One of the most overlooked ACSC Essential Eight strategies in mitigating cybersecurity incidents is daily backups. Think of it as your absolute fail-safe in a scenario when all other security controls have failed. But what are the steps and strategies involved in backing up your data?
Data is one of the most crucial assets of any organisation. Sooner or later, all companies face the risk of losing their data, either through viruses, ransomware and/or even human error. According to a report from Kroll Ontrack, system failure, human error, and software failure cause 91% of total data loss:
- System failure or hard drive crash is responsible for 67% of total data loss.
- Human error is responsible for 14% of total data loss.
- Software failure consists of 10% of total data loss.
Daily backups should still be the bread and butter of any IT department, yet this critical control is sometimes overlooked. When reviewing your backup strategy, you should be asking these critical five questions about data backups:
- How confident are you in your organisation’s process of backing up and restoring data? Is it working as intended?
- Are you backing up all of your company’s important data, software, and configurations? Do you have daily/weekly/monthly backups of this data to fall back on?
- Are the backups securely stored? Are they stored offsite with adequate physical security controls? Are they encrypted or stored in cleartext?
- When was a full recovery of backup data last tested? Will the process work in a time of need? In the event of a catastrophic failure or breach, can you recover quickly and reduce your downtime?
- How quickly could your organisation recover from a ransomware attack? Once contained and eradicated, how quickly can you recover critical services and data?
It’s worth checking to ensure that the basics are operating as expected. A simple and effective solution is to implement the 3-2-1 backup strategy. The strategy summarizes how and where to keep your organisations’ copies of data in 3 simple steps. Check out the full article explaining the 3-2-1 backup strategy here:
Author: David Roccasalva. Call T(AU): 1800 996 001, T(NZ): +64 9 222 4725,T(SG): +65 6631 8375 ,T(MY): +603 2788 3709 to book an appointment with our Privasec Red Consultant, David Roccasalva.