Best practices for backups and data protection
One of the most important things to have in case of a ransomware attack is a backup of your data. This can ensure that you are able to restore critical systems and data quickly if needed. Unfortunately, we have seen cases where the ransomware attackers also managed to encrypt the data that was stored on the backup servers, including the offsite backup, since both data locations were easily accessible from the main network and available as SMB shares.
While there are many different backup products and vendors, there are some general best practices that you should follow to protect your backups from ransomware attacks:
- Follow the 3-2-1 rule for backups, meaning that you have three copies of your data across two different mediums, which can be disk and tape or disk and cloud-based backup. Lastly, have one copy of the data offsite.
- Ensure that your backup server is not directly accessible from your main environment; keep it...
