Protecting your business from Ransomware (Part 2 – Backup and Disaster Recovery)
In the previous article we described why small businesses make attractive targets for cyber criminals. Big businesses have large teams of IT professionals with the job of protecting them. Small businesses tend to hope they don’t get hit — vs doing anything proactive to prevent such attacks. Or, they think the criminals will overlook them because their small. But, cybercriminals are not (as a rule) dumb. They know the big businesses have better protection. So, small businesses make easy targets. Unless they take some simple steps to make themselves much harder targets. Simple steps like:
- Run good anti-everything software
- Have a good backup and disaster-recovery (BDR) plan
- Make sure your employees practice ‘safe surfing’
Backup and Disaster Recovery
In this post, we’ll focus on Backup and Disaster Recovery (BDR). And the best place to start with backup and disaster recovery, is explaining what they are and how they differ.
Backup is the process of creating a copy of data so that you can recover that copy when needed. They key word here is ‘data’. Backup does not create a copy of entire environment and does not enable you to recover the entire environment. You can use data backups as part of your environment recovery, though.
There are a variety of reasons you might need to recover backup data. The most common is accidental deletion or damage to your data. This results in a need for the latest backup. You might also need to recover data from older backups – perhaps for reporting, compliance, or tax purposes.
For backups your main considerations are:
- Scope of data to backup – You need to choose what data to backup. Because storing data costs money, you want to choose only the data you need backed up.
- Recovery point objective (RPO) – This metric is about how much data you can afford to lose. Think about a scenario where you have sales transactions in a database. If you backup the data every 4 hours, then you might lose close up to 4 hours of transactions — or you may need to recreate them from other sources.
- Recovery time objective (RTO) — RTO, sometimes called Time to Recovery (TTR), is the amount of it takes to recover data. In the previous scenario, how long can you afford for it to take to recover the data? This will depend on how you use the data. For example, if you need the data for customer service, you made need the data sooner than if you need it for monthly reports.
- Retention period and schedule — You need to decide how long you want to keep data. Generally, your schedule will meet your needs for RPO, RTO, and your other data needs.
So, in summary — to address your backup needs you need to decide:
- What data to backup
- How frequently to make a backup
- How quickly you need to recover data from a backup
Disaster recovery, in contrast to Backup’s focus on data, is about backing up the environment (of your solution). The goal here is to have the ability to rebuild or recreate your IT environment in the case of disaster like fire or flood, so you can continue to conduct business.
The metrics for disaster recovery are very similar to those for Backup. In particular, there is a focus on RTO/TTR, since the goal is to get your business back to operating successfully as soon as possible.
And, similar to Backup, for disaster recovery (DR), you need to decice:
- What infrastructure should be included?
- How often should you create a copy of your infrastructure?
- How quickly do you need to recover the infrastrustructure?
BDR and Ransomware
Ok. So how does backup and disaster recovery help you reduce the risk of ransomware? Remember what ransomware typically does. Cyber criminals encrypt the files and data in your server environment and demand payment in order to unencrypt them.
But, what if you don’t need to unencrypt the data? What if you recover an unencrypted copy? If the encryption has gone so far as to affect your infrastructure, what if you could simply rebuild from an unencrypted copy?
Having a good BDR solution in place makes both these options available in the case of a ransomware attack. It takes the power away from cyber criminals and puts you in charge.
Tellus Consulting support several backup solutions:
Server backup – We’ll create a custom cloud backup solution for your server. Solution includes ongoing monitoring, verifying the ability to restore files at least twice per year, and performing restores as needed. Backup is for up to 1TB of data per server.
Desktop backup – We’ll configure daily backups of your users’ Windows desktop or laptop computers and provide those users with detailed instructions for how to recover files. We’ll also be available to provide remote or email assistance if they need help.
BYO backup – Some clients bring their own backup solution. We work with them to understand the solution and support it (to the best of our ability and limited by the support available from the backup solution vendor)
Disaster recovery solution
ASR Disaster Recovery TC – We build your disaster recovery solution around Azure Site Recovery (ASR), customized for your needs and monitored by our team. Recovery, when needed, is included in the cost.
Contact us for more information
For more information about these solutions and others, contact us!