2021. What an interesting year. With the world turned upside down by a pandemic that seemingly had its sights set on...
Why Backups and Encryption Go Hand in Hand
Data sits front and centre of any business. And it’s being generated in ever greater volumes. This year, 120 zettabytes will be created, captured, copied, and consumed worldwide. That presents an attractive target for would-be data thieves and digital extortionists. And an increasingly robust if fragmented global regulatory regime means potentially severe penalties for organizations which don’t put the “appropriate technical and organisational measures” in place to keep it safe.
World Backup Day on Friday, the 31st of March 2023, should therefore have provided a perfect reminder for IT security teams to mitigate threats to corporate data in line with industry guidance. But backups alone are not enough. Both backed-up data and, indeed, data located across the enterprise must also be protected to minimize security and compliance risks.
The case for backing up has been fortified over recent years by the explosion in ransomware attacks. One recent study recorded 493 million detections in 2022, marking it down as the second-highest year on record after 2021. Year-on-year volumes surged particularly high in Europe (70%) and the UK (112%). If a ransomware payload is successfully deployed on a victim’s network and data is scrambled as a result, organizations may have to rely on their backups to restore operations in a timely manner.
There are also worrying signs of an increase in destructive attacks where the threat group steals a victim’s data and destroys the original copy, increasing the pressure on them to pay. One vendor recorded a 53% increase in this activity from Q3 to Q4 2022. Once again, regular backing up can mitigate the threats.
The case for backups is made even stronger by that other major source of cyber risk: employees. One study claims 85% of breaches are down to human error. This can lead to phishing attacks with ransomware payloads or other data-stealing malware. According to the same study, one in four employees (25%) claim to have clicked on a phishing email at work. In a similar way, many accidental data deletion incidents are down to mistakes made by staff.
Best practice backups
In this context, regularly backing up business-critical corporate data is a cyber-hygiene best practice advocated by many organizations, including US, UK and EU security agencies. Here’s a quick checklist for organizations:
Understand your data and requirements: Classify data according to its criticality and the potential impact of losing it. Decide how to backup and how frequently.
Test backups: Regularly run tests to ensure backups perform as anticipated. If data can’t be restored in a usable format, then it’s a waste of time and money.
Follow the 3-2-1 rule: The best backup practice is for three copies to be made, stored on two different types of storage media and with one copy of the data sent off-site (i.e. to the cloud).
Continuously monitor backups: Set up alerts to notify if backups are malfunctioning.
Protect your backed-up data: If hackers manage to access a backup vault, it could represent a major security risk. Mitigate this with strong data-centric security such as tokenization or encryption.
In fact, strong data protection shouldn’t just be applied to backups. Most ransomware actors now look to steal data before scrambling or deleting the original version. Backups can mitigate the latter risk, but what about the already stolen data? It could be leaked or sold on the cybercrime underground, exposing the organization and its customers to additional cyber risk.
By applying encryption or tokenization to this data ahead of time, IT and business leaders can sleep easy that the threat actors will not be able to use it. And they get the added bonus of streamlined compliance with regulations such as PCI DSS and the GDPR. This makes data-centric security and backups a formidable double-act for first and last-line cyber-defence.
Want to learn more about data protection methods?
Click the button below to download our free eBook (without filling out any forms!) and get more in-depth information about the advantages and disadvantages of leading data protection methods like tokenization, encryption, hashing, masking, and more.