Without a disaster recovery plan, organizations face permanent damage and unrecoverable revenue from data loss. A disaster recovery plan lays out everything that must be done after a successful data breach, infrastructure failure, or a crash in production software. A critical component in disaster recovery is backups, and cloud backups are the most secure, reliable, and scalable for any business.
Backups and the 3-2-1 Rule
Most organizations have some kind of backup procedure, but the way you store backups has a critical effect on their reliability. Advanced attacks such as ransomware scan the network for backups to encrypt or damage them. By destroying backups, attackers have a greater chance of extorting money out of a targeted business. The 3-2-1 rule helps define better backup plans to lower risk of unrecoverable data.
The 3-2-1 rule states:
- 3 copies – you should have three copies of all backup files.
- 2 mediums – you should use at least two mediums to store backups (e.g. tape and cloud storage).
- 1 offsite backup – at least one backup should be stored offsite.
Cloud Storage and Disaster Recovery
Before putting a backup plan into production, you need a plan. The backup plan defines the data that must be backed up, where it will be stored, any software used to perform the backup procedures, the frequency of backups, and when backups should be created. Backup plans can be an exhaustive list of rules for large organizations that have several applications and storage directories.
Cybersecurity is also an issue for backup files, and the backup plan can define who has access to these files. Malware on your network is a threat to backups, and some malware applications actively scan for backup files using common extensions. Storing backups on a network-attached device leaves you open to these malicious applications.
A good example of malicious software that scans for backup files is ransomware. Ransomware scans local and network storage to find important files. The file types that ransomware encrypts depends on the developer, but many of these malicious applications search for backup files. By encrypting and holding backup files hostage, it forces the targeted organization to pay the ransom instead of simply recovering data from backups. This example is one reason why backup files and their storage location are critical to a good disaster recovery plan.
Most ransomware leverages a vulnerability in a Windows protocol named Server Message Block (SMB). SMB makes it easy for Windows computers on the same network to share files. Versions one and two are vulnerable to malware named EternalBlue, which is incorporated into most ransomware. If you store backups on a network with earlier versions of SMB enabled, you risk having your backup files corrupted during an attack.
Cloud storage is immune to these malicious scans. SMB is not used to connect to cloud storage, and a connection requires authentication on the cloud network. By having cloud storage as part of your backup plan, you ensure that ransomware and other malware that makes it onto your network will not affect your disaster recovery should you need to restore data.
Rules to Cloud Backups
Once you decide that you’ll be using cloud storage, you need to deploy the solution using a few common rules to ensure that you can recover quickly. A good disaster recovery plan lays out steps to recovery in the quickest, most effective way that does not reduce productivity. If productivity is down, the disaster recovery plan should have the steps necessary to get production running as quickly as possible.
The first rule is to send backups to the cloud during slow business activity. For large data transfers, the traffic can eat bandwidth and slow down normal daily productivity. For most organizations, cloud backups are performed after business hours at night. It can take several hours for backups to complete, but you will not affect employee productivity.
The next rule is to always test backups occasionally and keep an archive of at least 30 days of past backups. If you keep only one copy of your backups and need to use cloud storage for recovery, corrupted files will ruin your efforts. By having 30 days of copies, you can at least recover from an older file if the most current is corrupted. Testing backups occasionally will ensure that you don’t continually keep damaged backup files.
Finally, always keep cybersecurity strict on backup files. Very few users should have access to these files. Should an attacker phish network credentials from users, backup files could be exfiltrated in a serious data breach. Encrypting backup files is also beneficial in these cybersecurity incident scenarios. The only users who should have access to these files are people who would be recovering data or creating backups.
Cloud Backups are Always Available
Cloud backups can be used anywhere you have an internet connection, so they are a fast way to create a production environment if the organization moves. Bottlenecks on file transfers are normally due to bandwidth restrictions on your internal network, but recovering data during peak business hours might slow down backup transfers from the cloud host to your local servers.
Regardless of the size of your business, you should always have a backup plan. Cloud storage and backups are a convenient way to ensure that you have enough space for your backup files and that your files are readily available when you need them. They are also secure from malware attacks that scan your network, so you have cybersecurity built in.
