News
World Backup Day (31/03): thoughts from cybersecurity specialists Apricorn and Osirium
March 2023 by Experts
Before the World Backup Day, two comments from secure encrypted storage expert Apricorn, and Osirium, which specialises in privileged access management (PAM).
Jon Fielding, Managing Director, EMEA, Apricorn
"The fact we have a day dedicated to backup demonstrates its importance and is proof enough that it should be on everyone’s agenda. Backups are not simply about having something in place should your hardware or software prove unreliable; the risks have grown exponentially over the years with threats coming in all shapes and sizes!
"The good news is, according to a survey published by Apricorn in 2022, 99% of IT decision makers stated they have backup strategies in place. The problem lies in the same survey finding almost 60% of those acknowledged they did so via an automated backup to a central repository only. Relying on a single source could be costly in terms of business disruption if a business suffers a cyber-attack or a technical issue, rendering that service or their data unavailable as a single point of failure.
"Organisations need to embrace the ’3-2-1 rule’: have at least three copies of data, on at least two different media, at least one of which is offsite and, ideally, offline and encrypted. With the workforce now spread far and wide, it’s critical that employees are also able to back up locally to hardware encrypted storage devices that can be disconnected from the network. There should be a mandate for employees to do this at least daily.
"Unfortunately, just over a quarter of those surveyed (26%) admitted they were unable to fully restore all data/documents when recovering from a backup. Therefore, it’s essential that businesses regularly test their ability to recover from their archived data sets as part of a secure, regular and reliable backup process that has encryption at its core, to protect from unexpected data loss across all potential sources."
James Nadal, Senior Content Manager, Osirium
"Backups are critical for businesses, particularly given the constant threat of ransomware. In fact, past research from Osirium found that despite 98% of respondents saying they were aware that backups are a target of ransomware attacks, over half (56%) do not keep offline backups and only 35% take extra precautions to protect access to backups and backup management systems.
"Unfortunately, some businesses have become reliant on automated, online backups. This is a huge risk, as in the event of a ransomware attack, the backup system will faithfully take copies of the infected data and render the backups useless. A multi-layered approach to managing these systems is needed by not only keeping offline backups, but protecting access to the backup management system and related backup files, which is critical to prevent infection."
