In the last blog, we spoke about the first few layers of a nutritious security burrito. From antivirus (AV) to web protection to patch management, you must offer a range of defenses if you want to fight back against the bad guys.
However, there's one part of your security burrito that needs some extra attention. You see, this part is about things like sour cream, salsa, or cheese. Without it, your security burrito would be missing something essential.
We’re talking about backup, of course.
The first few technologies in the backup burrito are designed to help prevent attacks. You keep your patches up-to-date to avoid getting hit by a vulnerability like WannaCry. You choose strong AV to catch problems, like ransomware, before they can cause too much (or any) damage.
But what happens if those first few layers of defense falter?
That's where strong backup and recovery comes into play. When an executive's data gets locked down as part of a ransomware attack, you need to be able to recover it fast. If a hard drive or server completely fails, you want to be able to restore the data and business continuity quickly. Failure to do so could have real financial consequences for the business.
Like cheese, guacamole, salsa, or sour cream in a burrito, choosing the right ingredient can make or break the entire piece. When people think about getting a burrito, few consider how awesome the rice will be—instead, they get excited about the cheese or shell out the extra money for the guac (can't they just give it to us for free?). Choosing the right backup solution can make or break your security posture.
Here's what to consider.
One of the first rules for “testing” the right solution is determining whether it lets you follow the 3-2-1 backup rule. This refers to the idea of having redundancy in your backup solution. At any given moment, you should have 3 copies of your data across 2 types of media, with at least 1 copy kept offsite.
The entire idea of backup rests on the concept of redundancy—in the event something happens to your primary data set, you can restore it from a copy. However, you want your backup itself to have a level of rich, flavor-filled redundancy as well. If, for example, an entire office falls victim to a natural disaster, there's a good chance all the data will be unrecoverable. Also, many ransomware viruses are programmed to delete local backup copies, so you cannot easily restore. Keeping an additional copy of your data offsite lets you restore in this situation.
The best foods are optimized for your health. When looking for cheese for your burrito, you may want to look for the “organic” label, as it can signal you're buying the highest quality ingredient with the least amount of pesticides used. When it comes to backup, look for the “built cloud-first” label. Since you have to keep one copy of your data offsite to satisfy the 3-2-1 rule, the cloud can be a convenient place to keep your data offsite (and in some cases can replace the local copy altogether, potentially saving you money in the long run).
However, not all cloud-based backup solutions are created equal. In fact, many may use lower-quality ingredients like a third-party's public cloud versus their own in-house private cloud. In this case, they've tacked on an artificial offering to a backup solution that was really built for a different use-case—onsite backup.
Instead, choose something built and optimized for the cloud from day one—something that considered the unique challenges of cloud-based backup from the beginning. Require that data security be the top priority when it comes to your solution, with data encryption both in transit and at rest and with secure, global data centers that help satisfy regional data storage requirements. Whatever solution you choose, beware of any required up-front investments in a backup appliance. You shouldn't need special equipment to back up your data. If something truly is cloud-first, you should be able to get up and running without additional hardware.
When you order a burrito you want to chow down immediately. The same is true for backup—daily backups should be quick and painless, and restores should be fast as well.
This is where a cloud-first solution truly shines. Backup that was built cloud-first uses compression techniques to help reduce the size of the data sent to the cloud. For example, a backup solution could send only changes rather than the full data set each time it needs to back up. This dramatically cuts down on the amount of data sent across the wire, ensuring your backups are ready to go on that burrito soon. This also makes it easier for you to back up more often, as it's less resource-intensive. This can help you reduce the amount of time between two data snapshots, meaning if you lose some data during a restore, you won't lose much.
The same goes for recovery times. When a disaster happens, your recovery should be quick and painless. Many cloud-first backups offer multiple recovery options to help you recover faster. For example, a good solution will include the ability to have an onsite copy for fast restores. It will also include the ability to perform bare metal restores and failover to a virtual machine.
To satisfy your security nutritional requirements, you truly need a fully layered security strategy that includes a mix of ingredients—from AV to patch to web protection to backup. Choosing the right ingredients for each can prove critical in protecting you from potential security concerns.
In particular, you will likely need to rely heavily on your backup solution. While we covered some of the basics here, you can learn more about the security burrito concept—especially when it comes to backup—by listening to our podcast on the subject. You can find it here.
Click here to find out how SolarWinds® Backup can help you add some special sauce to your security burrito.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP Canada ULC, SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.