IT Security Tip #26: Review your backups especially the data selections and retention history

IT Security Tip #26: Review your backups especially the data selections and retention history

Quick Tip: Review your backup data selections and retention period to protect yourself from ransomware (even at home)!

Why?  The creators of the ransomware threats are taking things to new levels. Not only are they encrypting your data but if you enter an incorrect decryption multiple times, the ransomware starts deleting your data. To make it even worse, the options are: Pay us or help spread the malware and infect others. In the latter case in order to decrypt your data, you must pass along and ultimately infect others using a the phishing email to infect others.

Much of the ransomware works by encrypting your files to prevent you from using or accessing them. In particular, the focus is on files in Documents, Pictures, Music and Desktop directories. However, no folder is immune. If you have access to the data, then it is at risk.

Obviously, the best way to foil a ransomware attack is to be incredibly diligent about IT security; but with hundreds of thousands of new attacks being created daily, there are no guarantees that you won’t get infected. Therefore, it’s critical to maintain a full, daily backup of your data so that if you do get whacked with ransomware, you can recover all your files without having to pay a dime. Don’t forget to back up offsite PCs, laptops, remote offices and third-party software data stored in cloud apps as well!

Notice the words "full" and "daily". Many assume that everything is being backed up; however, you should review exactly what data is being backed up and ensure everything you need is included. Unfortunately, we seen two cases in recent weeks where most but not all data was being backed up.

In addition to what is being backed up, review how long the backup data is maintained. In one case, the infection was not noticed for several days and the backup retention period was too short. So, even though they had backups running daily, there was insufficient history to restore their data to a time prior to the infection date.

In short, review your backups and take the time to understand exactly what is being backed up and how long the backup data history is retained.