Site icon Sophos News

Understanding data backups

backup

 

There is a maxim in the business continuity market that says that a backup on its own is worthless, but restoring a backup successfully is priceless. Too many organizations have suffered from backups that either failed to restore—or restore correctly—or that were already compromised. Failed backups are of no value from a business continuity perspective. 

However, backups that restore correctly, are clean of all malware, and were encrypted so that the IT security teams knows that they were not compromised after the backup was created, are considered the best scenario for IT managers. 

According to Sophos’ The State of Ransomware 2021 report, 37% of respondents said they were hit by ransomware and on average. While 96% said they got back their data after paying the ransom, only 65% of the encrypted data that was affected was restored. These statistics underscore how essential it is to not only have secure backups, but also protected backups stored in more than one physical location that are directly connected to the network.   

Types of backups  

There are five types of backups: 

  1. Full File-based backup: A full backup is the simplest form of backup, which contains all the folders and files that you selected to be backed up. This is called a file-based backup because it only backs up visible files, not hidden or system files that are often hidden. 
  2. Incremental Backup: This backup only includes files that were not backed up the last time. When restoring backups made from incremental backups, you must restore each incremental backup in order that it was created, starting with the full backup. 
  3. Differential Backup: Differential backups only include data that was added or changed since the most recent full backup. When restoring using this method, you need only restore the initial full backup and the most recent incremental backup. 
  4. Image Backups: An image backup includes everything on the disk, including any hidden or system files. You can use incremental or differential images to supplement your full image backup.  
  5. Copy Jobs: This includes individual files or folders copied from one location to another. 

 Recommendations on effective backup restores 

Since restoring the backup really is the ultimate goal, it is important to focus on what makes for successful backup-and-restore policies and procedures.  Here are some recommendations that you might find helpful. 

Best backup schedules 

One of the more popular backup strategies is called the Grandfather Father Son Backup. This consists of a “grandfather” backup that is done once a month, the “father” component being a full backup once a week, and the “son” backup being a daily incremental. There are variations of this approach with the father backup being a weekly differential backup. It also could include a variety of backups during the day, such as an hourly catch-up or a backup at any time after specific criteria is met, such as prior to a software installation or a reconfiguration of the network, or after a malware scan. 

As part of this backup strategy, the security staff might choose to do one backup at one time for a local site or cloud instance and a second time for the opposite local or cloud instance. The overhead will depend on various factors, including the backup software you select, whether you are backing up to the cloud or locally, the amount of data being backed up, and metrics that might be unique to your situation. 

 Learn more 

Sophos offers two products that help protect your backups. Sophos Workload Protection secures backups in the cloud and on the premises. Sophos Cloud Optix monitors Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) accounts for cloud storage services without backup schedules enabled and provides guided remediation. 

Speak to your Sophos representative to discuss your backup security requirements and how Sophos can help. Visit our website to learn more about Sophos Cloud Workload Protection and Sophos Cloud Optix, and to activate a free trial. 

Exit mobile version