News
Step-by-Step Checklist for Disaster-Proofing Backups
"Don't think your company's too small to be cyberattacked, because you're not," says disaster recovery expert Joey D'Antoni. "It just means they haven't decided to try you yet."
So, in a one-hour presentation today to an online audience of hundreds of IT pros, D'Antoni, principal cloud architect at DesignMind, shared his checklist for disaster-proofing backups.
Noting that cyberattacks directed at organizations of all sizes are on the rise, such as ransomware and data breaches, D'Antoni said, "You need to have a plan in place to protect your data." And the advent of strict cyberinsurance policies makes sure organizations have a plan in place.
"So if you're in a place and maybe you used to not do DR testing, and all of a sudden, in the last three or four years, you've decided to do DR testing, it's probably because your cyberinsurance company made that a requirement."
Joey D'Antoni, Principal Cloud Architect at DesignMind
"One of the best things, I think, that has happened around cyberattacks is a lot of companies have purchased cyberinsurance, which has required organizations to to do more security controls than they had in the past. So if you're in a place and maybe you used to not do DR testing, and all of a sudden, in the last three or four years, you've decided to do DR testing, it's probably because your cyberinsurance company made that a requirement."
He advised backups are especially crucial in such plans, as they are typically the first target of threat actors.
"It's one of their first targets, because they know that if they can corrupt your backups or encrypt your backups, you're completely hosed."
With everyone wanting to avoid being hosed, D'Antoni shared his step-by-step checklist for disaster-proofing backups:
[Click on image for larger view.] Step-by-Step Checklist for Disaster-Proofing
Backups (source: Joey D'Antoni).
Here's some things he had to say about each.
Follow the 3-2-1 Backup Rule
"Your backups follow the 321, backup rule as a starter, it's not the most complete thing, it's a baseline. You probably want to do more than that."
The 3-2-1 backup rule is a widely recommended strategy for effective data protection. It helps ensure that you have multiple copies of your data to safeguard against different types of failures. Here's a summary of typical implementations of the rule:
- Three Copies of Data: Keep the original data and make two backup copies.
- Two Different Storage Mediums: Store the copies on at least two different types of storage mediums (e.g., internal hard drive, external hard drive, cloud storage) to reduce the risk of a single point of failure.
- One Offsite Copy: Store one backup copy offsite (e.g., in the cloud or at a different physical location) to protect against physical disasters like fires or floods.
D'Antoni discussed the 3-2-1 rule in detail: "You probably need to be doing a lot more than that to protect against modern attacks. One of the other kind of interesting things is storage, over time, has gotten a lot cheaper, especially the kind of capacity storage that we use for backups. You don't inherently have to have super-fast SSDs, especially for more archival backup solutions. And these things can get pretty cost effective. So the original notion of 3-2-1, is still pretty good. It was maintain the original data into two different backups. We started with three copies, two different storage mediums. So use diverse media types. This could be cloud storage and internal hard drive to mitigate the risk of failure associated with a single medium."
Use Redundant, Secure Storage Solutions
"You want to use redundant, secure storage solutions. If you're backing up to the same storage appliance that your primary data lives on, you're one SAN failure away from losing all of your data."
Automate Backups and Schedule Frequent Snapshots
"You want to understand how this works. You want to have good monitoring of that data so that you understand what the problems are and where the problems lie."
Conduct Regular Backup Integrity Checks
"And there are various ways you can do this. The best way to do it is just do a test restore. And in a cloud world, this is very easily scriptable. You can spin up resources, do a restore, verify the files, and kill the resources and email yourself to report. You don't even have to be involved."
Implement Immutable & Air-Gapped Backups
"You shouldn't be able to overwrite your network, your backups, and additionally, if you can touch all of your backups from your workstation without having to go through multiple layers of security, an attacker who infects your workstation can do the same thing."
Create & Regularly Update Disaster Recovery Plan
"Your disaster recovery plan should deal with weather disasters. It should deal with ransomware attacks, it should deal with user error. You know just where you're going to get your backups from for each of those scenarios, what your restore timeline looks like, and what's the priority of systems to be restored in the event that everything goes down. That priority, and funding, is why your disaster recovery plan needs not just to be signed off by your boss or your CIO, but that needs to go up to the CEO or the CFO of the company to understand what the plan is."
D'Antoni's full presentation, in which he fleshed out more details about all of the above, is available for on-demand viewing here.
Of course, one of the benefits of attending such presentations live (in addition to $5 Starbucks gift cards, for today's example!) is the ability to ask questions of the presenter and actually get some one-on-one advice from a subject matter expert. With that in mind, here are some similar events coming up from Virtualization & Cloud Review.
About the Author
David Ramel is an editor and writer at Converge 360.