Ransomware is becoming an increasingly widespread form of cyber-attack. To protect your data from ransomware, it is essential to have a full proof business continuity and disaster recovery plan in place. This notion can be proven by a recent instance of ransomware by DarkSide against Colonial Pipeline.
“Despite complying with DarkSide's ransom demands, Colonial found that recovering from backups was quicker than using the gang's decryption key to bring systems back online.” (GCN).
A comprehensive ransomware disaster recovery plan could bring your system back online faster than complying with the ransom. Here are some tips to get you started on your disaster recovery plan.
Backups:
One of the best backup strategies for storing data is called the 3-2-1 plan, where you store 3 total copies of the data in separate places. Two of these copies will be on the local network but on separate devices, with the third being stored off network. “There is still risk with this strategy, however, as more sophisticated ransomware attacks now target backup files. The most straightforward way to expand on the 3-2-1 model is simple: 3-2-1-1. For extra security for backup files, agencies should store an air-gapped copy of the data offline where ransomware can't reach.” (GCN).
Cyber-security and Protection:
Protecting your data through a different network than your cyber-security is not as easy as combining these efforts into a multi-pronged approach. “The more systems agencies try to support, the more vulnerable their data and networks become.” (GCN). With only one system, agencies can “optimize protection, cyber-security and disaster recovery capabilities with minimal management.” (GCN). Additionally, it is especially important to protect your company against specific cyber-attacks, such as ransomware. “It seems like every day we hear about a new data breach, ransomware attack, or other hack. Rather than worry about what if it happens to you, protect yourself. Even if you are hacked, simply roll back to unencrypted data. No ransom. No sweat. No loss.” (San Antonio Report).
Updating Outdated Plans:
Lessons learned should be incorporated into updating your business continuity and disaster recovery plans. “To start, a review of policies will help agencies determine which ones are outdated and which ones should stay. Agency disaster recovery plans should outline how their health and safety protocols address illnesses, contact tracing, sick leave and backup staff for critical processes. These updates should be included in agency crisis communications plans.” (GCN). Updating your disaster recovery plan could be the key to being successful in recovering your data in the event of a cyber-attack or natural disaster. Regularly evaluate and update your plans to ensure full preparedness.
Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Athens, Metter, Milledgeville, Vidalia, and Atlanta, Georgia areas. We also have locations in Tampa, Florida, Roanoke, Virginia, and Raleigh South Carolina. Please check out our website to learn more: https://www.responsivetechnologypartners.com/.
Sources:
“5 Tips for Better Business Continuity and Disaster Recovery Plans -.” GCN, 23 June 2021, gcn.com/articles/2021/06/23/disaster-recovery-plans.aspx.
Gondesen, Scott. “Best Practices for Backup and Disaster Recovery to Secure Your Data.” San Antonio Report, 7 Sept. 2021, sanantonioreport.org/best-practices-for-backup-and-disaster-recovery-to-secure-your-data.