• 20 August 2022, 02:21 AM

Category Archives: Disaster Recovery

Veeam V11 Immutable

V11: Immutable primary backup storage

Ransomware and malicious acts within our IT environments are rampant across the world, and the last line of defence is going to be your backups.

In Veeam Backup & Replication v10 the ability to store your Veeam backups using the Object Lock API was introduced. This would mean that you would have a secondary copy of your backup data most likely offsite and in an immutable state, which means it can’t be modified and is protected against insider malicious activity.

Fast forward to the release of Veeam Backup & Replication v11, and a way of storing data, agnostic to hardware in your primary location leveraging Linux with the NEW Hardened Linux Repository has been enabled.

Benefits of immutable storage backup

By definition, immutability is a solution that prevents data deletion or modification from the storage.

Knowing that data is critical to all businesses—leveraging an immutable copy of your backup data ensures that there is an untouched version of that source data that is always recoverable and safe from any failure scenario.

Veeam Backup & Replication v11 enables you to store your short-term retention backups locally onsite for fast recovery with the protection of immutability. In addition, you can now tier those backups into an immutable object storage offering offsite, giving you additional protection against unforeseen malicious activity or accidental deletion.

Immutable backup storage can help in the following cases:

  • Production data is corrupted or compromised
  • Accidental deletion of production data
  • Insider malicious activity, administrators modifying backup job retention or deleting restore points.

What is the Hardened Linux Repository?

The Hardened Linux Repository enables primary backups to be immutable, not by packaging a storage appliance together, but by offering the ability to achieve local immutable backup storage by using generic compute and storage with a supported Linux x64 distribution that provides this functionality.

Immutability protects your data from loss because of malware activity or other failure scenarios mentioned above by temporarily prohibiting the deletion and modification of data.

A storage solution that prevents deletion and modification of backups

Now you know the purpose behind it and why we are doing this for our primary backups. But you have only seen part of the How — on the Linux server itself you do not need to set anything, Veeam will have that covered for you.

By default, the immutability is set to seven days for standard backups on the repository. It is very important that your job configuration reflects this so that your active backup chain is protected.

Ransomware or outside malicious activity are well-known 24/7/365 threats. Take a lesson from history – even the great city of Troy, that resisted outside threats for centuries, was quickly destroyed from within. When you use the immutable flag even the kings of backups themselves, the backup administrators, cannot delete those backup files.

Single access credentials

Protect the keys to the kingdom! It’s clear to see that a lot of this new feature is focused on the security and protection of your backup data. By focusing on access control, we are further reducing the possible attack vectors by not allowing Veeam or the backup administrator to have unbridled access to an elevated user account that was or is used initially to deploy Veeam services. These one-time use for deployment credentials are not stored by Veeam Backup & Replication.

I hear you asking, how do we get started?

Call us on 03333 22 11 00 or contact us using the form below:

    Credit: Michael Cade

    Four key reasons why you should backup your data

    Today’s world revolves around electronic data; Business simply cannot operate without it.  No data = no business.

    Data is one of the life bloods of a business; With the ever increasing risks (viruses, hackers, natural disasters, hardware failures etc.) it’s almost inevitable something will, eventually, go wrong;  It’s not an ‘if’ but more like a ‘when’. The scale of loss could be anything from a hard drive failure to a ransomware attack.

    We have created a list of the four main reasons why you should ensure your data is correctly and securely backed up.

    Hacking and ransomware

    It is estimated around half of UK businesses faced some form of cyber-security breach in 2019/20. Most of the time the firewall and/or anti-virus software will trap the attempted infiltration however…. just like some human viruses, there’s an occasional one that gets through and causes havoc.

    In extreme cases, hackers can encrypt and hold your data to ransom. If you don’t have your data backed up (effectively), the only way to recover it might be to pay them.  There is, of course, no guarantee that your data will be returned.

    Ransomware or a virus may not be specifically targeted to you – they are designed to be smart and will automatically seek the weakness in IT systems then spread further and embed themselves until the circumstances are right for maximum damage.

    The best way to negate a ransomware attack is to ensure your systems are correctly patched, firewalled and an effective data backup is in place.

    Not all data loss is malicious

    While it’s easy to think of data loss as being a purposeful act, UK government stats, indicate that the vast majority of data losses and breaches are the result of human error.

