The KISS Principle Still Holds True When It Comes to Backing Up Your Data

By JG Heithcock, GM, Retrospect, a StorCentric company

Over the past year, COVID-19 quarantines, lockdowns, and self-imposed isolations sent tens of millions of people around the globe to work, learn and shop from home. A paradigm that is predicted to last in full or hybrid fashion perhaps indefinitely.

While many of the initial associated bumps have been overcome, it appears that just as quickly as we think we have secured our devices, networks, and data, we find that cybercriminals are seemingly one step ahead. In fact, with a historic level of employees working remotely, security incidents sparked by email phishing attacks grew 80% according to this recent Verizon Data Breach Investigations Report. There appears to be no end to the new and creative ways cybercriminals can find to infect our devices with viruses and malware designed to access, steal and hold our data for ransom.

So, from an IT management standpoint, what are you to do? An ideal place to start is to simply train employees to be on guard for unknown and/or suspicious email addresses. Direct them to think twice (or even three times) before clicking links and to implement strong passwords. And, ignoring requests for personal information should be a given. Unfortunately, however, these steps and guidance cannot overcome all of the issues unique to working from home (or the office, for that matter). For instance, without the oversight and support of an onsite IT professional or team, employees might be tempted to use personal devices, break with defined security protocols, or simply not update their software as regularly and appropriately as they would if they were in the office.

In addition, for the various organizations and individual people relying on cloud service providers for backup, working remotely can affect their endpoints, which require data protection. However, some backup systems don’t require employees to access their services through a virtual private network (VPN), creating blind spots for data protection strategies in legacy backup systems. And of course, VPNs can open a Pandora’s box of other security problems as well (which is why so many are looking to software-defined perimeters (SDP) as an alternative – but that is a conversation for another day).

Sometimes keeping it simple really can be one of the most important and effective strategies. When it comes to backup, this is certainly true. One of the most resilient backup methods for businesses is the 3-2-1 backup rule, which states that a minimum of three different copies of data is saved in multiple locations. More specifically, the data should be stored on the computer, on local storage, and on off-site storage. This can include disk, public cloud services, network-attached storage (NAS) devices, and/or tape. Of course, there are a plethora of data storage platform choices available, and just any platform won’t due. Here you should spend some time doing your homework to ensure the backup targets are able to meet your business, IT, and budgetary requirements. Ideally, you should choose one that provides an active data vault that creates an immutable copy of your backup (i.e., “unbreakable backup”).

And, if one of the backup copies is “air-gapped” and completely removed from network access, all the better.

I suppose you could say from a backup perspective this is the KISS principle, an acronym for keep it simple stupid. This is a design principle framed by the U.S. Navy in the ’60s. It states that “most systems work best if they are kept simple rather than made complicated; therefore, simplicity should be a key goal in design, and unnecessary complexity should be avoided.”

The bottom line is that there isn’t just one panacea for all your data protection woes. However, by being prudent and combining a straightforward 3-2-1 data backup strategy with the aforementioned defensive principles, you will be well on your way to thwarting any attempt by hackers to damage, destroy or hold for ransom your computer network, systems or data.

About the author, JG Heithcock, GM, Retrospect, a StorCentric company

JG Heithcock has 18 years of experience in the storage and backup industry. He was the User Experience Architect at WildPackets (now Savvius) before coming back to recruit and manage the engineering team for Retrospect at EMC. Heithcock is one of the founding members of Retrospect, Inc. and now serves as General Manager of Retrospect, a StorCentric company.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.