Jun 09, 2015
Posted by Robert Creech in: May Contain Nuts
Having written about the dangers of attachments and spoof emails on several occasions (most recently here), my attention was drawn to an article on the BBC technology pages today regarding the ‘business model’ behind Ransomware malware products. The full BBC article is available here.
I was interested to read how, contrary to anecdotal evidence published elsewhere, the likelihood of getting your data back is now quite high. The article does still conclude with the recommendation; “don’t pay money to these clowns unless you absolutely have to.” The advice, echoing sentiments I have expressed before, is that everyone should, “take backups, ensure software is up-to-date, be suspicious of message attachments and run comprehensive security software.”
In the last two weeks we have seen our first instance of a client caught out by a ransomware infection which encrypted data held on their server. Removing the infected PC and restoring from the backup was enough to get everything back to normal for them. We were operating from the comparative luxury of a backup system which we maintain and monitor assuring us of the integrity and availability of the data.
This leads me on to backups. If you currently manage your own backup systems please do take the time to check, test and validate the system in place. You should feel confident that you have all the relevant data included and that you are familiar with the restore process should you need it.
This is often one of the areas I discuss when meeting a new client or evaluating a new network. I once took over a network where the director was meticulous when it came to switching tapes around each night. A quick check of the system (purportedly monitored by their previous IT company) revealed that the backup process had run once, manually, on the day of installation and had not run since over a period spanning years. On another network we identified a scheduled backup which was running each night but which, once we took over management and ran our regular test restores, allowed us to demonstrate how none of the tapes could be read from despite the backup job reporting that each had been written to.
Validating each backup process is as important as running it and, as a simple rule, I maintain that you can’t have too many backups but you can have too few! The most appropriate backup strategy in terms of medium, cost and frequency will vary across different organisations though simply putting your data in the cloud is not necessarily a reason to stop backing up. If you want to talk through your current backup strategy and investigate whether it is best suited to your needs please call us.
Part of the “May contain nuts” series of short articles discussing familiar topics which we should all revisit once in a while.