Ransomware ran amok in 2016.
Given ransomware’s success, it’s no surprise some developers of non-encrypting malware modified their software to begin asking victims for a ransom. The creators of KillDisk did it, and no doubt other criminals will follow suit.
To a certain extent, end-users wised up to (or at least became aware of) the ransomware threat in 2016, though for whatever reason, many chose not to create a data backup strategy. Maybe the task seemed too daunting. Maybe they just didn’t have the time.
But 2016 is gone. The new year is the perfect time to get out of bad habits, and take that crucial step towards protecting your data. Here’s how you can create a robust data backup plan and make sure it works.
Developing a Data Backup Strategy
Once you’ve decided you’re going to take the plunge and back up your data, you’ll need to flesh out the what and how components of your backup strategy.
The what component refers to what devices you want to back up. Do you want to just focus on backing up your laptop, or do you have additional computers and maybe even a few mobile devices whose data you’d like to protect, as well?
Additionally, perhaps you don’t want to back up all of your saved data but instead only files contained in a certain folder or user profile. All of those factors shape the how component of your data backup strategy, that is, how you want to back up your data.
For instance, if you simply want to back up the files located in a folder, you can probably get away with copying that folder to both a USB drive and Dropbox and updating the files contained therein on a regular basis. By contrast, if you want to back up your hard drive, you might need to invest in hardware and software that come with adequate data storage capacity.
But here’s the thing: no matter how much data you want to back up, it doesn’t change the fact that you should maintain multiple copies of your information on different media.
That’s the quintessence of a 3-2-1 backup strategy, where you keep at least three copies of your data on at least two different storage types with at least one copy located offsite.
Multiple copies in theory means at least one copy will work if the others fail. The same goes for the two different storage types; if you can’t use one, hopefully you can use the other. Finally, if you lose or someone steals a local copy of your data, you can always restore your data using the offsite copy.
For a basic 3-2-1 backup strategy of your laptop, I recommend that you purchase both an external hard drive and a subscription to an online backup service.
You should use the former to back up your critical data regularly but at least once a week.
When you back up with the external hard drive, don’t do anything else with your computer. In fact, it might even be a good idea to temporarily disconnect from the internet so as to prevent web-based threats from pinpointing and infecting the external hard drive.
Once the device has finished backing up your data, make sure you store it in a secure location where no one else can find it. A locked drawer makes for a great storage place. If you really want to go all out, lock the external hard drive in a safe that’s fire- and water-resistant.
Of course, backing up with an external hard drive takes a lot of planning. That’s why it’s important you also have a solution that doesn’t take a lot of thought.
An online real-time cloud backup service fulfills that need. All you need to do is install the software on your computer, log into your account, and let the program back up your files to the service’s cloud-based data center automatically.
Now don’t get me wrong. There’s some risk in backing up via the cloud, as a data breach at that company could potentially expose your personal information.
But that doesn’t mean you should run away from the cloud. Just make sure you do your homework and go with a reputable company that takes adequate steps to protect its customers’ information – such as encrypting your backups so the only person who can access the data is you.
Testing Your Data Backups
Congratulations! You’ve set up your backup strategy. But your work doesn’t end there. You don’t want to suffer a ransomware infection only to find out that none of your backups work. To protect against such a scenario, it’s important that you test your data backups regularly.
Here’s what I recommend:
1. On a quarterly basis, create a temporary folder on your computer. Then go to your data backup solution’s software and select a few files that have recently been updated for restoration. Save those files in the temporary folder and look them over.
Do their contents match those of the original copies? If not, try deleting the backup, backing up your computer again, and implementing the same test. Is there any improvement? If not, the backup software might be malfunctioning, in which case you might need to fix your external hard drive or call customer support for your online backup solution.
2. Once you’ve restored a few files and verified their contents, try backing up an entire folder that comes with sub-folders. Successful restoration should preserve that folder’s entire folder directory, including all sub-folders and individual files. Check to make sure that’s the case.
3. On a bi-annual basis, completely restore all your data. Depending on space constraints, you might want to do this on another computer or on a virtual machine. Once the restoration is complete, review your critical files and folders. You should also look at the storage space and make sure it matches with the size of your data saved on your device.
There’s no need to go into 2017 with your data unprotected. By following the tips provided in this article, you’ll make sure a ransomware infection doesn’t get the better of you and your information. Sure, backing up your computer requires a little bit of thought, but it’ll save you a lot of time and effort in the long run if something happens where you lose access to your data.
Have I missed anything in this article? Do you adhere to certain data backup practices about which you’d like others to know? If so, please let me know in the comments!
To learn more about backups, make sure that you listen to this episode of the “Smashing Security” podcast:
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.