Ransomware: When Was Your Last Backup Test?

These days, most people are familiar with what Ransomware is. Either your business has been directly affected, you have a friend or colleague who has fallen victim, or you’ve heard about it on the nightly news. Ransomware is a type of malicious software specifically designed to encrypt files and systems, effectively locking you out of your own data.

Once it has taken hold, it demands a ransom payment—often in untraceable digital currency—in exchange for a decryption key or promise of restored access. In many cases, even paying the ransom does not guarantee full data recovery, which is why proactive protection and a solid backup strategy are absolutely critical.

The number of professionals and small businesses being targeted by ransomware is increasing.

According to the FBI, more than $209 million in ransomware payments have been paid in the United States in the first three months of 2016 -- up from just $25 million for all of 2015.

The true cost of lost data

As we all know, information—and the ability to access it quickly—is the foundation of any business. When your data is unavailable, revenue stops, productivity drops, and in regulated industries, you can even face compliance violations.

The only reliable way to protect this information is to implement an effective, well-architected backup solution in your IT environment and make sure you’re ready for any possible threat—from accidental deletions and hardware failures to targeted ransomware attacks and natural disasters.

Why restore readiness matters

In the event of a disaster, your backup solution is only as good as its restoration capability. Being able to restore a single file, a database, or an entire system on short notice is what ultimately determines your recovery time and the impact on your business.

In situations where hardware fails or becomes infected, a little preparation can go a long way. Documented recovery procedures, clearly defined RPOs and RTOs, and knowing exactly where your last good copy of data resides are all critical to minimizing downtime.

The missing step: testing your backups

Many businesses spend significant time and budget evaluating, purchasing, and deploying a backup solution, but often forget one vital step: regularly testing their backup’s restorability as part of their disaster recovery plan.

If there is a problem with a backup that hasn’t been tested, you often won’t know until it’s too late—typically in the middle of an outage, when every minute counts. A lot of ransomware will attempt to encrypt data on a network as well as on attached storage and removable drives, in some cases even targeting mapped backup locations.

Protecting backup copies from threats

To make sure your business stays safe, it’s important to ensure that at least one copy of your backups is protected from direct access by infections and users, and that it is stored safely in your local environment or on other secured media.

Combining secure local backups with off-site copies and regular restore tests dramatically increases your chances of recovering quickly without paying a ransom.

Recommended backup strategy: follow the 3-2-1 rule

At NovaBACKUP, we recommend following the proven 3-2-1 backup strategy. This means maintaining 3 copies of your data, stored on 2 different types of media, with at least 1 copy kept off-site. As part of this approach, you should also verify that all files in your backups are readable and that the backup sets themselves are physically intact. These checks are essential to confirm that your backups can be successfully restored when you need them most.

Establishing a realistic testing cadence

In an ideal scenario, you should test backups after every significant change. If you create a new backup job, test it. If you add a new workstation or server, test it. For larger environments, this level of testing can be time-consuming, and in some cases, impractical after every modification. If that’s the case, establish a regular testing cadence that fits your environment and stick to it.

Using NovaBACKUP to verify backup integrity

Industry best practice is to perform a full restore test at least once per quarter. Within NovaBACKUP, when you configure a new backup job, you can enable verification options to validate the integrity of your backup data automatically. You can also review logs to confirm which items were included in the backup and to identify any warnings, errors, or informational messages. In addition, NovaBACKUP’s Granular Restore functionality makes it easy to validate specific files, folders, and databases within your backup sets.

The risk of untested backups

If you are not routinely testing your applications and data for restorability, you are relying on assumptions, not necessarily reality. You are assuming that you selected everything required for recovery, that it backed up correctly, and that it will restore flawlessly when the pressure is highest—a level of risk most businesses simply cannot afford.

To learn more about these ransomware threats and how you can protect yourself, download our whitepaper on Ransomware Prevention.