Regular backups...

Most of what we cover in this post, deep down, you know you need to do.

But it's boring, it does have costs involved and you're busy. We get it.

That's why wherever possible, this type of thing should be fully automated so you rarely have to even think about it.

Here's a reminder why they're so crucial:

  1. Disaster Recovery: Whether it's a cyber attack, hardware failure, or natural disaster, backups ensure you can get back up and running quickly.
  2. Protection Against Ransomware: If your data is held hostage, having a recent backup means you're not at the mercy of cybercriminals.
  3. Compliance: Many industries require businesses to maintain backups as part of regulatory compliance.
  4. Human Error Safety Net: We've all accidentally deleted an important file. Backups can save the day in these situations.

Implementation Plan: 

  1. Choose Your Tool: Select a backup solution that fits your business size, budget, and IT infrastructure. Consider the types of data and systems you need to back up.
  2. Roll It Out: Implement the chosen tool across your entire business. This might take a bit of time, but it's worth it. Make sure every critical system and data source is covered.
  3. Future-Proof It: Set up your backup tool to automatically include any new systems or data sources added to your network. This way, you won't have to remember to add them manually every time.
  4. Test and Monitor: Regularly test your backups to ensure they can be restored successfully. Set up alerts to notify you of any backup failures or issues.
  5. Educate Your Team: Include a quick intro to your backup system in your employee onboarding or next team training session. Let everyone know it's there, working quietly in the background to keep the business safe.

Essential 8 Maturity Levels:  
In the Essential 8 framework, you can achieve different levels of security maturity for backups. Here's how that plays out:

To hit Level 1, you need to:

  • Perform backups of important data, software, and configuration settings
  • Store backups securely
  • Test the restoration process annually

But here's the kicker, if you implement the right tools, you can easily reach Level 2:

  • Prevent unprivileged users from modifying backups
  • Restrict privileged user access to backups

And if you're feeling ambitious, Level 3 is even within reach:

  • Prohibit unprivileged users from accessing their own backups
  • Prevent backup admin accounts from modifying backups during retention periods

The jump from Level 1 to 2 or even 3 often doesn't require much more work, especially if you're using a comprehensive backup tool. These solutions can often handle the requirements for higher levels right out of the box.

Remember, regular backups aren't just about ticking a box for compliance. They're about giving you peace of mind, knowing that no matter what happens, your business can bounce back.

Want to Know More?

  1. Patch Applications: Keep your software up-to-date to fix those pesky security holes.
  2. Patch Operating Systems: Same deal, but for your computers' core operating system.
  3. Configure Microsoft Office Macro Settings: Stop nasty code hiding in seemingly innocent documents.
  4. User Application Hardening: Lock down your everyday software to make it harder for the bad guys.
  5. Restrict Administrative Privileges: Not everyone needs the keys to the kingdom.
  6. Multi-factor Authentication: Add an extra layer of security beyond just passwords.
  7. Regular Backups: Because sometimes, you need a plan B (or C, or D).
  8. Application Control: Only run the software you trust.