The importance of proper backups

As an organisation, it is necessary to have a good working backup system. Due to increasing cyber incidents, such as ransomware attacks, there is an increasing risk of data loss. Back-ups are therefore necessary to restore the systems quickly.

Depending on the size of the organisation, you can opt for a simple or a complex technical solution. The following points are always important:

  1. The backup plan

Document how the backups are made and maintained. Describe the technical aspects such as storage medium (USB drive; NAS; cloud); how this is organized and who is responsible. The following topics provide some guidance.

  1. The quality of the backup

Make regular backups of critical data and systems. And make sure that the working environment can be quickly restored from the backups. The more frequently backups are made, the less data will be lost if you are forced to restore. Your backups need to be up to date and the recovery tested regularly to ensure they’re working when needed. Practice shows that during incidents, companies were not always able to restore the system.

  1. The 3-2-1 rule (+1)

Is critical data stored in multiple backup locations?

It’s vital to have multiple backups and keep them separated. If one backup copy is compromised at least one other will remain secure. The most common method for creating a robust backup system is to follow the ‘3-2-1’ rule:  at least 3 copies, on 2 different devices and 1 off-site copy.  The off-site copy must be stored in another location as the live system. This strategy is popular because it is scalable with the growth of data and systems.

For increased security and a faster recovery, a second off-site copy is nowadays placed in the cloud in addition to the traditional single off-site copy. It becomes the 3-2-1+1 rule.

  1. Offline backup copy

Ransomware often encrypts not only the original data on the disk, but also the connected network storage drives containing data backups. Incidents show that ransomware also frequently compromises cloud storage locations with backups. Connect these backups only when necessary and keep 1 spare copy off-line at all times. This will prevent an infection from continuing from the system to all the backup copies.

Using cloud storage is safe as long as physical separation from your live environment is guaranteed. Crucially, when your offline backup is not in use, it must also be digitally disconnected. Unlike conventional backup storage, you can’t take your cloud storage offline by simply disconnecting it. Precautions need to be taken to achieve the same level of protection as a physical offline backup such as a portable drive. Access control to the backup copy needs to be carefully considered as well as identity management.

Conclusion

In addition of protecting your systems by firewalls, antivirus and other measures to prevent a hack, you must also be prepared that at a certain moment your defense fails and you are still hacked. It is strongly advised for all companies regardless of size, to set up a Business Continuity Plan where the backup plan is described.

Ewald Coenraad – Cyber Security Professional

/door

Knowing your IT and your OT cybersecurity posture

The DCMR Environmental service conducted a study into the cybersecurity risks and resilience at BRZO/SEVESO companies in South Holland and Zeeland. DCMR stated that more attention is needed for digital resilience at this type of high risk companies.

This study shows that some larger companies in particular have already taken the necessary cyber security measures,  but that in general the companies are insufficiently prepared for cyber incidents. From an OT perspective, this research shows that 40% of the companies have taken limited or no protective measures to protect their industrial control systems and thus their factory. The results can be found on the DCMR website: https://www.dcmr.nl/actueel/nieuws/meer-aandacht-nodig-voor-digitale-weerbaarheid-risicovolle-bedrijven.

CR-TEAM can assist you to measure your cyber resilience posture both IT and OT. So you know your position. Interested? Contact us for more details.

/door

iTanks breakfast presentation – 23 september 2021

On Thursday 23 September 2021 iTanks organizes a Pitch Breakfast at 07.30 am. The program MKB010>>Next inspires, informs and stimulates small and medium sized companies to do digital, sustainable and circular business. During the iTanks Pitch Breakfast MKB010>>Next a number of innovative parties from the iTanks network will pitch.

Especially for iTanks, Ewald Coenraad will give tips and tricks on Cyber Security on Thursday 23 September. The CR-Team – Cyber Resilience Team gives advice to make your company more resilient against cyber crime. Register via iTanks Pitch Ontbijt | MKB010>>Next | iTanks. View the promo video at:

/door