Welcome back to our friendly Wattle Business Services building. If we take a peek into the office, you will see Business Owner Brad sitting with his head in his hands while IT Guy Isaac and Financial Controller Frank argue in the corner. Wondering what happened?
While the staff were off having a relaxed weekend, Wattle was the victim of a ransomware attack. They arrived back at the office on Monday morning to find that all their data had been encrypted. At first, they thought that it would be ok because IT Guy Isaac had backed up the digital files. But they were in for some bad news.
Because the backup files were saved on the same system, the backup had also been encrypted. So all they had left was the paper-based information and a few dusty old discs shoved in the back of a cupboard with some outdated information from 2009.
IT Guy Isaac has spent the last two days making calls to find someone who can help them. He has just gotten off the phone to a specialist who thinks he can decrypt the backup – but it will cost a small fortune. Plus, once the backup has been decrypted, the whole system is going to need to be rebuilt from the ground up.
Finance Guy Frank is beside himself because of the cost to get it fixed AND the loss of business in the meantime, but they have no choice – they need their business data and computer systems back online and fast. Otherwise, they might end up being one of the 70% of small businesses that go out of business within a year of a severe data loss.
What could go wrong?
This horror story is based on a real-life scenario. And ransomware isn’t the only risk that businesses face when it comes to data loss – you also need to guard against the following situations:
We have all been guilty of forgetting to save a file and losing our last hour (or day) of work. Thankfully, most modern-day software programs include an autosave function, but that doesn’t prevent employees from accidentally deleting essential business information or overwriting important files, often without realising it.
While these can sometimes be recovered from the computer’s recycled bin or a previously saved version of a document, having regular business backups in place ensures that your essential business information is safe and secure from human error.
The other risk that businesses face is malicious deletion. This data loss can occur when a staff member deliberately removes files from the system in a malicious attack on the organisation. For example, this scenario can occur when an employee has been fired, made redundant, is leaving on bad terms or is generally unhappy in their role.
Microsoft 365 retention policy
Do you assume that any information sitting in your email system will always be there for you to refer to if you need it? Many people think of their emails and Office 365 files as a crucial archive of information, customer history, and business data. What you may not have realised is that Microsoft 365 only retains data for the following amount of time:
If you want to keep this data ready and available, you need a plan to back it up.
When all your data sits within a physical server in the pokey back room of your office, a single natural disaster such as an earthquake, fire, flood or mouse infestation could be enough to wipe out your data in one fell swoop.
How to avoid data loss
The above risks are why here at Colton Computers, we always recommend having a multi-layered, multi-location backup system in place. This structure might include an online backup and a tape-based backup system, backups sitting on servers in multiple locations, or using a colocation service.
The right solution for your business will depend on the frequency of backup required and your recovery time objectives (RTOs). In simple terms, your RTO means the time that it would take to get all of your systems and files back up online if a disaster strikes.
Lots of businesses often ask us how often they should back up their data. There is no one size fits all answer. You need to ask yourself how regularly the data changes and how important it is to your business. For some organisations, this may mean that a daily backup works effectively. Others may need an hourly backup.
Best practice around business backups
To help organisations implement best practice in data recovery, the Australian Cyber Security Centre has published “The Essential 8.” As part of this list of mitigation strategies, they have the following recommendations around data backups:
Backups of important information, software and configuration settings are performed at least daily
Backups are stored offline, or online but in a non-rewritable and non-erasable manner
Backups are stored for three months or greater
Full restoration of backups is tested at least once when initially implemented and each time fundamental information technology infrastructure changes occur
Partial restoration of backups is tested on a quarterly or more frequent basis
If you need some help or advice on ensuring that your business data is backed up properly and you don’t end up in a situation like Wattle Business, we are happy to help.
You might also like to build your Data Breach Response plan (if you don’t have one already) using our handy form here: