As we should all know by now, the 3-2-1 Backup Method is vital for any modern business’ backup strategy. The “1” in this method refers to having at least one copy of your data backed up offsite. For most backup experts these days, offsite is synonymous with the cloud, but does this mean the data is safe in the cloud?
Ransomware is becoming a larger problem every single year, with current estimates suggesting a new target is hit every 14 seconds. With more companies moving to the cloud during the pandemic and ransomware increasing even faster, it is imperative that companies look to further their data protection, especially in the cloud.
The cloud is an excellent way to backup your data. It is affordable, scalable, always available and is essential for ensuring data is secure, no matter what happens. However, this doesn’t mean it is necessarily protected from ransomware.
Ransomware works by encrypting the target’s files and holding them hostage, not supplying a restoration key until a ransom is paid, usually via bitcoin. Cloud providers can usually invest in heavier protection from these kinds of attacks themselves, making them generally a lot more secure than individual machines or networks.
This doesn’t make them infallible. In some situations a single backup in a cloud repository may not be enough to ensure security. Data can be prone to insider attacks. For example, if a hacker gains access to a tenant’s backup console and deletes all backups, including those held off-site then there is nothing left to protect you from the ransomware attack. Similarly, the data could just be deleted by accident or even maliciously from someone inside an organisation, such was the plan to hit Tesla a short time ago.
To protect companies from this, Veeam has Insider Protection. With this function enabled, files are not immediately deleted and can be held for several days on the back end. For the tenant the files will appear to be deleted but can in fact be recovered from a “recycle bin” acting as another line of security.
Outside of Veeam, it is also worth looking into replicating backups across multiple cloud repositories, diversifying locations of data also increases security, with many moving to a 3-2-1-1 backup strategy, with the off-site backup also being “backed up” with a replica being created through cloud-to-cloud backup.
For more information on Veeam, insider protection or cloud-to-cloud backup please get in touch.