Practice Five: Back Up Your Data, Save Your Organization

Backups

If your organization is harmed by ransomware or another type of cyberattack, you may need to recover the systems and files that are the lifeblood of your operations to get back to normal.

Backing up your system and important files on a regular basis is a cyber readiness practice most individuals and organizations should be familiar with. Yet, as of 2020, while nearly 90% of companies were performing backups sporadically, only 41% were doing it daily.¹ One key to successfully implementing preventive measures is consistent and reliable backups, ideally performed automatically.

Identifying key types of data and their importance for your organizational continuity helps determine both how and how frequently the data should be backed up. There may be data that is critical to practically every organization that might need to be backed up daily to a cloud backup site. For other data that doesn’t change often, weekly or monthly backups to external drives (that are disconnected when finished) might be most effective.

Backups should be frequent, regular and systematic. A best practice is the 3-2-1 backup strategy:

3. Create one primary backup and two copies of the organization’s data.
2. Save backups to two different types of media.
1. Keep at least one backup file off-site and offline. (Off-site helps if the primary site is physically damaged; offline prevents attackers from finding it.)

Individuals and organizations of any size can seek help from the Cybersecurity & Infrastructure Security Agency (CISA), which offers cybersecurity assessments and guidance and evaluations of operational resilience, including backup capabilities and other resources.

“Always back up your data,” said Tim Francis, Travelers’ Enterprise Cyber Lead. “If you experience a cyber event, you’ll need to have a way to access that data. If your systems are brought down, you’ll need to understand what it takes to bring them back up online. What does that whole process look like? Knowing the answer is critical.”

A key step before scheduling backups is to identify the information critical to your operations that is stored on your network. Conduct a regular inventory of the data and files on all devices (e.g., mobile devices, desktop or laptop computers and tablets) connected to your network. Know where that information resides and who has access. Critical data may include documents, emails, videos, addresses, photos and other images, operating system and registry files, and other types of necessary or desired files.

Remember, data storage and data backup are not the same thing. Data storage involves maintaining your data and files in a secure, easily accessible location. Data backup means saving copies of your files and data in a separate physical or virtual location from data storage.

Methods of Backing Up Data

There are many options for backing up data. CISA suggests employing a backup solution that automatically and continuously backs up your business-critical data and system configurations. CISA also recommends using on-site and remote backup methods to protect vulnerable information.² Common methods for data backup include:

Computer backups. Many devices have built-in backup capability. This method will copy data and files on your laptop or desktop and save them to another location within your device.

• Pros: Convenience
• Cons: An additional form of backup is required. If the device becomes corrupted and inoperable, your data will be inaccessible. If the device is stolen, your data may be compromised.

Removable devices. These include portable media such as USB flash drives, CDs, DVDs and Blu-ray Discs.

• Pros: Easy to use
• Cons: Lack of storage space, which might require use of multiple removable devices. Having to use multiple portable media can make restoration more difficult. What might appear as a benefit, the small size of portable media, is also a disadvantage. The small size of portable media makes them easy to lose or be stolen.

External hard drives. Data and files can be transferred from your laptop or desktop to an external hard drive.

• Pros: Easy to use and large storage space (ranging from 500GB to 2TB)
• Cons: Risk of damage, loss or theft

Cloud backups. Your data is stored in a remote cloud location, providing you access to your files through the internet.

• Pros: Eliminates the possibility of data being lost due to your device being lost, damaged or stolen. The Cloud also provides ample storage. Some services provide unlimited storage. Some services can also encrypt your data, adding an extra layer of security.
• Cons: If you lose access to the internet, your files will not be available.

When a cyber incident has occurred, restoration is your main concern, aside from gathering and preserving evidence of the event. Continuously backing up and securing your data makes restoration possible. It helps ensure your organization’s continuity.

Your ability to recover key data is at risk if you don’t routinely back it up. How well your organization has practiced regular backups will determine how quickly and efficiently you can get back to business.

¹ Acronis survey, March 2020
² https://www.cisa.gov/sites/default/files/publications/Cyber%20Essentials%20Toolkit%205%2020201015_508.pdf