Backups can give you a false sense of security.
- If your backups are stored locally (for example in your main office) and if the storage device (maybe a USB drive or tape) is connected to your network then you are at risk of having your backups infected too. This happened to one of the clients. They had to go back 3 months for a good backup!
- If your backups are stored locally or remotely (at home or safe deposit box) and those backup devices are Stand Alone (Not connected to your network) then the Ransomware thugs can’t get to it. Your concern now should be
– How current are my backups? and…
– How complete are my backups?
What I am about to tell you has happened to me personally and has permanently changed the way I do backups.
It is likely that delegate the backup responsibility to someone else. And, like most of us, you assume that the backups are being saved on an agreed upon schedule and using an agreed upon rotation method.
One client, several years ago, sent me a tape backup containing data they wanted me to convert. They had been backing up faithfully every evening at 6 pm.
The routine was to insert a new tape before they closed the office and the backup would kick in at 6 pm. In the morning they would pull the tape, label it, store it safely then wait for end of day to repeat the steps. They had one tape for each day of the week and rotated them.
The problem was the backup software failed every evening at 7 pm and no one was there to see that message. So every tape was empty!
A more frequent problem is that the backups are not run as regularly or as completely as they should be. Bottom line — in a disaster recovery situation like this you are only as safe as your last good, full back up.
The only way to prove you have a good backup is to try to restore the data. When was the last time anyone did that for you?