Tip #11 for National Cybersecurity Awareness Month: Protect your back-up data.
Security of backups is often overlooked, but it is the last and most important line of defense against attack. Attackers and ransomware often specifically target backup systems to prevent recovery of files they have maliciously encrypted or destroyed.
Steps you can take
- Lock down access to all software, portals, files and media — such as USB drives and tapes — related to backup systems.
- Require the use of strong passwords and multifactor authentication.
- Store backup media in a secure location.
- Encrypt backup data wherever it is stored — on backup servers, backup media and in the cloud. (Make sure you never lose the backup encryption key, or you will not be able to use the backups to recover.)
- Evaluate the security measures of any third-party vendors involved in managing or storing backups.
- Follow the 3-2-1 rule: Keep at least 3 copies of your data, store copies on 2 different types of storage and store at least 1 copy offsite.
- Backup files that are at the greatest risk to ransomware are those directly attached to the computer getting backed up. Consider an “air gap” approach to ensure attackers cannot get to backup files. One approach is to rotate media daily, keeping a copy of the backups offline.
- Review your backup configuration periodically to ensure all critical systems and data are protected.
- Test your backups often to ensure the media itself works and your team knows how to recover and restore systems and data.