There is a real, yet invisible, threat today in our globally connected world. When you leave your office, you lock the door and set the alarm… but we often leave a virtual back door open. Your data and digital property is always at risk from cybercriminals, who are finding new and cunning ways to sneak into your systems from anywhere around the world.
Just as you have insurance to protect your property against fires or floods, you must also back up your servers and data to the cloud to protect your digital property, particularly from cyber attacks.
Backups are a great way to mitigate the damage caused by ransomware. Once hit, ransomware will disable all operations, with every single file on your system now locked by the cybercriminals until you pay them the ransom. With a single ransom payment averaging at a staggering $1.2m in 2022, your backup system needs to be taken extremely seriously.
A case that springs to mind when discussing Ransomware, is that of a medium sized commercial construction business who contacted me after being hit by the virus. Once hit, they had two options. Firstly, to pay the ransom or secondly to use the backup prior to the attack to overwrite the locked files and continue working.
The ransom being asked was around $40,000, so this company rightly so turned to their backups. Unfortunately, in an effort to save money, they had opted out of getting professionally monitored backups and had instead taken it upon themselves to do the backups manually.
As the problem spiralled, it was discovered that the backups had not been checked properly and unbeknownst to them had not been working for three months! Imagine working from files that were three months old. You might as well not have backups in the first place.
To make matters worse their current IT provider was winding up their business so there was no help incoming. The only options we could put forward, were to scrape the data together using the old backups, talk to their insurance about engaging the cybercriminals to pay the ransom, or see if their data could be unencrypted by a digital forensic team.
They were losing tens of thousands of dollars each day, and this could have been avoided if a professional was ensuring the backups were working. Paying for that service would have been at a fraction of the cost compared to a disaster recovery scenario.
Running a successful construction company today you need to be forward-thinking and planning for these disasters before they happen. You may think you know what is required, however this is often not the case, as illustrated when I first met Rob. Rob was the owner of a successful, young construction company, and he was proud of his technology stack. He felt confident with his technical knowledge and believed his data was already safe and well protected.
It was true that Rob’s IT literacy was extensive and the technology he had implemented for his construction business was miles ahead of a paper-based office. However, while he was protected from power surges and crashes, his data was left vulnerable to threats leaking into the server from the internet.
To minimise this threat, we implemented a cloud-based backup system, meaning his new ‘worst-case scenario’ would be losing one day of productivity. That may sound disruptive however without this backup he ran the risk of losing a months’ worth of data… or worse yet, the lot!
So we can agree that you need current backups that are working and are monitored by a professional. But do you need a cloud-based backup? In the days before backups were automated through the internet, a small developer client of mine had set up a backup rotation. The managing director was tasked with unplugging the backup drive from the server with the latest data and would take it offsite with him at the end of the day (when he remembered of course). Our client felt that should there be a disaster at the office, such as a fire or break in, all their company data would be safe and sound with him offsite. Or so he thought.
He phoned me frantically one morning, explaining his car had been broken into and the backup drive had been stolen! Unfortunately, he assumed the backup drive would be safe in his car whilst he popped into the shops.
The drive contained their IP and confidential company data. This is not something you want in the hands of a stranger. To date we don’t know where that data went, or who gained access to it. Needless to say, as soon as cloud technology was available to automate and send the backups offsite to the cloud, he signed up. After that he was comfortable knowing that the backups could not get lost and were safe offsite in the cloud.
There are many different types of backups available on the market today, and often construction businesses place their trust in their IT support provider to choose the right one for them.
So how can you be sure your data really is safe? Here’s a handy checklist of the essentials when considering a backup system for your business:
- It must have an offsite backup
- It must be running backups at least once a day, preferably every hour
- It must be automated (no input from you or your staff)
- It must be able to get you back up and running in a day or less
Without these essential aspects met, your data will not be safe.
Put simply, you need an offsite or cloud-based backup, regularly checked and monitored by an IT professional.