Protecting small firms from computer disasters
Cart 0
Cart 0

Protect Your Backups against Ransomware

backup protection ransomware

The best way to protect your backups against ransomware is to isolate them from your computers and network. To "airgap" a backup, you eliminate any direct, electronic path to your backup media.

Unfortunately, today's typical backup systems store backups on an external hard drive or a network drive that is directly connected to your computer or network.

All too many firms have discovered to their dismay that ransomware encrypted not only all their client files, but also all their backups. It is not enough to rely on antivirus software to protect you against constantly evolving ransomware variants.

Here we explain three different ways to protect your irreplaceable backup files and cover the advantages and drawbacks of each one.

Rotating External Hard Drives

A common approach to airgapping backups is to rotate external hard drives on a daily basis. Here is the routine:

  1. Disconnect Drive 1 from the server.
  2. Remove Drive 2 from your purse or brief case and connect it.
  3. Go home with Drive 1 and put it on your hat shelf.
  4. Take Drive 3 off the hat shelf and put it in your briefcase or purse.
  5. The next day at the office, disconnect Drive 2, connect Drive 3, and continue.

Rotating external hard drives has the great advantage of protecting your precious files from all manner of threats: ransomware, viruses, fire, storms, floods, theft, you name it.

Unfortunately, external drive rotation has a number of drawbacks:

  • Drives may suffer from the daily wear and tear from being connected, disconnected and transported.
  • The routine becomes tiresome quickly. Daily rotations may become weekly. Some rotations may be skipped.
  • "Slow" ransomware can creep into your files slowly, resulting in backups that contain ever-increasing numbers of encrypted files.

Dedicated Backup Device

Dedicated backup devices are typically offered by local computer support companies or managed service providers. Such devices are sold by Datto, Unitrends, Barracuda and Solarwinds. These devices include full services and can offer capabilities well beyond other solutions. They may cost $200 per month and up.

Network Attached Storage Unit

Another backup device option is a Network Attached Storage (NAS) unit. A NAS can be set up so that even the most sophisticated ransomware cannot access backup files stored in it. Though it is not technically airgapped, the network connection to the NAS can achieve the same result.

Care must be taken that the network backup share on the NAS in not accessible by user accounts, including the highest level administrator account. A separate user account with a strong passphrase known to the office administrator needs to be created on the NAS to ensure safety.

An advantage of a NAS backup system is simplicity. NAS units can run seemingly forever without much attention. A downside is vulnerability to local disasters. That downside can be countered by synchronizing backups on the NAS across the internet to a cloud account or to an identical NAS in another location.

Cloud Backups

Cloud backups offer the surest method to recover your files after a ransomware attack.

Use a true, high-quality backup service, not a synchronization service. Frequent incremental backups can be retained for a period of months. That allows you to recover your files even if slow ransomware goes undetected for weeks.

Cloud backups are not literally airgapped since there is a connection between the backup software and the cloud data center; however, when designed properly, backups in the cloud cannot be affected by ransomware.

Drawbacks of cloud backups include:

  • Slower restore times, dependent on the speed of your internet connection.
  • Many lack the option for drive image backups that support recovery of an entire server or computer.
  • Total cost may exceed that of a typical, local backup system.

On the other hand, cloud backup services may provide:

  • Optional local backups to speed up recoveries.
  • A temporary clone of your server or computer in the cloud.
  • Remote access from anywhere to files backed up to the cloud.

Multiple Backup Systems

It is best not to bet your entire practice on a single backup system. No single system is best against all threats. And what if your single system fails? Use at least two independent backup systems for much greater security. Your law firm is at stake!

Wells H. Anderson, JD, CEO, SecureMyFirm, Protecting small firms with computer safeguards
First published in ABA GPSolo eReport, www.americanbar.org

Older Post Newer Post

Leave a comment

Please note, comments must be approved before they are published