4 ways to disaster-proof your data backups
Disaster can strike at any time and one of tme many casualties is your business critical data.
Whether it is an act of God, like hurricanes or wild fires, or man made, you can protect your business from loss of data. Twenty five percent of businesses never reopen after disaster strikes, according to the U.S. Small Business Administration
. You can protect your critical data from disaster by having at least two backup plans.
Storing your data backups at one or more off-site locations is the best way to ensure that a copy of your data will survive a disaster. One way to do this is by using cloud services; uploading your data to a cloud backup provider. When selecting a cloud provider, you need to consider their track record.
There are other considerations when choosing cloud backups. You should always encrypt your data before trusting it to a provider for safekeeping. If you have very large files, you will have to take your internet bandwidth into account. This will effect the time it takes for both sending and retrieving data. Some providers will ship your backups on physical media if your backups take too long to download, ask your provider if the offer this service.
If your internet speed is too slow or you have trouble handing over your precious data to someone else, you can consider using removable backups: external hard drives, tapes or even optical media ( if your data isn't too large ). Their portability makes it easy to move to a different location. You can take the backups home or have it couriered to a safer location.
External hard drives are inexpensive, can store TB's of data and are portable. You can get third party backup software that will encrypt the data and setup a backup schedule with a little fuss. You can go for the more traditional tape backup route also. If you have modest data needs, you may be able to use DVD's or Blu-ray discs to backup.
If you decide to go the portable route, the media you use to store your backups can also fail. When using optical discs, store them in a cool dark place and use them for short term backups only. Tapes can oxidze over time so use multiple tapes and store them in a cool, dry place. External hard drives can fail like any other drive, plug them in only when backing up to prevent wear and tear on the drive motor.
Syncronizing your NAS
Taking the portable backup plan may not work if your business has multiple locations. If you have several locations, you can deploy multiple Network Attached Storage devices ( NAS ) at each location and set them to backup each other over the network. This feature used to be the domain of expensive Storage Area Networks ( SAN ) but many new NAS models have it. To save bandwidth, look for devices that support block-level sync, which only transmits the changes if a file.
Disaster hardened storage devices
Disaster resistant enclosures provide increased protection of local backups. In the old days, this used to mean storing tapes into a fireproof safe but now there are companies that offer disaster hardened storage devies. They can entail multiple drives in some sort of RAID configuration. Some can withstand extreme temperatures and / or waterproof even when fully submerged. Some will also support syncing with other NAS devices.
Disaster hardened storage devices
You can't totally disaster proof your business but you can take precautions to protect your critical data. It will take a little time and some money but not as much as rebuilding from the beginning. Your business doesn't have to be part of the twenty five percent that doesn't reopen with just a few extra precautions.
Data protection takes a backseat in the move to the cloud
Even though data loss in on the decline, challenges remain. Compared to 2014, data loss due to data corruption, hardware failures and power outages have fallen accordiong to EMC Global Data Protection Index 2106
. Unfortunately, many companies are neglecting their onsite data centers while transitioning to cloud enabled delivery models.
A survey was conducted by Vanson Bourne and sponsered by EMC polled 2200 IT decision makers. According to the survey, 80 percent said they were using SaaS business application from the public cloud . It also states and alarming trend, over half of these businesses fail to protect their data on the cloud. On average, they run 30 percent of their IT environments in the public cloud, and the majority rely on the clould for their business email needs but, less than half protect against data corruption or deletion.
Every small business needs a backup plan
Sooner or later, at least one of your business computers is going to fail. Whether it is from ransomware or lost/stolen laptops, not having access to your precious data is a frightening thought. Here are some easy tips to
prevent a crisis.
Keep critical files in the cloud for almost real-time offsite backup. Some cloud based storage services like DropBox allows encrypted files. Have a local backup on an external drive. For Macs, you can use the built in Time machine and for Windows 10, you can use Windows Backup and restore, these are basic but work very well. Have a cloud based backup just incase there is a disaster at your business and your backups are damaged. For security, make sure you have a modern router and your router firmware are up to date. In some cases, the firmware update will include security features and only takes a few minutes to complete. Also make sure that your workstations all have virus protection. It will alert you against some suspicious activity. Check for critical updates on WIndows machines and keep those up to date.
Make sure that all the steps are active for each computer in your business. IF you have several computers, you may want to think about NAS storage for your local backups since you may have to manage several drives. Check every one in a while to make sure everything up to date including the virus definitions, local and remote backups, OS security updates. The key is preventing data loss is to keep it simple by focusing on redundant data and keeping your software up to date.
Bad Rabbit ransomeware hits Russia and spreads across the globe
There is a new ransomware that is spreading across Russia and Europe that a number of cybersecurity research groups inluding ESET and Proofpoint have confirmed that spreads via a fake Adobe Flash update. Once their computers are infected, users are sent to a darknet site that must pay 0.05 bitcoins ( around $281 ) to decrypt their files. If it isn't paid within 40 hours, the price goes up. Even though experts can't yet confirm that it is related to NotPetya, it does use similar methods.
The U.S. Computer Emergency Readiness Team ( US-CERT ) also issued a statement
regarding the attacks. Much like Petya, Bad Rabbit contains and SMB component which allows it to ove laterally across an infected network and spread without user interaction. At this time, it is unclear who is behind the attacks. Whoever is behind Bad Rabbit, they appear to be a Game of Thrones fan since there are references to Viserion, Rhaegal and Drogon, the dragons featured on the television series and the novels it is based on.
At this point, it is unclear if it is possible to decrypt loced files without paying the ransom. Even though a number of security vendors state that their products protect again Bad Rabbit, Windows users can block the execution of "C:\Windows\infpub.dat" and "C:\Windows\cscc.dat" in order help prevent infection.
Ransomware: it's about to get worse
WannaCry, NotPetya, Bad Rabbit and other ransomware made headlines in 2017 which has been called the year of ransomware
. Despite the "ransom" in ransomware, very little ransom was paid out; the ones suspected to be behind WannaCry cashed out $140K from bitcoins associated with the attach
. This is nothing compared to all the business disruptions that was caused by files being encrypted.
We have seen how ransomware can completely destroy data but there is a potential for ransonware being used as a diversion for other malicious activies such as stealing data, transfering funds and taking control of systems. Ransomware doesn't have to encrypt your data, but just steal it and use it for electronic blackmail. Another potential is for criminals to go after enterprise infrastructure; imagine holding a whole coporation's IT infrastructure as hostage, it could lead to huge payoffs for criminals. Vulnerabilities in router firmware has the potential to allow ransomware to be spread not just from email, it can be spread from the physical network infrastructure itself; imagine infecting all the computers in a network by having the router broadcast itself out for all to receive.