Backup and disaster recovery are essential elements in any comprehensive network security strategy. In our blog on adopting an onion approach to cyber security management, we discussed how having an offsite backup is an important layer in building a resilient defence against cyber-attacks. Today, most businesses realise that they must regularly backup their systems and data. However, for true protection, organisations need to also backup their data to an offsite location.

Why do I need a backup?

Adequately protecting your business involves many different steps. Despite the preventative security layers that businesses can implement, such as firewalls and two factor authentication, the reality is that cybercriminals’ methods are always evolving and on occasion will be capable of bypassing these measures.

This is where business continuity and disaster recovery (BC and DR) solutions come into play. In the event of suffering a breach or disaster, for example a fire or server crash which takes your systems offline, companies need to ensure they have the ability to get up and running quickly. Having regular backups of systems and data in place, will allow companies to recover with speed.

As well as this, the General Data Protection Regulation (GDPR) requires that companies now regularly back up their data and ensure the ability to recover this data in a timely manner. GDPR is driving backup solutions as companies seek to fulfill their obligations and avoid the risk of incurring a fine.

Why onsite backup isn’t enough

As cybercrime continues to evolve and as attacks become more sophisticated, companies are being forced to re-evaluate their security procedures. While most businesses do backup their data on a regular basis, the majority of these organisations rely on systems that are located on-site, and which frequently run on the same network as the computer being backed up.
The latest ransomware attacks actively target onsite backup solutions, encrypting stored data and rendering the backup useless. This can leave businesses with no choice but to pay the ransoms demanded of them to regain access to their data.

Novi AirGap - offsite backup solution

Businesses can get around this dilemma by keeping an extra copy of their data stored at a remote site. Novi AirGap is a managed service provided by Novi that takes snapshots of customers’ servers and automatically copies them to Novi’s cloud, based in an ISO 27001 certified Irish data centre. Data captured in these snapshots includes files and data, but also essential server operating systems, applications and configuration settings.

AirGap equips companies with an additional layer of security, as the backup is separate to the customer’s own servers and runs on an entirely separate network. This ‘gap’ between the computer being backed up and the location of the stored data ensures that, in the event of an attack, cybercriminals cannot penetrate and corrupt this data. Likewise, in the event that a company’s servers are damaged by floods, fire or some other disaster, AirGap will allow them to quickly restore their servers to a pre-determined recovery point. All information transmitted to Novi’s servers is encrypted to further ensure that it remains secure.

Backing-up to a secure offsite repository is a service every business should avail of in order to minimise the risk of data corruption or loss. Implementing Novi AirGap will also enable companies to provide a clear and detailed disaster recovery plan; fulfilling GDPR obligations and guaranteeing the security of their customers data.