Backing up your business

Backing up your business
(Image credit: Shutterstock / carlos castilla)

Information is currency in the digital era, and with many companies around the world being forced to change their business practices because of Covid-19, this currency has become even more attractive to cyber criminals, underlining the need to backup with a disaster recovery plan. 

About the author

Luis Corrons is Security Evangelist at Avast.

However, the rush to mobilize a remote workforce means that robust security measures and business continuity practices may have fallen by the wayside. Historic examples as well as our own research demonstrate the potential cost of not backing up, however there are some simple and effective steps business leaders and IT service management can take to keep their data, and their business, secure.

Why back up your data?

Data backup can insulate businesses from the actions of malevolent actors using malware to try and steal, destroy or ransom information that is critical to business operations. Ransomware and other malware, such as wipers, can either encrypt or completely destroy files, and there is no guarantee that files can be decrypted if a ransom is paid. 

In fact, between February 15 and March 15, 2020, Avast protected 2,841 British users from 34,487 attempted ransomware attacks. The WannaCry attack is an infamous case demonstrating why backing up data is so important. The ransomware crippled countless businesses and organisations across the globe, with the NHS one of those most severely affected. 

While many were able to quickly implement disaster recovery plans thanks to strategic backups of their organisation’s data, others were less fortunate. Some organisations suffered significant downtime as a result of the attack. This attack highlighted how backing up data can be the difference between a short-term operational issue and long-term widespread damage. 

Now more than ever, people and businesses need to understand the importance of backing up information to ensure sensitive business information is properly secure.

Attitudes toward backup

We recently conducted research that found that over a third of us (42%) in the UK do not back up our data. Failing to back up can happen for a number of reasons. Data loss can be caused by human error such as users accidentally deleting the data themselves, or from loss of hardware. In addition, system errors that cause devices to crash can mean data is lost forever. 

The absence of data backup is not just a problem isolated to desktop. Research shows that only 66% of iPhone users and 69% of Android users back up their data. Mobile technology has rapidly evolved and now the devices we keep in our pockets hold as much personal information as a personal computer. 

The mobility of phones also means that the likelihood of losing a device is much greater compared with a computer, so businesses should be even more vigilant when it comes to backing up information.

What can businesses do?

Businesses must incorporate backup into their IT and cybersecurity policies to ensure that employees are exhibiting best practice when handling business data. It’s never been more important for these policies to be implemented as many workers shift to remote working. 

IT decision makers and business leaders should use this new normal to refresh their approach to IT practices as a whole, including backing up data. There are a range of different potential backup solutions from cloud storage to external hard drives, network device storage to USBs or flash drives. How many backups you have is just as important as where you back up. 

Saving information to two locations, in the cloud and on a physical external hard drive, can help to keep information more secure. When using an external hard drive, it is important to disconnect and store them somewhere safe after the backing up process to keep the information protected from malware like ransomware, which can spread from computers to attached devices. 

Lastly, one of the most important working best practices is to enable any automatic backup option offered by most cloud storage services. This ensures that data is automatically backed up and secured removing any temptation to hit the ‘Remind me later’ button.

Conclusion

With employees working from home for the foreseeable future, hackers now see an opportunity to more easily access sensitive information and encrypt or erase critical data. Changing working practices could also mean more unforced errors, such as accidental deletion, as workers settle into the new normal. 

Business leaders, particularly those running small enterprises which rely on business continuity to survive, need to know how to protect their sensitive data with robust security practices, including backing up. This must be incorporated into remote working strategies from the beginning. 

It should also cover education, ensuring your employees understand the potential cost of losing information. Ultimately, whether it’s treasured photos and videos or sensitive business and customer information, backing up can be the backup plan to protect against human error or intentional malicious action. In the current period of disruption, this practice is more important than ever.

Luis Corrons

Luis Corrons is Security Evangelist at Avast.

He has been working in the security industry for more than 20 years, specifically in the anti-virus field. He is the Security Evangelist for Avast Software. Previously he was the Technical Director at PandaLabs, the malware research lab at Panda Security. Luis is a WildList reporter, member of the Board of Directors of AMTSO (the Anti-Malware Testing Standards Organization) and a member of the Board of Directors of MUTE (Malicious URLs Tracking and Exchange). He is also a top rated industry speaker at events like Virus Bulletin, HackInTheBox, APWG, Security BSides, etc.