Reliable backups: How to succeed in seamless data protection
by Tina Siering
Imagine that all your digital business data is irrevocably lost from one second to the next - be it due to a ransomware attack, defective hardware or human error. For your company, this scenario would most likely be accompanied by serious consequences, and in the worst case scenario it could even mean the "end". But it doesn't have to come to that: A sophisticated backup strategy can reliably protect you from the total loss of your data.
What is a backup - and why is it so important?
A backup is a backup copy of data on an additional storage medium. Regular copying can be either manual or automated and creates an identical duplicate of data that is backed up separately on an external hard drive, tape or in the cloud, for example.
The backup is virtually the airbag in the event of a data crash: If important company data is accidentally deleted or blocked by cyber criminals, the impact on your company is not too hard. Since you can simply fall back on the duplicated data status, the lost files and programmes can be recovered without a great deal of time and financial effort. This data recovery is also known as "restore" and is one of the effective countermeasures against ransomware attacks. A backup that you can restore in the event of encryption is one of the few efficient protective mechanisms against encryption Trojans.
Although the risk of total data loss is relatively high, the topic is a weak point in many organisations. For example, many companies do not pay sufficient attention to the topic of data backup and thus simply risk their existence: Some only create a backup irregularly or only back up part of their data. If the company's data is then encrypted by hackers, this can mean disaster for the company. In the worst case, without a comprehensive backup, the company is left empty-handed and helpless against the blackmailers.
Don't forget either: In Germany, you are required by law to back up business data and protect it from loss and unauthorised access. A backup is indispensable in order to meet your obligations within the framework of proper and audit-proof accounting (§238 HGB). The requirements for data archiving and the associated retention periods are to be distinguished from this - a data backup thus replaces neither a data archiving nor the other way round."
The right backup method for your company
There are several methods to choose from for backing up data, all of which have their advantages and disadvantages. Which method is right for you depends, among other things, on the amount and size of the data and the intensity of change.
1. Full backup
A full backup can be the right choice for you if you do not want to worry about a backup strategy. A backup programme completely backs up your entire data stock, including operating system data, on a storage medium during each storage process.
Advantages:
+ Simple storage without backup strategy
+ Easy recovery of data as a whole from a single file
Disadvantages:
- much storage capacity required
- High time expenditure for storage
2. differential backup
A differential backup is always preceded by a full backup. It only includes the data that has been changed or newly created since the last full backup. The differential backup can be performed several times and allows the backup to grow until you perform a full backup again.
Advantages:
+ Less storage capacity required than for complete backup
+ Less time required than for full backup
+ Separate management and deletion of the individual memory levels possible
Disadvantages:
- More time required for the restore
- Two files required for recovery
3. incremental backup
The incremental backup is also based on a complete backup and only takes into account the data that has been changed or added since the last backup process. In contrast to the differential backup, however, the further incremental backup processes are no longer based on the complete backup, but only save the changes since the last incremental backup. In the event of a restore, you must first import the last complete backup and then all incremental backups.
Advantages:
+ least storage space required
+ least time required for the backup
Disadvantages:
- Complex and time-consuming restore
- Defective backups can prevent a complete restore
The best storage media
In addition to the right backup method, choosing the right storage medium is also essential for an effective backup strategy. The following is an overview of three suitable storage media .
1. Magnetic tapes or tapes
Nowadays, a magnetic tape may sound like an antiquated storage medium from the last millennium. But the advantages of tapes are not to be underestimated and are once again finding increasing favour in the IT industry.
Advantages:
+ Very high storage capacity
+ favourable acquisition costs for tapes
+ Very long service life of up to 30 years
+ particularly reliable
+ safe storage possible
Disadvantages:
- High price for the drive
- Complicated and error-prone handling of the tapes
- More time required for backup and restore
2. Network attached storage (NAS)
A NAS is a network-attached storage device. You connect it via a cable to a network switch or a router and store the data of several devices within your network on it. Since the data is usually saved on at least two hard disks (RAID 1 array), you have double security: If one hard disk is defective, you simply fall back on the other copy.
Advantages:
+ low power consumption
+ Storage space increase and duplicate copies possible
+ High security with RAID-capable models
+ Access rights can be set up
+ Simple operation
+ Cloud connection possible
Disadvantages:
- Higher acquisition costs than for external hard disks
- No reliability
- Partial use of own software solutions
3. Cloud
Online backups in the cloud are among the most popular storage solutions in both private and business environments. Cloud backup providers offer special services for companies that enable continuous real-time synchronisation of company data to the cloud. The automated data backup is carried out via clients and thus costs hardly any time.