    Staff within your business have to handle your data as part of their job, so there’s always a chance of data being deleted by accident. If you don’t want your company to be detrimentally impacted by a business critical file or email that’s accidentally been deleted (or maybe purposeful by a disgruntled employee), you need an effective backup solution.

    Disasters happen

    When protecting against data loss, businesses also need to think about the safety of the hardware that stores their data. It is often more fragile than you might think.

    Disaster is often thought of as being a grand scale event eg: Fire, Flood, Explosion but, in fact, it’s often more mundane actions that cause the issues: Poor-quality electrics, leaking roof or pipe, failed air conditioning unit etc

    Without an effective backup, you can seriously risk the future of your business.

    Critical data loss destroys businesses

    Approximately 9 out of 10 companies that lose their data for more than 10 days end up filing for bankruptcy within a year. In fact, many of those businesses file for bankruptcy immediately.

    Why? The loss of data can cause significant business interruption. Most businesses simply cannot afford such downtime. Depending on the scale of the breach, a business may also be subject to regulatory fines (as a result of GDPR for example).

    Data loss can also prove catastrophically damaging to reputation. Companies can find that the cost of losing (and subsequently trying to win back) customer confidence, following data loss or theft, far outweighs the actual cost of the data loss itself.

    The faster you can get up and running again, the more likely you are to retain customer confidence. This is why an effective data backup is imperative.

    Protecting your data

    There’s a number of ways you can backup your business data however, the most recognised and effective solution is an offsite, cloud backup.  ‘Cloud’ is not a  mythical place but a purpose designed building with specialist technical staff and systems.

    By working with such a specialist provider, you can ensure that your critical data is automatically backed-up  – effectively and securely and perhaps, more importantly, capable of being recovered – easily.

    Don’t know where to start? We are here to work with you to create a custom backup solution for your business data.

     

    Reality remains in the office

    Working from home – the new normal or the new risk?

    So, working from home is the new normal – right? We’ll never go to the office again – really?  The kitchen worktop or the chest of drawers in the spare bedroom makes for a great office – yes?  The kids screaming– isn’t an issue, the cat/dog pawing at your leg doesn’t intrude on your train of thought or interrupt the flow of the important client meeting on Zoom or Teams?  All is sweet then – carry on!

    If you’re fortunate to have an office at home you may be spared some of these intrusions….  but note….. it’s an ‘office’.  For most, the home ‘office’ is a ‘make do’.  ‘Make do’s are either a pain or a novelty that eventually become a pain.  ‘Make do’ spaces are often a borrowed resource with such borrowing sometimes lasting only minutes.

    The current crisis is sure to bring about some changes but, is going to the ‘real’ office a thing of the past?  For many reasons, we think it unlikely – although for sure, on the back of the novelty factor, the ‘we-can-work-from-home’ brigade , which range from those counting the pennies (believing it will save a fortune) to those with imaginations of a paradise, will strive to prove it is the new normal.

    So why do we think the ‘real’ office is still here for a while longer……

    Well for one, the majority of businesses are technically not ready.  Cyber criminals, though, are very ready!  The ‘real office’ may be well firewalled but, the likelihood of this extending to the home office, is small.  Wrapped within pages of GDPR legislation, businesses have many legal obligations for securing  data – especially that which is personal.  Aside the possibility of all company data being encrypted and ransoms demanded, those that flout the regulations can be heavily fined and Directors held accountable.    Home working – is it the new normal or is it the new  risk – a very big risk!

     

     

     

     

     

    Do SME’s Really Need A Disaster Recovery Plan?

    When it comes to keeping your business running, it’s important to have plans in place to deal with both good and bad times ahead.

    Business continuity plans and disaster recovery plans are an excellent way to ensure the protection of your organisation, however, it’s easy to get the two mixed up. Many people assume that because they have implemented a business continuity plan (BCP) they do not require a disaster recovery plan (DRP), and vice versa.

    It is true to say they are very closely linked, but to briefly explain; BCP’s take a more proactive approach to minimise and avoid the risk of downtime, whilst DRP’s focus on recovering from the disaster.

    In this article we will look specifically at the business continuity plan, why it’s a good idea and why you should have one.

    Generally people do not enjoy paperwork, and business owners understandably will see a business continuity plan as just another tedious task to complete that will probably go unused; so here are a few interesting facts which could highlight the importance of a BCP.

