Data is the most valuable part of a computer system and may be irreplaceable if lost to a ransomware attack or a hardware failure, or if it becomes corrupted. The following tips will assist you planning and preparing a backup policy for an incident in case the worst happens.
What is a backup policy?
A backup policy is a well-thought-out plan to mitigate against data loss that could happen due to a ransomware attack, hardware failure, data corruption, or some other detrimental event. If implemented well, it can help an organisation to return to business as usual more quickly and easily.
The complexity of the backup policy will depend on the size of the organisation, the number of applications and databases it uses, and the quantity of data that requires backing up. It will also depend on company policy and regulatory obligations applicable to the organisation.
How do I implement backup policy best practice?
-
Identify your most critical data and plan accordingly
By identifying the most critical data to your business, resources can be allocated to ensure that this data is protected and prioritised. Backups can be tailored to that particular data accordingly.
-
Take frequent backups
If you have mission-critical data, then attention should be paid to the frequency of the backups that are taken.
-
Use the 3-2-1 approach to backups
Create three copies of your data in addition to the original file, using two different backup media types stored locally and one copy stored remotely offsite.
Backups should be isolated or air-gapped from the network when not actively backing up data. Backup media should never be permanently connected physically or over the network.
-
Practice versioning data
Backups should contain old versions of your data, not just current versions of files backed up most recently. This is important in case of file corruption or ransomware that may be lurking in current data backups.
-
Periodically test the integrity of your backups
Data should be checked regularly to ensure that it is accessible and readable.
Why are backups so crucial and what happens if they fail?
We recommend this level of diligence because backed up data can be recovered from if you suffer a cyber incident. Reducing the business downtime, the need to pay a ransom and the time it takes to get back up and running.
But even with the best intentions, back-ups can sometimes fail. Whether they're not pulling the right data, at the right intervals or at all, there are cases where recovering from backups does fail. This is when having a cyber insurance policy that offers data recreation is key - covering the costs to recreate any data lost in a cyber incident if your backups fail. A lot of coverage will stop at data recovery, but at CFC we go the extra mile to rebuild the data lost.
Other tips to build into your your backup policy
- Data should be encrypted when backed up - this will help prevent unauthorised access.
- Consider making your backups unchangeable, so they cannot be altered by you or the bad actors.
- Consider using remote storage. Cloud based storage can be a cost-effective option if managed correctly.
- Automate backups where possible. This will make the practice of backing up your data a part of everyday business.
- Consider the retention period for your backups. This is especially important if you are using cloud services to back up your data. Cloud data storage costs can mount up so determine a sensible length of time for storage in your backup policy, considering legal and regulatory obligations.
- Consider your data retention policy. Do you actually need all the data that you are storing and backing up? Often data is stored unnecessarily adding an unnecessary cost and has additional security burdens if exposed.
Further government guidance
UK National Cyber Security Centre advice on backups can be found here.
USA CISA advice can be found here.
Check out our other cyber security related resources in our cyber hub. For any other questions, please don't hesitate to reach out at cybermarketing@cfc.com.