This Thursday, March 31 at 9:30 a.m. MT/11:30 a.m. ET, join the National Cybersecurity Center, IBM Security X-Force’s Laurance Dine and Stephanie “Snow” Carruthers, and other security experts for a World Backup Day discussion on best practices, preparedness and more. Catch the conversation on Twitter.

National Backup Day is March 31, which serves as an annual reminder of the importance of backups for cybersecurity. We shouldn’t need reminders, but far too often, we overlook backups as a critical element in our basic security hygiene.

As the threat landscape rapidly evolves, it’s never a bad idea to revisit the role backups can play in minimizing downtime, mitigating risks and improving security posture.

The question may be rhetorical, but still essential to explore: why backup your data?

Backups: Still Part of Good Security Hygiene

With backups, you are protecting your company from ransomware and other malware that can lock you out of your files or even erase them. In the event of a data breach, you can restore your data from your backups, minimizing the damage that the attacker can do. Backups are also crucial for disaster recovery. If your primary storage medium fails, you can restore your data from the backup.

When systems are down, the cost to your business is typically substantial. According to IBM’s Cost of a Data Breach 2021 report, the average breach increased from $3.86 million in 2020 to $4.24 million. Plus, despite some companies embracing a return-to-work policy, a growing number of employees are still working outside the office or within a hybrid workplace. The files and data they share could be anywhere, which shines a glaring spotlight on new backup challenges for IT and security teams.

But when it comes to backups, boring is always better than exciting. If you treat backups like you do your personal hygiene — like brushing your teeth, something you do every day — your business can prevent headaches down the road. It’s not exciting, yet we do it every day without thinking about it.

Join the Twitter Space for World Backup Day

Backup Processes and Best Practices 

By adopting sound backup best practices, companies can stay one step ahead of attackers. Ransomware, one of the most common threat types, is only evolving with more sophisticated tactics and techniques.

Backups are often the unsung hero of ransomware recovery. In far too many ransomware attacks, the victims could have avoided significant costs with a solid backup strategy. Scenarios where too much time elapsed between backups, or backups were stored on the same network as the attack, shouldn’t be the norm.

Here are some best practices for backing up your data:

  1. Make sure backups are current and include all the data you need to restore your system.
  2. Follow the 3/2/1 backup rule: three copies of your data stored on two different media types and one remote copy.
  3. Store your backups in a secure location — preferably off-site.
  4. Make sure to backup data in cloud applications.
  5. Ensure backup data is encrypted and cannot be altered. This step is more critical today as bad actors increasingly target both live and backup data.
  6. Backup frequently. How often data is backed up is dependent on sensitivity and will be different across departments and applications.
  7. Automate whenever possible. Backups should be monitored and tested regularly to ensure integrity.
  8. Create a backup communication plan to ensure key stakeholders are aware of procedures, responsibilities and timelines. Test your recovery plan frequently.

Finally, backups should leverage both disk and cloud. Combining local and cloud storage locations is probably the most effective backup strategy. When backup data is readily available on a local disk, organizations can take advantage of speedy recovery times. With cloud, remote backups minimize risk from malware, disaster or other threats.

The best advice: pretend every day is National Backup Day. After all, the next day is always April 1. If you forget to back up your data, the joke may be on you.

More from Data Protection

Heads Up CEO! Cyber Risk Influences Company Credit Ratings

4 min read - More than ever, cybersecurity strategy is a core part of business strategy. For example, a company’s cyber risk can directly impact its credit rating. Credit rating agencies continuously strive to gain a better understanding of the risks that companies face. Today, those agencies increasingly incorporate cybersecurity into their credit assessments. This allows agencies to evaluate a company’s capacity to repay borrowed funds by factoring in the risk of cyberattacks. Getting Hacked Impacts Credit Scoring As per the Wall Street Journal…

4 min read

IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

3 min read - KuppingerCole named IBM Security Guardium as an overall leader in their Leadership Compass on Data Security Platforms. IBM was ranked as a leader in all three major categories: Product, Innovation, and Market. With this in mind, let’s examine how KuppingerCole measures today’s solutions and why it’s important for you to have a data security platform that you trust. The Transformation of the Data Security Industry As digital transformation continues to expand, the impact it has had on enterprises is very apparent when…

3 min read

SaaS vs. On-Prem Data Security: Which is Right for You?

2 min read - As businesses increasingly rely on digital data storage and communication, the need for effective data security solutions has become apparent. These solutions can help prevent unauthorized access to sensitive data, detect and respond to security threats and ensure compliance with relevant regulations and standards. However, not all data security solutions are created equal. Are you choosing the right solution for your organization? That answer depends on various factors, such as your industry, size and specific security needs. SaaS vs. On-Premises…

2 min read

Understanding the Backdoor Debate in Cybersecurity

3 min read - The debate over whether backdoor encryption should be implemented to aid law enforcement has been contentious for years. On one side of the fence, the proponents of backdoors argue that they could provide valuable intelligence and help law enforcement investigate criminals or prevent terrorist attacks. On the other side, opponents contend they would weaken overall security and create opportunities for malicious actors to exploit. So which side of the argument is correct? As with most debates, the answer isn't so…

3 min read