.
Answer quickly and honestly: What would happen to your business if overnight you were forced to abandon computers completely and go back to pencil and paper?
If just imagining this extreme situation can scare many people, the possibility of it happening is becoming greater every day, especially for those who do not give due importance to backup in the company.
In today’s article, we’re going to discuss why and how the company’s posture should be in relation to the subject.
What is backup?
Translated as directly and crudely as possible, backup is the foreign word that means “to get back on our feet”.
As strange as this possible translation may seem, it is very illuminating, since it is customary to say in computer science that a system has crashed, or is unavailable, or inaccessible, that it is down (system going down). On the contrary, when it is reestablished, it becomes available or accessible, that it is “up” (system is up).
That is, the backup is the means of returning (back) the system to the “up” condition.
In practice and in the simplest possible way, it means making a copy of the data that are essential for the system that uses them to be used again in the event of any type of problem that may affect their access and use.
Saved some particularities, it’s the same as having a spare key or the spare tire in the car, so if you have a problem with the main one, you have an alternative to resort to.
There are different types of backups and methods for doing so, but that’s an issue we’ll focus on later.
Why is backup essential for any business?
Even if most intuitively know its importance, there are still those who do not or somehow do not treat the subject as they should.
On October 8, 2022, several press vehicles and specialized websites reported one of the numerous cases that became public of ransomware attacks, this one particularly targeting the Rede Record
Although the company provided very little information about the attack in an official statement, as far as it was concerned, it was only possible to return to “normality” thanks to the backup.
But the list is only growing, including companies that had to pay the ransom, as well as those that suffered severe financial losses due to the problem and even those that had no choice but to close their operations,
Cases of attacks using ransomware have been increasingly frequent, affecting companies of all sectors and sizes. No one is safe and free from entering the statistics.
Sector experts estimate that the numbers do not reflect reality, both because, as Record did, they avoid disclosing information for fear of the indirect impacts that the news can produce on the company’s image and reputation, and because minors often suffer worst of consequences – they shut down their operations.
As dramatic as the scenario may seem, it is real.
For a small business, which neglected security protocols and was affected by ransomware, paying the “ransom” to have its data returned is generally not a possible option and they are faced with the situation that we presented in the opening paragraph.
Statistics reveal frightening numbers:
- Also according to SonicWall, there were 19,781,098 attempted attacks using ransomware detected between January and June 2022 in Brazil, placing us behind only the US as the most affected country in the world;
- Encrypted threats and malware aimed at compromising the Internet of Things (IoT) saw increases of 132% and 77% year-on-year, respectively;
- A format known as Ransomware as a service (RaaS) or ransomware as a service has grown a lot, which means that there are already crackers (evil hackers) who literally sell everything that involves such an attack, making it accessible even to those who not an expert on the subject.
There are many other data in this and other reports prepared by cybersecurity companies, with differences in some of the numbers, but that in common and without exception, point to growing and alarming risks to data.
It is also important to emphasize that ransomware is just one of many threats that the various classes of malware represent, both in terms of data loss and in terms of other types of consequences, such as data leakage, a situation that backup does not solve .
Even if paying the “ransom” is not a problem for your company, there is no guarantee that by doing so, the malefactor will provide the key to have your data decrypted.
On the other hand, data isn’t just under threat from malware either. They can be corrupted or lost due to hardware, software and even human failures and in these cases, having a good and safe backup policy is a necessary solution.
What is backup policy?
Briefly, a backup policy refers to the set of procedures and rules that determine, among others, the following aspects:
- What data is sensitive and needs to be under protection;
- What system or service was used to perform the backup;
- Periodicity with which it is carried out and type (incremental, differential, complete, etc);
- Routines and procedures for recovery / restoration;
- Persons responsible and responsibilities, as well as access levels and privileges they may have to the different systems in use in the company;
- Security of systems regarding access and external threats, as well as the tools responsible for protecting them;
- Validation and integrity of the data that were stored;
- Redundancy, usually given by at least a second copy of the data in another location and even making use of another technology;
- Reports and controls of the backups made;
- Data encryption.
How to choose a backup solution?
Regrettably, there is no single answer that fits any business.
This is because existing backup solutions offer different levels of efficiency depending on the business model and how data is produced and stored.
Suppose your company produces and/or changes large volumes of data all the time. In cases like this, the so-called hot backups are indicated, which is the one performed with the database online, that is, in production and, therefore, inconsistent.
Its main advantage is associated with performance and data availability, since as new data exists, it is stored. In any condition that data is affected, as the backup is made as they are generated or changed, if there is any loss, it will be minimal.
For other types of operation, a daily routine and scheduled at a time of no use of the databases may be sufficient.
Still based on these two formats, it is possible that some data is submitted to the first and another group of data, to the second.
Therefore, it is best for a consultant in the area to assess all sensitive information that will be submitted to storage, in order to classify them according to the IT infrastructure and how it is used.
Let’s consider the following scenario, which is perfectly plausible in many companies:
- Existence of an intranet, which contains an order system, expense reports, management reports, among other systems, which need to be accessed by employees from each branch. At the headquarters, accesses occur directly through one of the internal networks.;
- Part of the computers have access to the company’s internal network, which is used for printing services, remote storage and repository, systems, etc.;
- Local servers with different purposes, each integrating a network;
- Workstations with and without access to different Internet protocols;
- Some employees working from home and with access to the intranet and internet;
- Collaborators who use third-party cloud computing services.
In a situation like this, the production of data and how it is stored, how sensitive it is, as well as the level of risk to which it is subject, varies enormously, and therefore the approach to each portion of it, also varies.
It’s impossible to adopt a single method to back up everything. Procedures, methods and even periodicity and type of backup made will vary for each data and situation to which it is related.
The importance of security policy for backup
Another key point in the question, which is linked to the backup policy, is the security policy.
Like the backup policy, the security policy determines the protocols and actions to ensure the highest possible levels of reliability in the digital environment.
For example, in the hypothetical scenario that we described earlier, the rigor with which accesses to the intranet must be treated are essential to obtain an adequate level of security, which involves everything from the antivirus solution used on the users’ machines, whether the accesses occur with or no VPN, multi-factor authentication (MFA) and even user training to institute good practices.
Even this last concern – training – has increasingly appeared on companies’ priority lists when it comes to safety. Not only in terms of ransomware, but in terms of many other threats in the digital world, cyber criminals exploit one of the weakest links in the chain, which is the user.
Phishing and spoofing almost always rely on the fragility of the lay user or who does not have enough knowledge to identify a possible threat and therefore ends up being the vector for a cyber attack.
Based on this, companies have created strongly user-oriented security policies, restricting the types of access made on the Internet, using DNS filters and guiding them to avoid leaving digital footprints, blocking certain types of attachments in the exchange of e-mails. and even prohibiting the use of pendrives.
Creating and implementing a robust security policy that considers the various circumstances and threats of the digital environment is an important step towards not having to resort to backup, but if and when necessary, they are safe.
After all, imagine that all the company’s e-mail accounts are backed up and one of them contains a message with a harmful attachment. Restoring it will also restore the threat to the device and corporate environment.
Conclusion
Backup is like a company’s insurance policy on the data it generates and uses and is therefore essential for doing business and even surviving.
.