    On average, a medium-sized data centre will experience over three downtime events each year, with the average power cut lasting over 3.5 hours. Source: Eaton UK

    Some 77 per cent of UK organisations (approximately 4.2 million) experienced connectivity failures in 2016. On average, UK organisations were also found to have suffered 4-5 outages each during 2016 and a wait of six hours every time for service to be restored. Source: ISP Review

    Just over half (54 per cent) of UK companies have been hit by ransomware attacks resulting in variable amounts of downtime (58 per cent of UK companies pay up to get access to data and systems again.) Source: Malwarebytes

    Almost all (97 per cent) of network professionals in a survey by Veriflow agree that ‘human error’ is the most common reason for network outages. Source: Network World

    Depending on your company’s area, losing vital business systems could ultimately cost you customers, because your existing customers could choose to go elsewhere. In addition to this the damage to your reputation and the lack of credibility if there is no BCP in place could be extremely costly!

    Hopefully the above has persuaded you to think about the importance of having a business continuity plan so in the event of a power cut, connectivity issues, network outage or cyber-attack your business can ride the storm and get back to business as soon as possible.

    If you’re under the impression that a disaster is unlikely to happen to your business, you might be mistaken. It could be something as simple as a staff member keeping watch of an absent colleagues emails whilst they’re on holiday and accidentally opening a cleverly presented, yet malicious, email. If that email contained ransomware, and the attack was successful, it would only take a few seconds for all the files on the computer and everything else connected to it – namely the server – to be encrypted.

    Before you know it, your network is unavailable, staff are unable to work, and a disaster recovery plan is vital. In addition to downtime, failing to have a business continuity plan in place could cost a business severe reputational damage, and it could even raise certain compliance issues.

    When you’re busy running a business, it could be easy to forget that you are a prime target for cyber hackers, and many have made the mistake of assuming that these hackers are only interested in going after bigger organisations. But, the fact is that when you’re an SME, your cyber defences are easier to hack, reason being you will not have the same budget available to you to spend on cybersecurity as a larger business, and attacking a small company carries a much lower risk than attempting to infiltrate a larger organisation, as the cyber criminals are less likely to be caught.

    Not to mention, hackers know that a small business is more likely to pay a ransom to have files decrypted quickly, so that business can get back to normal and downtime can be minimised. That’s why it’s essential that you have a robust Business Continuity Plan in place, so you can avoid these situations, and deal with them swiftly should the need arise. Below, I outline the key aspects you should take into consideration when creating a BCP.
    Key considerations for a Business Continuity Plan

    • Key business functions – what is going to cost your business the most if they are affected by an IT outage or system downtime?
    • Minimise the risk – what could be done to avoid critical business functions being affected by downtime, implement preventative solutions such as cyber awareness on risks/threats, staff education and network monitoring,
    • Recovery times – what could you do to reduce the time taken to get critical business functions operational again? As a suggestion, increase the frequency of backups for critical data.
    • Failover plans – what could you do to get important business functions operating during an incident? For example, if your head office suffered a power cut could staff work from another location?

    Do you require more information?
    Read more about the options we offer here
    Alternatively, please feel free to contact us

    What is it like to be the victim of a cyber-attack?

    What should you do to protect your business from further damage?

    Should you pay that ransom demand? – Here’s a scenario based on real-life experiences.

    Scenario

    IT staff at fictional High Street Solicitors firm Graham Solicitors head office have been caught by a phishing email. A member of staff clicked on a link to a spoof website because they thought the email looked genuine. It wasn’t. That was two months ago. Today, is when it all goes wrong…

    Tuesday 09:00

    Mick Rayall, Graham Solicitors’ IT administrator, began his day clearing the company’s email inbox of the usual junk, but one message stands out. His heart stops.

    “We have more where this came from. We will contact you shortly with our demands,” further down the message is someone’s name, email address and credit card details.

    Mick hopes it’s a hoax, but can’t take the risk. He calls the companies security officer, Steve Richardson. Steve isn’t impressed as he’s on holiday in America where it’s 4:00am.

    “This had better be important,” he sneers. Mick forwards the suspect email.

    “Have we checked the credit card number?” Steve asks, with tension and sincerity in his voice. “Is it one of our customers?”

    “When did we get this?” Steve snaps.

    “Er, it would appear we got it yesterday just after work, so I didn’t notice it until first thing this morning.”

    “So we are 12 hours into this?”

    “Er, yes,” Mick mumbles sheepishly.

    Tuesday 14:30

    “We’ve just got a second email come through,” Mick tells Steve. “It’s a ransom demand for £15,000 in the Bitcoin crypto-currency. We have to pay by 21:00 BST or they are going to delete all of our customer records.”

