Secure Networkers: Backups and Remediation
Protecting and Restoring Your Data
Backups and Remediation
How much data should you back up and test, and at what frequency? Simple answer: The data you back up should be everything that you want to keep. How much data you back up and protect with testing directly correlates with how much data could you stand to lose. In other words: If you are only testing your data monthly, you have determined that you afford to lose a month’s worth of data. But secure backups are the first line of protection
Backups
What is your backup plan?
The fact is that every company needs to have a backup. But there are several things to consider about your backup plan:
How long can you tolerate being without your data?
The answer to this will determine whether you do a file level backup or a full system state backup.
How often do you need to back up your data?
You must keep in mind that if you only backup your data daily, you could potentially lose an entire day’s worth of data in an outage.
Onsite
or Offsite?
Onsite backups are convenient but if you get ransomware, do you realize that the onsite data will be encrypted as well? If there was a fire, an onsite backup is useless. It’s imperative that you have some kind of offsite data store.
Are you getting notifications for the success or failure of your backups?
If you’re not getting notifications, you are putting your data at risk.
Are you regularly testing your backup data?
If you’re not testing your image backup, a time may come when you actually need to use it and it’s useless. Minimally, you should test your backup weekly.
Remediation
So, you think you’ve been compromised?
Now what?
We understand the anxiety that can happen when there is a security breach. Network visibility is crucial. You want to start with questions like…
- Are you currently compromised?
- Is there evidence of a previous compromise?
- What is your security incident response strategy?
Our remediation analysis reviews:
- Critical infrastructure
- Indications of lateral movement
- Embedded attackers or software
- User access review
Remediation Timeline
Initial meeting and installation of security tools.
Continued installation of tools and analysis of critical systems.
Ongoing data analysis
Preparation of report and Assessment
Report review with client and the path forward
Complete!
Truth In Industry:
Organizations worldwide report ransomware attacks impacting business, but it seems businesses in the US and UK have been hit the hardest in the past year, with 55% and 54% of companies impacted, respectively. This is a significant reduction since last year, though, when 62% of American businesses were victim to a ransomware attack. However, in 2019, only 39% of UK businesses report being impacted by ransomware.