficiently backups and backup strategies,
- Have a written Disaster Recovery Plan (use our free DRP template)
Want more details on how to protect backup files against ransomware? Download our free 8 tips.
You don't have it yet implemented? You may want to read this now: this is a true story of one of our clients!
Only backup safe / clean data
Backups are your contingency plan should anything else have failed. That’s why you must need to be able to rely on them 100% to restore files, data, systems in case of a disaster.
Cyber-criminals use more and more time-bombed ransomware that are entering a network and “sleeps” there for a while, not attacking anything, being quiet and hiding so no one can see it or worry for it. It suddenly “wakes-up” to attack your network and company’s data.
The real problem is when a backup retention policy automatically deletes backups older than x weeks and when the dormant ransomware has been on the network for more than x weeks, as you would be restoring an already-infected system!
That’s why it is important to make sure systems are clear from ransomware and cyber-threats.
How to prevent ransomware from entering your company
Block possible threats at the source is better than trying to patch damages.
Take preventing measures against ransomware doesn’t have to be expensive!
1.50 euros per mailbox, you can:
- Stop cyber-attacks before they enter your mail server (on-premises or in the Cloud)
- Filter all email subjects, attachments, URL, content, reputation, zero-day risks and protect from possible human mistakes
- Dramatically reduce spam and increase productivity.
- Prevent data kidnap and ransom request.
Our email security service uses 5 well-known multi-layer engines and guarantees the best email security you have never seen.