When the unthinkable happens, it’s imperative that you have your critical systems and data backed up and ready for restoration. But if you aren’t taking the necessary measures to keep your disaster recovery process secure, you’ve only done half your job. Here are a few things every disaster recovery plan needs to take into account for privacy and security.
When it comes to disaster recovery, most businesses only cover the basics. They’ve got backups and redundant systems in place, they have multiple plans for business continuity, and plans and processes to cover a wide range of potential crisis scenarios. But for all that planning and effort, there’s one fundamental missing piece: Security.
For your disaster recovery and business continuity plans to be complete, and for them to actually protect your business, they must be devised with both privacy and data security in mind. Criminals, especially those who traffic in ransomware, know the value of a backup system or server. And if you haven’t properly secured yours, it’s just one more target for them to exploit.
Here’s how to prevent that from happening.
Maintain a Separate Plan for Responding To Security Incidents
With a cyber attack, you aren’t just dealing with hardware failure or inclement weather. You’re actively clashing with a bad actor who wants to harm your organization. A standard disaster recovery plan, which is primarily focused on business continuity, is not enough in this situation. You need a specialized plan that is concerned with protecting assets – an incident response process that can stop the attack, learn how it happened, promote recovery, and then prevent it from happening again.
“Security incident response often requires detailed root cause analysis, evidence collection, preservation, and a coordinated, and often stealthy, response,” Inigo Merino, CEO of Cienaga Systems, explained in an interview with CSO Online. “These operations need to be handled very delicately. On the other hand, business continuity plans are, by nature, very public events, requiring all hands on deck, large scale communications with the objective of rapid, tactical business resumption.”
Promote Data Hygiene Across the Organization
Particularly with regulations like the GDPR, ensuring data integrity and hygiene is more important than ever. Ensure that you have in place some way of protecting your backups against data loss, both intentional and accidental, and that you have a clear idea of exactly where every backup is located.
By being able to locate the backups of any given file at a moment’s notice, not only will you be more secure, you’ll also be ready to comply with upcoming privacy regulations in your own country – and trust me when I say they are coming. It’s only a matter of time before other nations follow the EU’s lead.
Maintain Multiple Backups – and Encrypt Everything
Your backup servers and the backup process should be treated as critical assets. Ensure that all traffic between your systems and their backups is fully-encrypted, and that your backups are both encrypted and air-gapped.
For particularly important files and systems, you should also maintain multiple versions on your backup server. That way, even if one version is corrupted or tampered with, you can still restore from a different one. In other words, redundancy is the name of the game here – your backups should have backups.
As we’ve already mentioned, criminals are quite cognizant of the value of backup systems and servers. It’s why they’ve developed new variants of ransomware designed to neutralize them. Maintaining multiple copies of a file across multiple backup servers is a good way to protect against such tactics.
Secure Disaster Recovery
Business continuity and disaster recovery are extremely important no matter what industry you’re in. But you need to be certain that when you’re devising plans for both, you’re doing so with an eye for cybersecurity. Otherwise, you’ll be woefully unprepared when your business is disrupted by a cyber attack.
And that’s exactly what attackers are counting on.