Practice Five: Back Up Your Data, Save Your Organization
If your organization is harmed by ransomware or another type of cyberattack, you may need to recover the systems and files that are the lifeblood of your operations to get back to normal.
Backing up your system and important files on a regular basis is a cyber readiness practice most individuals and organizations should be familiar with. Yet, as of 2020, while nearly 90% of companies were performing backups sporadically, only 41% were doing it daily.1 One key to successfully implementing preventive measures is consistent and reliable backups, ideally performed automatically.
Identifying key types of data and their importance for your organizational continuity helps determine both how and how frequently the data should be backed up. There may be data that is critical to practically every organization that might need to be backed up daily to a cloud backup site. For other data that doesn’t change often, weekly or monthly backups to external drives (that are disconnected when finished) might be most effective.
Backups should be frequent, regular and systematic. A best practice is the 3-2-1 backup strategy:
3. Create one primary backup and two copies of the organization’s data.
2. Save backups to two different types of media.
1. Keep at least one backup file off-site and offline. (Off-site helps if the primary site is physically damaged; offline prevents attackers from finding it.)
Individuals and organizations of any size can seek help from the Cybersecurity & Infrastructure Security Agency (CISA), which offers cybersecurity assessments and guidance and evaluations of operational resilience, including backup capabilities and other resources.
“Always back up your data,” said Tim Francis, Travelers’ Enterprise Cyber Lead. “If you experience a cyber event, you’ll need to have a way to access that data. If your systems are brought down, you’ll need to understand what it takes to bring them back up online. What does that whole process look like? Knowing the answer is critical.”
A key step before scheduling backups is to identify the information critical to your operations that is stored on your network. Conduct a regular inventory of the data and files on all devices (e.g., mobile devices, desktop or laptop computers and tablets) connected to your network. Know where that information resides and who has access. Critical data may include documents, emails, videos, addresses, photos and other images, operating system and registry files, and other types of necessary or desired files.
Remember, data storage and data backup are not the same thing. Data storage involves maintaining your data and files in a secure, easily accessible location. Data backup means saving copies of your files and data in a separate physical or virtual location from data storage.
Methods of Backing Up Data
There are many options for backing up data. CISA suggests employing a backup solution that automatically and continuously backs up your business-critical data and system configurations. CISA also recommends using on-site and remote backup methods to protect vulnerable information.2 Common methods for data backup include:
Computer backups. Many devices have built-in backup capability. This method will copy data and files on your laptop or desktop and save them to another location within your device.
- Pros: Convenience
- Cons: An additional form of backup is required. If the device becomes corrupted and inoperable, your data will be inaccessible. If the device is stolen, your data may be compromised.
Removable devices. These include portable media such as USB flash drives, CDs, DVDs and Blu-ray Discs.
- Pros: Easy to use
- Cons: Lack of storage space, which might require use of multiple removable devices. Having to use multiple portable media can make restoration more difficult. What might appear as a benefit, the small size of portable media, is also a disadvantage. The small size of portable media makes them easy to lose or be stolen.
External hard drives. Data and files can be transferred from your laptop or desktop to an external hard drive.
- Pros: Easy to use and large storage space (ranging from 500GB to 2TB)
- Cons: Risk of damage, loss or theft
Cloud backups. Your data is stored in a remote cloud location, providing you access to your files through the internet.
- Pros: Eliminates the possibility of data being lost due to your device being lost, damaged or stolen. The Cloud also provides ample storage. Some services provide unlimited storage. Some services can also encrypt your data, adding an extra layer of security.
- Cons: If you lose access to the internet, your files will not be available.
When a cyber incident has occurred, restoration is your main concern, aside from gathering and preserving evidence of the event. Continuously backing up and securing your data makes restoration possible. It helps ensure your organization’s continuity.
Your ability to recover key data is at risk if you don’t routinely back it up. How well your organization has practiced regular backups will determine how quickly and efficiently you can get back to business.
In Their Words
- Cyber: Prepare, Prevent, Mitigate, Restore: Denver, Colo.
- Cyber: Prepare, Prevent, Mitigate, Restore: NYSE
- Cyber Risk Report: A View from the U.S. Government’s Lead Cyber Agency
- Hacked! What’s Your Plan?
- What’s Required? Understanding the New Cybersecurity Laws Impacting U.S. Critical Infrastructure
This information is for general informational purposes only. None of it constitutes legal or professional advice, nor is it intended to create any attorney-client relationship between you and the author. You should not act or rely on this information without seeking the advice of your own attorney or other professional advisor. Travelers does not warrant that adherence to, or compliance with, any recommendations, best practices, checklists or guidelines will result in a particular outcome. In no event will Travelers or any of its subsidiaries or affiliates be liable in tort or in contract to anyone who has access to or uses this information. Travelers does not warrant that the information in this document constitutes a complete and finite list of each and every item or procedure related to the topics or issues referenced herein. Furthermore, federal, state or local laws, regulations, standards or codes may change from time to time and the reader should always refer to the most current requirements. This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law.
Cybersecurity threats affect businesses and organizations of all sizes. Our Cyber: Prepare, Prevent, Mitigate, Restore® initiative promotes dialogue and education to help leaders prepare for and respond to cyber incidents.LEARN MORE