It’s World Backup Day – Could You Recover From a Data Disaster?

Today is World Backup Day – a day when awareness of the need to backup data is raised around the world. It is a day when companies that are not backing up their critical data are encouraged to do so, and companies that do are encouraged to take a close look at their data backup policies and procedures to make sure that they are up to scratch.

World Backup Day 2016 is More Important Than Ever

World Backup Day may be an opportunity for companies to sell you a host of products and services associated with disaster recovery – a number of software companies offering backup services sponsor the day – but this year the day is more important than ever. This week, a large not-for-profit health system in the United States discovered just how important it is to have a fully functional backup of all critical data.

MedStar Health, a network of 10 hospitals and more than 250 outpatient facilities in the Washington D.C. area, was hit with a ransomware infection that compromised 18 computers. It could have been far worse had rapid action not been taken to shut down its network to prevent the lateral spread of the ransomware infection.

Fortunately, systems are now being restored and it appears that the reported ransom demand of $18,500 will not need to be paid. Many companies would not be in a position to decide whether or not to pay the ransom. If a viable copy of data has not been stored securely on an isolated drive, the ransom would have to be paid. Losing critical data would simply not be an option.

MedStar Health is not the only healthcare organization to have suffered a ransomware attack in recent weeks. In the United States, Methodist Hospital in Kentucky, and Chino Valley Medical Center, Desert Valley Hospital, and Hollywood Presbyterian Medical Center in California have all been attacked, as was Canada’s Ottawa Hospital. All of those attacks have occurred in the past two months.

It is not just the healthcare industry that is under attack; however, many companies prefer not to announce that they have had their systems infiltrated and data encrypted by attackers. Ransoms are quietly paid in order to get the security keys to unlock the encryption.

30% of Users Have Never Backed Up Their Data

Even though the loss of data could prove catastrophic for companies, many organizations are not backing up data as frequently as they should. Some do not test the backups they perform to make sure that in the event of an emergency, data can actually be recovered.

Almost a year ago to the day, the Tewksbury Police Department in Massachusetts was given no alternative but to pay a ransom to have its files unlocked. A backup of data had been recently performed, but that file was corrupted. The only non-corrupted backup file the Police Department had was more than 18 months old.

The figures on the World Backup Day website indicate 30% of users have never backed up their data, even though the loss of files would cause considerable anguish. Figures from Backblaze suggest that since 2013 (from when the World Backup Day figures were taken) things have improved and the figure now stands at 25%.

Companies Need to Review Backup Policies

For companies, a single backup of data is not sufficient protection. Multiple backup files can reduce risk. If one backup file is corrupted, it will not spell disaster. Those backups must be stored off-site, but should not be connected to a computer network. Backup files can also be encrypted by ransomware if the drive on which they are stored remains connected to a network.

There are many other ways that data can be accidentally deleted or lost. There may not be an option to simply pay a ransom to recover valuable data. Without a viable backup data could be lost forever. WBD figures suggest that 29% of data incidents are the result of accidents.

Performing frequent backups is a complex task given the huge volumes of data now being stored by organizations. Today is a good day to reassess policies, procedures and software, to test backups, and to make sure that when (not if) disaster strikes, valuable data will not be lost.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Elizabeth Hernandez

Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has focus on data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone
Twitter