Advantages:
+ flexible memory adjustment
+ no costs and protective measures for own hardware
+ location independence
+ DSGVO-compliant storage within the EU
Disadvantages:
- Internet connection with high data transfer rates required
- data backup with an external provider
Grandfather, father and son: backups according to the generation principle
Data backup according to the generation principle is not linked to a special backup method. Rather, it is an option for making optimal use of a limited number of storage media in order to always have different backup statuses at hand for a restore. The principle is mainly used with rewritable storage media such as tapes or cassettes.
The procedure is also called the "grandfather-father-son principle" and proceeds in three phases. First, you save your data from Monday to Thursday on a son storage medium (S1 to S4). Then you make the weekly backup on the father storage medium V1 on Friday. In the following week you can use the four son media again and overwrite them exactly to the day. On Friday, the father weekly backup V2 takes place.
You also repeat this process in the third and fourth week until the grandfather monthly backup G1 comes into play at the end of the month. With the first weekly backup of the second month, you then overwrite the first father backup V1 of the previous month. Now repeat all these steps until the end of the year and make the last data backup on the grandfather medium G12.
Since several complete versions are available for data recovery at any time, the generation principle creates an almost tear-proof safety net for your backup. In addition, it requires little storage space and keeps the administrative effort within limits.
To prevent ransomware attacks on the backup
Hackers also know that the backup is your only chance to take the terror out of an extortion Trojan. That's why cybercriminals usually compromise backup systems, taking the wind out of the sails of even the best data protection concept.
To protect your backups from encryption and achieve a high level of security, you should combine several protective measures:
- Grant only a few people write and access rights to the backup system.
- Don't rely on just one backup, but stick to the 3-2-1 rule: there should always be three backups on two storage media, with at least one backup copy outside your company.
- Set up virtual desktops in a protected area to protect other computers from hacker attacks
. - Use a sandbox environment in which you can safely open and examine file attachments.
- Use proactive techniques that detect anomalous activity on the network long before the actual ransomware attack.
Conclusion
The total loss of all company data poses a real threat to your company, not least due to the increasing number of ransomware attacks. In the event of an emergency, reliable backup copies are your only lifeline to restore your data and save your company from ruin. By intensively considering the appropriate methods and storage media for your individual backup strategy, you have already laid the foundation for a complete data backup. However, it becomes problematic when hackers also attack the backup.
To contain the risk of a successful attack on the backup, only sensible preventive measures will help. The Active Directory Security Check from Allgeier secion supports you in uncovering and eliminating vulnerabilities in your network. Among other things, our security experts check your existing AD concept, evaluate your existing authorisation structures and carry out a technical analysis with Bloodhound. Afterwards, they discuss all the results with you personally and give you concrete recommendations for action on how you can successfully arm yourself against hacker attacks with an optimal security concept.
Need help upgrading your IT security for 2022? Contact us!
Related articles
For several days now, there has been a strong accumulation of successful compromises by the "QakBot" malware (also known as "QBot" and "QuackBot") worldwide. We have also already identified successful attacks as part of our ACD monitoring. After infection, criminals can gain access to online banking accounts, leak user data, and reload further malware. As one measure to mitigate the risk, we urgently recommend adjustments to the Group Policy Objects (GPO).
Cybercriminals are true masters at constantly adapting their attack mechanisms to effective IT security measures. New tools and iterative changes to existing malware are used to mercilessly exploit security vulnerabilities. Among the numerous threats, ransomware stands out as one of the biggest. More and more companies have to face extortion Trojans. A completely new threat called LockFile now relies on intermittent encryption. LockFile not only encrypts much faster than previous ransomware, but also bypasses security solutions that work reliably. This article shows why criminals are increasingly relying on intermittent encryption and how companies should react to the new threat.
Read more … New ransomware trend: Why criminals increasingly rely on intermittent encryption
Due to the war in Ukraine, secion provides an assessment of the threat situation for companies and examines the question of whether increased Russian attacks on companies in Germany, Austria and Switzerland can be identified. There is currently no evidence of an acute increase in the threat posed by Russian state actors in Western Europe, but there is increased public awareness of these cyberattacks. In addition, "third-party actors" are creating a new dynamic.