In one year, from April 2016 to August 2017, 14 million small businesses were hacked. Small- to medium-sized businesses have a high risk of cyber attacks for a host of reasons. The combination of the number of attacks and the risk has moved Congress to seek legislation creating a set of resources and guidelines for small businesses to help keep them safe from the myriad attacks that they face. This response highlights the importance of a plan to deal with security breaches. The first step of that plan is creating a proper backup for your business.
Why Are Backups Important?
After a data breach, systems must be reset. This includes completely reinstalling the operating system. Because attacks can include manipulation of software via code, it’s impossible to simply move on after the attack. The second step, after resetting the operating system, is restoring data from the backups. Deleted, corrupted or manipulated data are restored to their condition prior to the breach. This helps minimize downtime.
Protect Your Assets
Every business should have a disaster recovery plan. Failure to have a plan will lead to chaos and downtime. This is why 60% of SMBs who experience a breach shutter within a year. A plan that includes regular backup and the protocol for actions taken post attack will help get you back on your feet as quickly as possible and mitigate financial loss.
If client information is on the attacked system, it is vital to have a clean backup. Clients will leave a company that experiences a breach but clear communication and quick recovery helps keep trust and may help you recover.
You Won’t See The Attack Coming
There’s not time to prepare for an attack. Cyber criminals are savvy and will get into your system and figure it out before launching the attack. In the event of one of the most common types of attack, ransomware, an entire network is encrypted. A backup means simply rebooting and restoring without having to deal with the risk of paying the ransom.
There’s another risk people don’t see coming. Natural disasters can be just as dangerous to a business as cyber attacks. The Federal Emergency Management Association reported that 40% of businesses never reopen after a natural disaster. In addition, 25% more fail within a year of the disaster.
Getting The Right Strategy In Place
If you don’t have a backup plan in place, it’s time to start developing one. There are a few things that should be in this plan.- Use the 3-2-1 strategy. Have three backups in two locations and backup your system at least once a day.
- Take advantage of the cloud. An off-site backup makes it easier in the event of a natural disaster. Use a cloud server located in a different area to avoid physical damage both on-site and off.
- Always encrypt backups. Unencrypted backups are at just as much risk as your network. Make sure everything is encrypted, especially when in transit.
One Last Tip
A popular approach to attacks is getting into the system and quietly poking around, often embedding bad code, like Trojan Horses, into files and programs. If backed up, and then restored, the problem still exists. Scan your backups regularly to see if they have been modified.
Work With CRA
Computer Resources of America provides managed IT services including secure, offsite cloud storage. Contact us to learn how we can help you protect your information, your clients and the future of your business.