Strong and resilient backups are the most important piece of protecting your business. Cybersecurity is an ever-evolving arms race. Antivirus, spam filtering, and firewall vendors are all constantly plugging holes and vulnerabilities only for malicious actors to abandon their old tricks and find new ones. No matter how elaborate your security mechanisms are, they will never truly be 100% effective forever; there will always be some small risk. Whether that’s a brand-new exploit or users being tricked, malware and scammers will always try to find a way in. Those protective measures also won’t do much good against natural disasters or hardware failure, either.
No matter how impressive the bullet points are on the vendor’s site or how frequent the backups are, your backups are only as good as your restores. Your backup software may be taking backups every hour according to the dashboard, but when you go to restore the entire server or virtualize a backup, you may find out that something is mangled within those backups or something is preventing the software from loading them up. If you’re in the middle of a major crisis, the last thing you want is another crisis that makes the original one even worse!
Testing your backup software and its restoration capabilities should be a core piece of your backup maintenance so you can find a potential problem before it’s a life or death situation. Some backup solutions can automate this process. Datto—for example—tries to virtually boot each server’s backup frequently, takes a screenshot, and sends a message to administrators if it doesn’t make it to a Windows login screen. Even then, it’s important to manually verify this from time to time, just to be safe.
Frequent testing can also reveal some other less catastrophic, but still important, issues with your backups and restores. Just because your backup solution was lightning fast when you switched to it five years ago doesn’t mean it still is today. When you chose your system then, it might have been able to restore any type of server available at the time to any hardware in a matter of minutes, but now you might be waiting hours in addition to scrambling to find compatible hardware. Technology changes, but sometimes software and vendors don’t. At Bennett/Porter, we aim to stay on top of the changing options/features for everything we do, which means we’ve switched backup providers a few times to ensure we have the best solution available.
The other key component to a good backup (and restore!) system is how many backups you have. One of the most common data threats most businesses will face is a ransomware infection that encrypts all of their files. If you have a nightly backup that overwrites itself with each backup, or some of the cheaper “cloud backup” options that only have the most recent version of your data, you’re leaving yourself at risk. The ransomware could strike at the end of the day and start encrypting files in the background without you knowing, then when the backup takes at midnight, it replaces your one good backup with encrypted and corrupted files. The backup vendor’s support may have to fish old versions out of their own backups, but that might be hours on the phone with them to get the restore process even started! This is just one of the reasons a backup platform that has “versioning” to keep multiple versions of each file over the past days, weeks, or months is incredibly important.
Even if you do have multiple copies of your backup and multiple versions of your files, that may still not be enough! If your backups are on a server and/or on the main network in your office, many modern ransomware variants can encrypt and corrupt your backups even if they’re already encrypted and password protected. You can have the most robust backups in the world, but if they’re in a single location, you’re still incredibly vulnerable. One of the simplest backup strategies is the “3-2-1 Rule”. This means three copies of the data, split across two different media/locations, with at least one copy kept off-site. There are more complex and protective strategies than this now, but the core message is still key: You need to have multiple copies of your data and you need to have at least one of those copies kept off-site and isolated from everything else. This protects you from network encrypting malware as well as natural disasters.
Not sure where your current backup solution stacks up with these suggestions? Contact us! We can help you understand what your current backup system can do or where it may fall short, and what a more robust solution can do to help keep your company safe if the worst happens.