    “What?” shouts Steve. “I thought you told me they only had one?”

    “Er, no. They are claiming to have them all.”

    In a cold sweat, Steve calls Graham Solicitors’s legal counsel Margaret Greaves for advice. She has to dial in several times as her headset isn’t working properly. Her voice keeps dropping out during the conversation.

    “It looks like there is a potential breach,” she says. “Don’t respond to that message. I’ll need to review our existing legislation so we know where we stand.”

    “What about the police?” asks Steve, his holiday now thoroughly ruined. “Who are we going to notify?”

    Tuesday 15:30

    Things are rapidly spiraling out of control for Graham Solicitors. The hackers have sent a sample of customer names and credit card numbers they hold.

    Steve has now confirmed that the sample is genuine.

    “How about if we shut down the website?” asks Mick. “Then we can limit the risk.”

    Margaret butts in. “Before we do that, who should we tell first? What’s the data breach policy?”

    “I thought that info came from legal,” says Steve.

    “Aren’t you in charge of data protection?” Margaret asks Mick.

    “Nope, not me…”

    “Oh no, is it me?” asks Steve dispiritedly. “Anyway, if we take down the website that’ll just draw attention to ourselves won’t it? I’m not sure if that’s the right thing to do.”

    “Me neither,” says Margaret.

    Graham Solicitors’ head of public relations, Katie Ellis, has been called in to the situation.

    “This is not good,” she exclaims rather obviously. “We didn’t protect our customers’ private data. There’s a chance we’re gonna get hammered for this.”

    She points out that the company has a promotion running on the website currently.

    “We’re driving people to the website right now. What about their details? Are they being stolen too?”

    “Quite possibly,” says Steve. “We’ve got to shut down the site – or the eCommerce side of it anyway. And then we’ve got to decide whether or not to pay their ransom.”

    Tuesday 17:30

    Katie Ellis has drafted a public statement but doesn’t propose releasing it until people start asking questions.

    “We can just say we are experiencing an incident and do it reactively,” she says.

    “No – not an incident – a breach,” Steve advises.

    “Don’t use the word ‘breach’ – not yet anyway,” Margaret pipes in, thinking of the legal ramifications. Mick bursts in on the conference call.

    “We’ve found some malware! We had an email come in that went to in to quarantine, we checked it out and it has an attachment. That could be it.”

    “Ok, you haven’t clicked on it have you?” asks Steve, his day rapidly going from bad to worse.

    “Er… I just thought it would speed things up…”

    Steve swears and drops out of the call to get his security staff to check for any more damage.

    Margaret turns the conversation to informing the Information Commissioner’s Office.

    “We can report it online or phone them,” she tells them. “But we need to say what we did to reduce the problem.”

    “We were supposed to get new threat detection software last year, but we never got round to it so it wasn’t replaced,” says Mick. “It just didn’t happen – I never got to do it.”

    “Well don’t tell I.C.O. that,” Margaret shouts. “If we can’t show we have satisfactory controls in place we could be in a bit of trouble. And the cyber-insurance firm might not pay out.”

    Later, Steve confirms that most recent phishing email turned out to be a red herring, but tells the team: “We’ve found a phishing email sent two months ago that was linked to a log-in page made to look like the one for our online backup provider. That’s how they got in.

    “Ok, we have to handle things better from now on,” Steve concludes. “There’s no doubt in my mind that this will happen again, and it’s only going to get worse.”

    So what should Graham Solicitors have done?

    Reacting late has put Graham Solicitors on the back foot. You need to move very quickly in these situations otherwise the Cyber attackers will decide the pace.

    A poor understanding of data breach laws made the business vulnerable. They obviously did not have a breach policy in place nor did they know who was responsible for each role.

    The firm should have:

    • prepared a cyber-security breach plan with step-by-step actions to take
    • rehearsed this plan with staff
    • decided who is responsible for what during a breach
    • notified third-parties and suppliers
    • BE PROACTIVE -partner with an IT Cyber Security specialist for proactive support in the event of a breach
    • refused to pay the ransom – there is no guarantee the data would be given back.

    And if your firm is the victim of a data breach:

    • identify where the incident came from
    • contain infected devices (get them offline)
    • assess how many machines have been affected
    • restore lost data from back-ups
    • BE REACTIVE – partner with an IT Cyber Security specialist to make sure this doesn’t happen again.