By Farica Chang, Managing Principal
What would you consider your IT team’s most important responsibility? Fixing a Wi-Fi outage, perhaps? Setting up accounts so your new hires can hit the ground running? Or maybe the password resets that save your staff time and time again.
If you asked any of our team the same question, they’d have a different answer—and it may surprise you.
The truth is, nothing else your IT team does really matters if they aren’t overseeing one crucial thing: Regular. Data. Backups. Today, we’re exploring why.
Unmasking the Myth: Cloud-Based Doesn't Mean You're Covered
You’re no stranger to tech innovations. In fact, you migrated to a cloud-hosted system years ago. Your Office 365 applications save your changes down to the second, and your SharePoint seamlessly maintains version control across your entire document library.
With tools like these, not only is your team collaborating with a capital ‘c’, but the latest version of your documents is also being sent to a cloud storage space as soon as they’re amended. Your business is the definition of up to date. And that’s all well and good—until you encounter a ransomware event.
The problem is this: say one of your employees accidentally opened a malicious link in their Outlook inbox, and malware’s now spreading through their 365 suite, amending and encrypting files to block your team’s access. Office doesn’t know that the multitude of files being “changed” are actually being encrypted as a result of a ransomware attack.
It doesn’t know not to sync those “changes” to your cloud storage.
So what does Office do?
It syncs them.
Just like that, your cloud storage (and everything on it) is now also encrypted. And if that cloud “backup” was your only one, you’re not just sitting on a powder keg—you’re watching it explode in real-time.
The Hard Truth About Backups
The moral of that story? No business leader should rely on a single storage solution—even if it’s cloud-based. You need to store backups in multiple, separate places outside of your real-time cloud platform. This means a combination of physical on- and/or off-premises solutions, implemented by an expert team.
Now, at this point, you might be thinking, “Multiple backup locations—aren’t you supposed to be helping us simplify our IT?”
It’s a fair question. On the surface, this argument could sound like an MSP just trying to get you to pay for another service or storage option you don’t need. So, let us tell you about Wood Ranch Medical.
After a ransomware attack encrypted their servers in 2019, they lost access to their onsite archives—the sole backup of all their data and documents. 5,835 patients lost their medical records, everyone at Wood Ranch lost their jobs, and the business closed—permanently.
If you read our last powder keg blog, you’ll recall that SMBs are increasingly the targets of cybercrime, ransomware attacks included. Wood Ranch’s story could easily have been yours—and could have been easily prevented.
Still, having a few backup sites is only one half of the equation. After all, how are you meant to make use of all those backups if something goes wrong?
What's Your Disaster Recovery Plan?
Essentially, a Disaster Recovery Plan (DRP) ensures you’ll be able to use those backups to restore operations quickly and efficiently in the event of an IT emergency. So, what’s yours?
When was the last time you reviewed it? Would you know where to find a copy if you ever needed it (and remember, it needs to be physical)?
Does a documented Disaster Recovery Plan even exist for your business?
Questions to Ask Your IT Team
As a business leader, it’s time to have some crucial conversations with your IT department or service provider.
Ask them:
- For a copy of your up-to-date DRP. You need it in writing, and that writing needs to be plain English (no jargon allowed). There’ll be no time for a vocabulary lesson when your business comes under attack.
- Ask when they last conducted a full restore of your backups and (more importantly) whether it was successful. You need to know they’ll actually work when you need them, and if not, what you need to do to fix that.
- As many questions as you need to until you’re satisfied with—and truly understand—the answers. In the event of a cyberattack, you’ll need to make quick, informed decisions, so preparation is key.
Your Next Steps: Join Our LinkedIn Live Session
On December 10th, we’ll be hosting a live session answering all your pressing cybersecurity questions. If you’d like to learn more about the risks right under your feet or just want to hear more expert advice on keeping your business secure, make sure to follow us on LinkedIn and join our live session.
Hope to see you there!
Anderson Technologies: Real People Creating Business-Changing IT Solutions
For over 25 years, Anderson Technologies has leveraged our expertise for the benefit of our clients, supplying them with suitable, secure IT and strategic guidance for their technological future.
We’re a dynamic team of IT professionals with over 200 years of combined experience and specialist certifications to back up our knowledge. As a trusted advisor, we don’t just focus on today. We strive to take your technology light-years ahead of your competition and scale with your business’s success.
Ready to secure your business? Contact us today to get started.
