As COVID-19 continues to spread, millions of people around the world are forced to work remotely. Yet, simultaneously there is increasing evidence to show that malicious threat actors are using concerns of the virus to prey on those same individuals. Given this, it is more important than ever that organisations implement the necessary technology to backup their data in the event of downtime or should an employee fall victim to a ransomware attack.
While ensuring remote workers are fully backed up is more critical today than prior to the prevalence of the virus, the good news is that the process to back up enterprise data isn’t much different than it was during normal business operations. It all comes down to risk mitigation.
In today’s climate, work machines are being used as personal machines and personal machines as work machines, further blurring the lines of security and increasing the chance of a worker falling victim to a phishing scam. As millions of people work from home, these assets are much more likely to fall victim to a power surge and other disasters not normally present in an office. If sensitive data isn’t backed up, it can be lost for good. Typically, home offices don’t have onsite IT staff, which means if an individual suffers from a phishing scam, ransomware attack, or loses power, and consequently loses data, while remote, the total recovery time increases significantly.
Keeping all this in mind, here are the top points businesses should consider in order to protect employees while ensuring the security and future of their organisation.
Consider key backup technologies
At the corporate IT level, all backup strategies should remain in place. This means that network adjacent backups should be up and running, requiring organisations to take a proactive approach to periodically check all devices to ensure that they are working properly. Additionally, now that almost all teams are working remotely, there are three specific types of backups employers should consider.
File level and endpoint backups: The first type of backup, and most secure, involves organisations ranking their critical functions, this includes full backups for remote workers. Enterprise-level File Sync and Share technologies support the backup of local files in a designated folder. These types of backups may also include remote disk level protection enabling quick restoration to a new machine if needed. This makes these backup technologies the most frequently used and the most secure choice.
SaaS provided backups: Second, there are many SaaS offerings that include backups of data in the form of versioning, including Google Apps and Office 365. These tools rely on the user to stay within the provided IT environment and are undermined heavily by shadow IT.
Local backups: Local backups are the third option to consider, and traditionally the least secure. This is because they are only as strong as the home network, which is inherently vulnerable to attacks and disaster. The same event that may require a backup will likely impact any local protection.
Securing endpoints is no longer just installing antivirus, rather it encompasses managing the hygiene of all endpoints, including configuration and patching. Ensure you have a remote monitoring and management tool (RMM), which enables organisations to monitor the status of new assets entering an environment remotely and issue patches where necessary. By implementing an RMM technology solution, organisations can rest assured that in the event an employee does fall victim to a cyberattack while working remotely, the organisation has the proper tools in place to review and manage the situation and prevent the attack from escalating.
Finally, while local backups are a convenient option, they should be avoided because they are not as secure as file level or even SaaS provided backups. When dealing with backup providers, it’s also critical to confirm whether the backup provider has geographical redundancy. Geographical redundancy empowers businesses to anticipate which remote workers could be impacted, which may lead to longer response times to data centre outages. Geographically separating your critical backups will help ensure that should an outage occur within the infrastructure of your backup provider, it will not result in an outage for your clients.
Identify who collects and organises backups across a distributed user environment
Managed services providers (MSPs) are responsible for ensuring their customers have the necessary tools and resources to remain up and running. Many business requirements are changing as staff move to remote work and businesses augment to operate during these times. MSPs should connect with their customers to better understand their needs in this new remote environment to ensure their backups are happening regularly and securely.
Avoid assuming that backups are immune from a cyberattack. Specifically, while COVID-19 cases continue to grow in the United States and more individuals remain in quarantine, state sponsored attackers in other regions around the world are becoming more prevalent. Delaying an organisation’s backup security audit is a mistake that could lead to a successful ransomware attack and ultimately jeopardise the fate of the company.
Look ahead to brighter days
As we look towards the future when we can return to normal routines, it’s important to manage expectations around full immediate ramp-up. For example, businesses should proceed with caution before rapidly shipping out assets to support remote work. It is critical to keep track of the inventory being sent out, and the machines that have access to your critical data. Make sure your IT and security teams are equipped to monitor any potentially privileged machines sent out to provide the proper care required and reduce the risk of a successful cyberattack. Finally, once normal work routines resume, place extra care to collect any privileged machines which are no longer needed.
Keep in mind, there is a light at the end of the tunnel and we are all in this together. Taking the extra time to develop a proactive plan with the proper technology, that keeps the business, MSP, and employees in mind, will put the organisation as a whole in a better place for when we can all return to life as normal.
Chris Henderson, Director, Information Security, Datto