7 steps to ensure your Azure backup works when you need it

Worried about ransomware attacks? The best thing you can do now is make sure your backup system is ready.

Recently, a disturbing ransomware attack impacted 22 Texas local governments and left them unable to process tax payments or perform normal business processes. It’s another reminder that both public and private organizations need to review their ability to recover from such attacks. That starts with having a proper backup strategy.

Attackers often investigate how the network is set up and what processes the firm uses for backup solutions. I’ve seen attackers target the backup locations first, ensuring that they silently and quickly delete backups on local NAS devices and write over the devices with 1s and 0s to ensure that the backup is totally deleted and cannot be recovered without great expense.

They often target online backups first. Rather than encrypt the backups, attackers will try to delete where the backups are located and write over the top of the location so they cannot be recovered. Then they target virtualization guests, virtualization hosts, workstation data and finally the domain controllers. Attackers use different encryption keys for every server and workstation and charge for every recovery key, taking a page out of software licensing fee models.

Backup and ransomware recovery best practices for Azure

The key is to not make it easy for the attackers, and too often we do. The Department of Homeland Security (DHS) has put out recommendations on actions to take. The top action is back up your systems. Even that can be tricky in today’s business economy. Fragmentation of responsibilities can lead to situations where one team thinks the other team is taking care of a key task and it ends up falling through the cracks. Too often I’ve seen backups set up but not monitored. There is nothing worse than thinking a backup is taking place when it’s really not.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!