The volume of data to be saved is steadily increasing.
According to a report by Veeam, today's enterprises manage hundreds of terabytes to hundreds of petabytes of data.
Among the most critical issues encountered by users, the first is data growth (45 percent), the second is disaster recovery (29 percent) and the third is high capex (23 percent).
It is thus apparent that the question is not "where to store the data," but rather "how to store data as efficiently and securely as possible."
As data increases, in fact, exposure to ransomware risk and downtime increases in parallel.
Here are some figures:
- Ransomware risk increased by 64 percent in the first half of 2021
- Average ransomware ransom of $570,000 (Purple Sec)
- 71% of companies that fell victims of ransomware lose their data forever
It is therefore critical to activate a disaster recovery plan.
In this article, you will discover the 3 best practices (+1 free bonus guide) to activate your ransomware disaster recovery plan.
#1 Ensure ransomware recovery with the principle of least privilege
The principle of least privilege, or PoLP is a rule that says that each computational module must have access privileges only to the resources necessary for its operation.
By extension, each user must have access only to what they absolutely need to perform their tasks. The more frequently unnecessary access is provided, the worse the consequences will be if the account of one or more users is compromised.
Each chain is only as strong as its weakest link. By analogy, the security of any computer system is directly proportional to the security of system administrators.
That is why the principle of least privilege is the basis for minimizing risk exposure.
One of the most effective protection measures in this context is using endpoints and entry points for all devices within the enterprise. In this way, granular and selective access can be ensured, limiting possible damage.
This practice is a pivotal tool for enabling ransomware recovery and avoiding phishing.
Want to learn more? [Article] What is ransomware? 4 main types and a practical guide to restoring files encrypted by ransomware in 2023
#2 U.S. intelligence advice for enabling your disaster recovery plan
The 321 backup rule is universally recognized as the foundation of secure data management. According to the U.S. intelligence agency CISA, 'all companies should use the 321 backup rule.'
Promoted by Veeam and all major service providers, the 321 backup rule recommends to:
- Keep at least three copies of important data
- On at least two different types of media
- With at least one of these copies stored off-site
Applying this simple rule substantially reduces the likelihood of experiencing catastrophic data loss.
In fact, each copy has an inherent probability of breaking due to wear and tear, accidents, and unanticipated problems. It follows that as the number of copies increases, the probability that all copies will be destroyed or lost drops by an equal amount.
For the same reason, using different media, one of which off-site, negates the correlation between distinct incidents.
In fact, if every copy is stored on the same media without off-site backup, the breakage of one copy will result in complete and irreversible data loss.
Related reading: 6 backup strategy solutions for ransomware data recovery in 2023
#3 Choose an S3 compatible cloud object storage with comprehensive and ongoing maintenance
To complement your security, the best strategy is to rely on a service provider with high expertise in the field.
Whether you use Veeam, QNAP, Synology or Server, an S3-compatible cloud object storage frees you from vendor lock-in.
In fact, you can migrate large amounts of data from your on-premises stack and diversify your disaster recovery plan with a hybrid cloud strategy.
Related reading: What is a hybrid cloud model? Examples and benefits in 2023
To be eligible, the vendor must be able to offer a platform with the following requirements:
- Reliability: the vendor must be trustworthy. In cryptography, there is a saying: "don't roll your own crypto" — that is, don't use a cryptographic protocol in production that has not been previously tested. The same concept is also applicable in broader security: never entrust the security of data and intellectual property to a vendor that has not proven its credibility.
- Security: the vendor must be in charge of the platform's security. To that end, it must do continuous penetration testing across the entire attack surface, constantly checking for vulnerabilities as well as implementing and, when necessary, designing ad hoc patches to protect the enterprise.
- Scalability: whether the enterprise uses on-premises, public cloud, IaaS or SaaS infrastructure and/or relies on containers, it must be enabled to focus on its business without data management getting in the way. Therefore, it is critical that the platform can scale in any environmental condition, integrating data seamlessly, regardless of the solutions the company already uses.
Integration is the primary requirement for a scalable, ransomware-proof disaster recovery plan.
That is why it is essential that the service offered is based on S3 Compatible Cloud Object Storage, the most efficient, scalable and secure framework for data management.
Related reading: How to get rid of ransomware (Instead of paying for it)
#4 Check the ultimate anti-ransomware guide for 2023
Go on the counterattack! We've written a free guide that points out the top 3 mistakes about ransomware that (almost) all companies make (and how to fix them).
If you speak Italian, click here to download the free guide >
Don’t speak Italian? Contact us here >