A Multi Layered Approach to Security with a Difference
So we’ve all heard of a multi layered approach to Security, well I recently decided that we should consider adding an additional layer.
With the ongoing rise of ransomware threats (and now ransomware that seeks out and encrypts backup files as well as shadow copies), the weakest link is generally the end user. This means we are becoming more reliant on our backup strategy being the last layer of security/data protection/recovery.
But what if you are backing up every day and getting successful email notifications to this effect and then the time we all dread comes – you need to restore!
Ok, so in this scenario, we discover to our doom that the backup wasn’t as reliable as we’d been left to believe that recovery isn’t possible – now we’re in the brown stuff and the buck stops here. Obviously, regular test restores are good practice assuming you have the time and resources! But still, it might not be until you really need to call upon the restore process that you might discover problems.
So this is what I’ve done, most of our Servers are VM guests that are being backed up and a copy transferred offsite with DR VMs being Created in a data centre – this is agent based from within the guest VMs and should provide a robust backup strategy for both onsite file restores and offsite DR recovery.
This was not enough for me. I wanted to add something else for redundancy (redundancy is a good thing in cyber security, especially for failing over and backups). Next using another Software vendor (A free one) I chose a host based backup strategy that could provide a quick backup/restore (on site) directly back into the host with a low retention configuration that means I could keep 7 days of backups to use least disk space yet perform a quicker restore if called upon.
To summarize – why not layer your backup strategy? Don’t rely on solely one software/vendor when you can provide yourself greater peace of mind.