It is inevitable that one day you will be a victim of a breach, virus, or fraud. Cyber Security Professionals understand that “100% protection” is a false construct.
Cyber Security specialists attempt to reduce the risk of an incident and devise a strategy to recover from a cyber event. Yes, you can implement a security system, Antivirus/Malware software, lock down security with policies and still fall victim to a bad actor.
Why is that? The simple answer is we are all human. Most of us can’t help but to click. We know we shouldn’t, yet we do.
There are a couple of questions I get asked all the time “How can we recover from a virus”? and “Why do I need backup if I sync my data with an online service or multiple servers?
Well, let’s start with the premise that file synching and file backup is not equal, not even close. When you setup file syncing with an online service or multiple servers, the files will synchronize whether they are legitimate files or infected files.
For example, if you have had the misfortune of launching a Ransomware virus at home or at work it will encrypt all the files on the local machine…then the file sync will infect every file on every device. Not a good situation.
Let’s talk Backup. Not just any Backup, I’m speaking about a daily offsite secure backup with multiple versions also referred to as “incremental daily backups.” The best way to safely recover data from Ransomware or any other virus that infects data is to have a good daily offsite backup to restore all your data.
Just because your data is recovered you still need to be able to access it. Be sure your operating system is salvaged by enabling a good image
of your operating system. For windows desktops be sure to enable windows restore points and on servers use shadow copy to restore your operating system.
This is known as a two-pronged approach to Data Integrity and Data Accessibility. Data integrity is the ability (Data Backup) to recover your data in its original accurate format and Data Accessibility (Operating System Recovery) is the ability to access that data when needed.
In this Data Backup scenario when Ransomware infects all the files, we can simply delete all the infected files and restore them to the previous days’ version. Yes, we may have to clean up the virus and other technical items, but recovery is quicker and less expensive.
Even if the infection happens after hours and the server’s latest backup contains infected files it won’t matter. The infected backup is isolated and encrypted in a separate dataset. In this case, we can just delete the infected backup and restore from a good backup version.
At most you may lose one day of work. That’s safer than paying Bitcoin to get your data back. Paying to get your data will most likely go unrestored and may make you an easier target in the future.
The best way to recover from Ransomware is to have a well thought out data recovery plan, offsite daily data backup and recovery of your operating system with a good image to revert to.
So, when it comes to data integrity never look for the low-cost solution. Your data is your business without it you may never recover! How long can you survive if you lose all your contacts, accounting history, word docs, marketing material and anything else you can imagine? Not to mention if you had personal items that you may never recover. Keeping your data and business safe is worth it.
If you’re not sure what or how to approach your Data Integrity Plan contact a data specialist.
Always, consider a solution that provides offsite storage, encrypted security, daily schedules, utilize Anti-Virus/Malware powered by Artificial Intelligence and have an updated recovery plan.