Data Backup & Recovery Plans Can Protect Your Organization from the Consequences of Ransomware Attacks

Ransomware is one of the most prevalent forms of malicious cyber-attacks facing businesses today. “The advent of new tools that wrap victims’ data with tough encryption technology, hard-to-trace digital currency like Bitcoin, and even online sites that offer to do the data ransoming in return for a piece of the action, have made this method of cybertheft much easier,” reported the NY Times. AAFCPAs advises clients to develop a Data Recovery Plan, including regular data backup, which may allow you to restore your data without paying a ransom, and without affecting business continuity.

To create an effective data backup and recovery plan, AAFCPAs’ Business & IT Advisory practice offers the following key considerations:

• How much, and how often should we backup? The frequency and breadth of your data backup must be determined by your business needs. This should include incremental daily, along with full monthly backups.
• Where should the backup reside? Your backup can be stored locally, but another copy should be stored at least 50 miles away from the location the live system(s)/original backup resides. Cloud-based backup systems are a great solution, but providers must be properly vetted. AAFCPAs advises clients to ensure the Cloud provider has its own disaster/recovery plan which guarantees your backup would be available in the event the provider also has a disaster. In either case, backups need to be encrypted so only appropriate persons can decrypt and use them.
• How long should we retain our backups? Unfortunately, in some instances, ransomware (and viruses) make it into backups. We recommend redundant data file backups, usually more than three months, which will allow your organization to restore from a clean backup point. This is especially important for mission-critical data.
• How do we know if we are restoring safe files? Make sure you have someone knowledgeable assess the restored system, including applications, to ensure the restoration is fully functional and data is not corrupted. Additionally, AAFCPAs recommends that clients test their backups periodically to ensure the data is usable. For example, the finance department may spot check the backup by running a compare against the live financial system to ensure data accuracy. These quality control tests are best performed by users transacting with the backup data.

AAFCPAs also encourages clients to consider moving into a virtual machine (VM) environment, as VMs are easy to re-generate. System administrators can take an image of the system once in a business desired state, which along with application specific backups can substantially decrease system restoration time, and minimize disruption.

In honor of October being Cyber-Security Awareness Month, AAFCPAs would like to take this moment to remind our clients again of the critical importance of taking measures to protect against malicious cyber-attacks. AAFCPAs advises clients to take a disciplined approach to cyber-security in order to better guard against, and minimize your organization’s risk of becoming a victim. Data Backup & Recovery Plans are one tool that can help protect your organization from the consequences of ransomware attacks.

To schedule a cyber-security assessment, or for specific advice on how to best protect your organization against cyber-attacks, please contact James Jumes at 774.512.4062, jjumes@nullaafcpa.com, Vassilis Kontoglis at 774.512.4069, vkontoglis@nullaafcpa.com or your AAFCPAs partner.

Related Post: AAFCPAs encourages clients to learn how Installing Patches Immediately Helps Protect Your Organization from Cyber Vulnerabilities.