8. The Backup Check
There are a lot of backup solutions on the market today. Some work better than others, but regardless of how good a solution is, you MUST AUDIT IT and ensure that it is working as you think it is. We see every day clients that come to us after getting ransomware and then finding out their backup wasn't working properly because they never tested it. By that time, it's too late, there is little that can be done.
EXAMPLE: This ransomware data breach on a small attorney's office that had backup, but didn't check it and had to pay the ransom to get their data back.
The Spot Check:
STEP 1: Create 2 different files. Save file 1 to your desktop. Save file 2 to your shared network drive (if you have one).
STEP 2: After 1 week, delete each file from each location.
STEP 3: Ask your IT person to recover each file. If it's just you, attempt to recover each file in your backup yourself.
PASS: Both files were properly backed up and are restored within 24 hours.
FAIL: One or both files were NOT properly backed up and can't be restored.
If you fail:
Your backup is not working properly and a hard drive corruption or ransomware may result in lost data.
- Have a conversation with your IT person about the last time the backup was audited. Perhaps spot check other locations that are supposed to be being backed up.
- Troubleshoot your backup and fix the current issue. Verify it is working properly. Contact us if you need help as backup is included with our service.
- Set up an audit policy/process to ensure your backup is regularly being checked.
- Contact Ariento or another vendor you trust to get a vulnerability assessment to see where else you may be at risk and to provide you concrete recommendations for improving your security posture.
If you pass:
Still have a conversation with your IT person about the last time the backup was audited. Verify that an audit policy/process ensuring your backup is regularly being checked is in place. You may find that you need someone managing this as part of their normal day job. This could be an employee or outside professional.