If disaster is just a step away, make sure your recovery is too.
If you lost your personal or business critical information how would you cope? Could you recover and how much disruption would you face?
Hard disks fail, viruses can wipe out data, your laptop or smartphone may be stolen or a natural disaster may see your home or place of business destroyed.
It pays to be prepared with one or several copies of important information kept securely away from your home or business.
A member of staff at a small business opens a phishing email designed to look like a genuine invoice and clicks on the email attachment. The file is malicious and triggers a ransomware infection which rapidly encrypts all the data on the PC and spreads to the company’s networked storage drive (NAS).
They have no cloud backup system and discover that 5 years worth of business records stored on the computer’s ‘C’ drive and the copies on the central server are scrambled and can’t be accessed. Instructions displayed on the computer demand a Bitcoin ransom be paid before the data held hostage will be decrypted.
The company find themselves in the difficult position of losing all their data – and the impact that will have on the business being able to continue – or having to pay the ransom demand in the hope they can trust the cybercriminals to restore their essential files.
- Plan for the worst case scenario – no matter how unlikely that may seem (consider the Christchurch earthquakes)
- Backup all your data regularly and keep multiple copies made over a period of time. Incremental backups can be completed quickly once you’ve made a full initial backup.
- Encrypt or password protect your backups to ensure privacy
- Store your backups ‘offsite’ or in different locations to spread the risk
- Restore some data occasionally to check your processes and ensure your backups will work
- Being prepared doesn’t need to be costly – there are many free online services you can use to keep backups ‘in the cloud’ but again consider what would happen if the service was hacked or went out of business. We have more guidance on choosing and using a cloud backups provider.
You can keep copies of your precious files on various type of media – USB sticks, rewritable CDs or DVDs or external hard drives.
Data held on mobile devices can be protected by encryption, copied manually or synced to automatically send copies to the manufacturer’s cloud backup system such as Apple’s iCloud.
WHAT’S THE RISK?
TIP: You need to decide your own comfort level around online risks:
- a threat is a bad thing that could happen
- risk is the likelihood the threat will happen
- what impact would loss of data or devices have on you or your business?
In the case study above, the business has two copies of their data, one on the computer hard disc and another on a central server but there’s no offsite separation.
The risk of ransomware striking your business or personal files may seem small but are you happy to accept that risk? To mitigate the threat, weigh up how much it would cost to find another solution versus the inconvenience and stress caused if something went wrong.
For the average home user, simply disconnecting an external hard drive from their computer might be all it takes to make them feel secure. A business creating and storing essential information daily might value their assets differently and want to invest more in another layer of security.
Set a backup policy that works for you in the real world and reflects how important your data is and the risks you’re prepared to accept.
Decide what needs to gets backed up, how often the backup process should take place and how exactly does the copy get made? Are you OK with manually copying today’s work onto a USB stick or would an hourly timed and automated cloud backup be better?
List your important assets – usually the information that’s essential to carry on with a task or process – and take steps to protect it. Examples could include the photos or contacts on your smartphone if you left it in a bar or taxi or the single spreadsheet with all your customer names and emails that could be lost to a hard drive failure.
Once you work out your backup routine, stick to it so that you or your business can recover from any situation.
TIP: Follow the 3-2-1 rule of backups:
- Keep 3 copies of your data
- Store these copies on 2 different media types (e.g: a USB and a DVD)
- Store 1 copy offsite (a cloud service provider overseas or your home)
Article sourced from NetSafe, an independent non-profit organisation with a sole purpose to promote confident, safe and responsible use of online technologies.