How to Defend Your Backups from Ransomware Encryption?

The first step in safeguarding one's backups is to ensure that the data is kept on a platform that cannot be manipulated. One should look for backup providers who provide object-based storage.

Fremont, CA: Ransomware is still one of the most common types of security issues. In 2020, ransomware assaults accounted for more than a quarter (27 percent) of all malware instances.

This is because the great majority of criminal data breaches are motivated by money rather than geopolitical or national security goals. And there is simply no better or faster way to monetize a malware assault than to encrypt or delete victims' files and then demand payment.

Let's look at some strategies to make sure backups are secure.

Make Sure Data Integrity

The first step in safeguarding one's backups is to ensure that the data is kept on a platform that cannot be manipulated. One should look for backup providers who provide object-based storage. This sort or storage prevents ransomware from modifying backup data. One can add and delete objects, but one can't edit the data that's already in an object. That implies that even if ransomware gets into one's backup system, it won't be able to encrypt one's data.

The Zero Trust Model

Using an off-site, object-based backup provider to back up one's data is an excellent first step. However, this is insufficient if ransomware can access one's backups using compromised credentials. Fortunately, mitigating this risk is simple. One can s et up a separate account for one's backup environment and use multi-factor authentication to increase security (MFA).

ImplemeningMulti-Level Resiliency

Choosing a backup solution that incorporates deletion protection might provide an additional layer of safety. Platforms with excess deletion prevention or soft delete features can ensure that even if ransomware tries to wipe backup data, there is a backup copy available for recovery.Many suppliers also provide write-once, read-many (WORM) or unmodifiable backups that cannot be changed or deleted – even by authorized people.