Back-up and running: How businesses can protect their data in a world full of risk

With the threat of a ransomware attack greater than ever, how can businesses protect their data as they prepare to return to the office?


This is a contributed article by Ian Wood, Senior Director, Head of Technology, Veritas UK&I.

Current UK government advice recommends that employees should work from home if possible – a disappointment for many businesses and employees alike, who were hoping for a return to something resembling normality. However, businesses should be making preparation for a return to the office, and in doing so, must not be lulled into a false sense of security.

A return to the office signifies the return of a familiar foe: ransomware attacks. Devices which have been used to work from home for months and which could have been infected by undetectable malware will be placed behind the company firewall once more. For businesses returning to the office, preparing for the inevitability of a ransomware attack should be priority number one.

The rising threat of ransomware

For businesses, the threat of a cyberattack is an everyday concern. Yet during lockdown, as people working from home used unfamiliar tools, cybersecurity became a more pressing concern than ever. Companies such as Honda and EasyJet felt the full force of this, as they were both hit by cyberattacks while trying to respond to the disruption of COVID-19. However, from a cybersecurity standpoint, this period of working from home could be the first wave of attack.

As employees return to the office, there is a real risk that they could be bringing infected devices back with them. Once these devices are back behind the company firewall, latent malware could quickly spread across the network and do considerable damage.

There are two things which make this a probability. Firstly, the pandemic coincided with the emergence of the EKANS virus, which may be lying dormant and unseen on devices until they reconnect to the corporate network. Secondly, over the last six months, there is evidence of as much as a 72% increase in new samples of ransomware. Many IT departments are already stretched as they support new flexible working initiatives. When you add these new threats to the mix, this could well be the perfect storm required for ransomware to take hold.

Back-up to avoid paying up

Whether it's legal, reputational or financial, having your customer data stolen can have severe ramifications. Take Garmin for example; there are multiple reports that the company had to pay a multi-million dollar ransom to retrieve their data after they became victim to a ransomware attack in July 2020. For businesses looking to mitigate against these risks, there are three things they must do upon returning to the office which, for many businesses, might not be until March 2021 now, giving them plenty of time to prepare:

1.      Full visibility of and quick access to data

Businesses must ensure that they have full visibility into their enterprise infrastructure and data environments. Insight solutions are key if businesses are to gain full visibility into what lives where, including both on-prem and cloud data. This will help them remain data compliant as well as ensuring data protection and back-up options cover all necessary aspects of infrastructure.

2.      The 3-2-1 rule

While preventative measures are valuable in the fight against ransomware attacks, businesses must prepare for the worst-case scenario. Having a strong data backup solution is crucial to this and the ‘3-2-1’ rule is a good one to live by. This entails having three copies of your data, two of which are on different storage media and one that is air-gapped in an offsite location. Since attacks frequently focus on encrypting backup servers as part of their invasion, physical isolation (complete separation from the network) of one such copy of backup data from the network (known as air-gapping) is vital.

With an effective data backup solution in place, companies that fall victim to a ransomware attack can resume operations quickly and without interacting with the hackers. Instead, in that critical moment when businesses realise they’ve had their data stolen, a combination of on-premise and cloud backups allows the organisation to simply restore that backup data and resume operations.

3.      Revisit and revise ‘new’ processes and systems

When businesses were asked to work from home at short notice, many companies were forced to accept that a quick rollout of work-from-home systems would result in short-term risks. Processes which, ordinarily, would have taken months, such as audits, tenders and staff training, were sometimes condensed into a one-week period. Meanwhile, technology deployments which may have been outsourced to specialists would have been installed by in-house talent instead.

However, for businesses now returning to the office, these risks must be revisited and addressed. The importance of doing this correctly is imperative if businesses are to safeguard themselves against both regulatory and ransomware risks. Therefore, businesses which lack the confidence to do this properly should look to outsource the work to specialists who can identify and correct any rushed processes with both speed and accuracy. When it comes to addressing these risks, time is of the essence.

Ultimately, in today’s world, companies must accept there is a degree of inevitability when it comes to data breaches. However, being prepared for them is not just smart but cost-effective. The time to prepare is now.

Ian Wood is the Senior Director and Head of Technology at Veritas. Wood has an IT career which has spanned 18 years, working across a variety of roles, ranging from sales management through to global head of solutions and product marketing. He has experience in managing diverse teams which are often geographically dispersed. Ian has been with Veritas for over five years.