Backups provide dealerships with the ability to recreate data impacted by a ransomware attack or other malicious threats. Today, it is critical that all dealerships have data backup best practices in place to ensure that the impact of a cyberattack is minimized. An effective data backup strategy is central to your dealership’s business continuity.
Secure Your Backup Infrastructure
The cybercriminal is smart – they know that businesses with reliable, easy to restore backups are less vulnerable to their demands. As a result, the cybercriminal often targets the backup infrastructure of a business to increase their leverage in demanding ransom.
Effectively securing your backup infrastructure is essential to gaining an advantage over the cybercriminal. Proper protection of your backup infrastructure includes implementing approaches like network segmentation and applying appropriate security policies that ensure that only designated administers can connect to the backup infrastructure. In addition, multi-factor authentication must be properly applied to access the backup servers.
Backup Your Cloud Productivity Services Data – Microsoft 365
Most dealerships are using services like Microsoft 365. These cloud productivity services provide dealerships with collaboration and communication tools that are quickly growing in popularity. Many dealerships mistakenly believe that the data they store in these cloud environments are automatically backed up. Be careful because this isn’t always the case.
Microsoft offers an extremely secure and reliable backup service for the data stored within it’s Microsoft 365 environment (OneDrive, Sharepoint, Mail, Teams). Make sure you are using the Microsoft 365 backup services if you use Microsoft 365.
Encrypt Your Backups
This is a no-brainer. Encrypting your backups ensures that only those who are authorized to view backup data can read the data. A cybercriminal will be unable to read your backup data without the use of a decryption key.
Backup and Test Regularly
Data backups should be performed regularly, and the frequency of backup may not be the same for all data. Some data may need to be backed up in an ongoing basis while other data may be backed up periodically (daily, nightly, weekly). There needs to be a backup strategy that may need to be reevaluated and tweaked on a regular basis.
Remember, your backup data is worthless if you can’t restore it. Therefore, it is critical that you regularly test restoring your backup data. Too many organizations fail to regularly verify the integrity of their backups. You do not want to learn that your backups have been corrupted or are incomplete when you are trying to recover from a ransomware attack.