When protecting your sensitive company data, having a backup plan in place is essential.
Over the years, technology has provided several different types of backup techniques, each with its own set of advantages and disadvantages.
The question many of our clients ask is, in today's connected world that’s seeing an unprecedented rise in cybercrime, which backup technique are we recommending?
Contrary to the shift to cloud-based backups over the last decade, we recommend using a disconnected backup (specifically air-gapped) as it’s considered to be the most secure option.
That’s not to say those cloud-based backups are bad, and they’re not; it’s just that they cannot be relied upon in the event of needing to perform a recovery following a cyber attack.
Because the cybercriminals know that to effect a successful ransomware attack, they need to encrypt your backups too. And if they can breach your network and access your backups via the web, well, they’ve rendered you helpless.
So how is an air-gapped backup different?
An air-gapped backup refers to a backup system that is physically isolated and not connected to any network, including the internet.
This isolation means that the backup cannot be accessed remotely and is therefore considered to be more secure against cyber attacks and data breaches.
One example of an air-gapped backup (which sounds old school but works) is the use of a physical backup device, such as a USB drive or an external hard drive, that is disconnected from the network after the backup process is complete.
This device can then be stored in a secure location, such as a safe or a vault, to protect it from physical theft or damage. But that requires human intervention and some rock-solid policies to make it failsafe.
Another example, which comes at a premium, is creating a special network called an "air-gap" network, which is completely isolated from other networks.
This network is used for critical data and systems and is not connected to the internet or any other external networks. Backups of this data are stored in this network only.
Overall, air-gapped backups are considered more secure than networked backups because they are isolated and cannot be accessed remotely, making it much more difficult for attackers to steal or destroy the data.
While we acknowledge that disconnected/air-gapped backups may be more challenging to set up and maintain than connected backups, we believe that the added security they provide is well worth the effort.
For more cybersecurity tips and techniques for small to medium businesses, why not tune into the Cyber Heroes Podcast where we talk about how to protect your people and reputation, strengthen your cyber posture, create a culture of cyber savviness, and learn from the many cybercrime lessons around the world every day?