For decades now, Periodic Backups have been used to backup and safeguard critical data. Periodic backups are performed on a set schedule, rather than event-driven, such as whenever new data is saved to a hard drive or existing data files are modified. Periodic backups often perform one of three types of backup as follows:
- Full Backup: backs all files targeted by the backup software.
- Incremental Backup: backs up all changed files targeted by backup software since the last backup of any kind (full or differential).
- Differential Backup: backs up all changed files targeted by the backup software since the last Full Backup.
These periodic backup strategies were developed when backup storage was very costly. They try to balance the high cost of backing files up at a distinct cost to restoring data quickly and easily.
One advantage to doing a full backup is that a complete copy of all data is available within a single set of media (hard drive or Backup media – DVD, Tape etc.). This can reduce the total time to restore data, also known as a Recovery Time Objective (RTO). However, the disadvantages are that it takes longer to perform a full backup than other strategies (sometimes by a factor of 10 or more), and it requires more storage space.
However, in the modern days of ransomware, a distinct disadvantage of periodic backup strategies (Full, incremental, and differential) is that they do not usually perform backup versioning of the files. When a file is encrypted due to ransomware, its signature changes and it is therefore backed up. In these cases, it may replace an older backup, destroying your access to a good version of the files in favor of a hacker encrypted version. Strong periodic backup solutions will maintain multiple copies based upon time criteria of N – 7 days and N – 30 days. In these cases, you may get most of your data back but for the last 7 or 30 days depending upon how far back the ransomware goes. Additionally, some hackers may first seek out and delete your backups prior to starting their ransomware encryption routines with the hopes of increasing your willingness to pay their ransom demands.
What does this mean for an SMB?
Periodic backups play an important role in most backup solutions. They are a solid way to backup all of your data. However, it is not a one-size-fits-all approach. When it comes to backing up your data, there’s only one rule CyberHoot recommends and that is that you follow the 3-2-1 Backup Strategy. A 3-2-1 backup strategy means having at least three copies of your data, on two different media storage devices, with at least one copy off-line. Backup Versioning plays into the first part of 3-2-1 or having three copies of your data. These versions must be protected from deletion and many Cloud SaaS solutions today prevent their permanent deletion from even administrators without extraordinary measures providing additional safeguards to your data.
There is no perfect solution for backing up your data, but the 3-2-1 strategy is a great start for the majority of businesses and individuals. The United States government recommended using this method of backing up in a paper published by the US-CERT team back in 2012. If you view your files as your investment capital, you want to diversify them as much as possible to limit your exposure should the unthinkable happen. Liquidity also matters, having a local backup and an off-site backup gives you more options for backup recovery. To learn all about 3-2-1 backups, check out our 3-2-1 Backup Guide.
ADDITIONAL CYBERSECURITY RECOMMENDATIONS
There are other actions you should take to protect your business and its data from attacks which include:
- Adopt a password manager for better personal/work password hygiene. This would include the passwords to restore your backups which should be both encrypted and protected by a strong password.
- Require two-factor authentication on any SaaS solution and all critical accounts. This would include 2FA authentication into your Backup Cloud solution preventing a hacker from logging in and destroying backups as they can’t bypass your 2FA.
- Require 14+ character Passwords in your Governance Policies and IAM directories (including your backups)
- Train employees to spot and avoid email-based phishing attacks
- Check that employees can spot and avoid phishing emails by testing them
- Incorporate the Principle of Least Privilege
- Perform a risk assessment every two to three years
To learn more about the different types of backups, watch this short 2-minute video:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Blog
- Cybrary (Cyber Library)
- Infographics
- Newsletters
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.