There are two types of businesses: those that have a robust backup system in place, and those that will learn the hard way that they need a strong backup system. World Backup Day on March 31 is a reminder for Australian businesses of all sizes to be on their guard to the heightened risk of cyber attacks – not just from Russia, but also state-sponsored attackers from other parts of the world, writes Michael McKinnon, CIO of Tesserent.
Criminals from around the globe are seeking to exploit the current chaos, so it is critical that Australian businesses take steps now to ensure their backups are air-gapped and, ideally, penetration tested.
Small to medium sized businesses are particularly vulnerable. A cyberattack and the loss of critical data can be crippling and lead to losses that can compromise business viability.
Cyber threats on the rise for small businesses
A recent Cisco study found that 65 per cent of Australian SMBs suffered a cyber incident in the past year, with two out of three small businesses reporting cyber incidents cost their business $645K or more.
Malware was the most prevalent cyber threat experienced, affecting 88 per cent of Australian businesses, followed by phishing (affecting 70 per cent) and denial of service (affecting 64 per cent).
A robust backup regime that involves testing recovery procedures is crucial for protecting an organisation’s most critical, and often irreplaceable, assets – its data.
Particularly where a ransom is being sought, criminals are now targeting backups before going after core data, in order to make recovery harder. This makes it doubly important to ensure backups are well protected.
Why data backups are important
Backups are like the anti-locking brakes and airbags of the IT world. They ensure your data remains safe, no matter what happens.
This World Backup Day, encourage all your team to review and enhance their backup strategy and processes.
A great foundation for a backup strategy is the 3-2-1-0 model.
The 3-2-1-0 model:
3: Ensure you have at least three copies of your most critical data – this can include the working copy of your data, and two separate backups.
2: You should have the data stored in at least two different systems. This ensures that if one system fails or is compromised, you still have a viable copy of your data. This is where an air-gap is critical. Those two locations need to be separate so that if a threat actor accesses one, they can’t ‘jump’ to the other.
1: One of those copies should be off-site. While we don’t often think about it, if a fire, flood or some other incident compromises access to the office, you still need to access your backups.
0: There’s little value in following all those steps if you can’t rely on the integrity of those backups. Testing your backup and restoration processes regularly ensures there are zero errors in your backup and recovery processes.
The Australian Cyber Security Centre also provides guidance for individuals to help you and your staff backup data on your personal devices. It has developed three step-by-step guides to help you learn how to backup the data on personal computers, phones or tablets to the cloud, or external hard drives.
These include:
- Backing up to external storage or the cloud for Microsoft Windows
- Backing up to the cloud for Apple iOS
- Backing up to external storage or the cloud for Apple macOS
Ensuring your backups are protected, reliable and tested is one of the most effective measures you can have to prevent loss of critical data. By following the 3-2-1-0 regime and ensuring your backups are air-gapped from other systems, you can protect your business against significant loss.
Want more? Get our newsletter delivered straight to your inbox! Follow Kochie’s Business Builders on Facebook, Twitter, Instagram, and LinkedIn.
Now read this:
Has cybersecurity got you bamboozled? Here is what small business owners need to know
Trending
Weekly business news and insights, delivered to your inbox.