disaster event. Despite your best precautions, ransomware got into your PCs and servers and encrypted them. Luckily you have good backups that the criminals couldn’t touch, they are up to date and you can easily restore them. However?

Today, Friday, March 31, 2023, is the annual World Backup Day: An ideal time to once again emphasize the most important pillars of a good backup strategy. After all, a good backup is the best insurance against IT problems, human error and cyber attacks. In fact, every DNA tag should also be a backup tag.

Everyone knows backups are necessary, but in too many cases it is the backup strategy set and forget. The fuses are set up, so everything should be fine. Unless, of course, ransomware can encrypt the backups. Or maybe your office is on fire and its server and backup are broken. Or is the backup somewhere, but how do you restore the environment and how long does it take?

Golden 3-2-1 rule

The rule of thumb when creating backups is the 3-2-1 rule. Only backups that follow this rule deserve this name.

• 3: take care three Versions of your backup: a primary version of your data (the servers you work on) and two copies;
• 2: Keep at least these three versions two different carriers (ie no two copies on the same physical server);
• 1: place at least A copy to a remote location (e.g. the cloud).

The 3-2-1 rule will protect you from pretty much any problem. Is a device defective? Then your data is in two other places. A disaster hits your office? Then you can contact the external body.

ransomware

Backups are not only the best weapon against disasters or failures, but also against cyber threats. Don’t underestimate the risk: according to a study, 75 percent of companies in the Benelux countries were confronted with such an attack last year. Backup is the ransomware criminal’s biggest fear in case of a successful attack. Why pay to get your encrypted data back when you can restore the data from an off-site backup?

To prevent this, ransomware specialists often secretly disable your backups. If they then run your environment without a backup for a month or two to activate the ransomware, you are left with few options.

So pay close attention to whether your backups are still working. Check them regularly for completeness, but also configure them in such a way that they cannot be changed from the normal company network. After all, you want to prevent an attacker from simply encrypting the entire backup. Access to backup should be one of the most managed parts of your overall IT environment.

Test and fix

Does the backup check mark appear green in the console? Fine, but how confident are you that you can recover an entire environment? And how long does this recovery take? If your backup is part of your cybersecurity and disaster recovery strategy, you should test it regularly. That way, you know with certainty that your data is effectively accessible to all after a disaster, and that applications are working as expected for both internal and external users.

Additionally, a scenario where a backup needs to save your environment is, by definition, quite stressful. To avoid panic, it helps that everyone knows what to do. When the IT team goes through the backup solution’s restore function for the first time, when it is urgent and necessary, ask for errors.

Finally, you know how long it will take to get your entire environment back up and running from the backup. It takes you two weeks to restore everything, but your company only has liquidity for a week? Then there are big problems.

Location

Where are you backing up now? Several considerations play a role. First, be aware that your backup contains sensitive data. Encryption is a must, but where does this encryption take place? It’s not a good idea to send personal data to a data center in China or the US if it’s only encrypted there. For example, you can get in trouble with GDPR regulations.

If your primary data source is local, you need at least one remote location to store your data. This can be the cloud or a colocation data center, but just as well your own server or your own data center in a branch office at least a few tens of kilometers away.

Don’t think everything is fine when your entire business is in the cloud. Your cloud environment can also be hacked and no provider is immune to disaster. The probability of a fire breaking out in a large data center is small, but not impossible. It is up to you to ensure that your data is safe in an external location. This can be an alternative data center from the same provider as long as it is a different physical location.

3-2-1, practice and test. Anyone who does that can fight. Armed with a good and secure backup, tornadoes and cybercriminals can do little to harm you.

This article originally appeared on October 21, 2022 as a safety tip. The play was part of our Security Theme Month. We updated it on March 21, 2023 to commemorate World Backup Day.