How to Prevent a Virus from Infecting Your Backup Servers

We often talk about data backup as the best remedy for a virus infection. If the worst happens and a virus takes your systems down, then you just restore an uninfected backup.

However, what happens if your backup servers get infected?

Let’s address several technology pieces that need to be in place to prevent a virus from infecting a backup and permanently destroying your data.

We’ll assume in our discussion that a city already has some type of data backup solution along with endpoint detection and response (EDR) in place.

1. Monitoring and Alerting

It’s bad enough to get a virus. It’s worse if that virus goes undetected. Many modern viruses often mask themselves, retreat to the background, and do malicious things to your systems such as collect financial information. The longer the virus lurks in the background, the more it can spread and the more damage it can do.

Cities need proactive monitoring and alerting through a combination of automated software that tracks technology health combined with experienced IT professionals watching your systems. Part of that monitoring and alerting involves the right kind of EDR software that offers sophisticated monitoring tools to detect and block attacks.

2. Unlimited Offsite Data Backup Storage

Let’s unpack this phrase a bit.

• Offsite data backup: In addition to backing up your data onsite, you need an offsite data backup component for worst-case scenario disasters such as tornadoes, flooding, or fires.
• Storage (and retention): You will need to store various snapshots of your backed up data and make them available in case you need them. For example, you may need to see a snapshot of data as it looked one month ago if certain documents recently went missing. The right storage strategy allows you to maintain all versions of your files and documents while also retaining them for a set period of time.
• Unlimited: This is key to rarely (if ever) worrying about a virus or ransomware attack. What if a ransomware virus lingers around for a long time, infecting even backup files? Some recent critical data might unfortunately get lost, but you could still go back—as far as you want—to a snapshot of your data right before the infection hit.

It’s important to note that if you don’t have enough storage for a reasonable backup retention period, you may be stuck in a situation where the only files you can restore are infected ones. We recommend an unlimited offsite data backup storage service that allows you to keep your offsite backups indefinitely. Then, you can go back in time as far as you need to recover files.

3. Employee Education

Despite the best cybersecurity protection and data backup, employee education remains an essential part of your strategy. EDR and antispam software can help prevent access to many malicious websites and email attachments. But employees still need to learn more about what not to click on and how to spot hacking and phishing attempts.

Some things you need to talk about with employees include:

• Browsing safely and knowing the signs of a malicious website.
• Scrutinizing email attachments and understanding that hackers can spoof email addresses (such as an email supposedly coming from their boss).
• Downloading unnecessary or unauthorized software from untrustworthy sites (such as games, shopping apps, and productivity apps).

As we see from this situation, there’s more to backing up data than just backing up data. You need to stay vigilant through proactive monitoring and alerting. You need to retain data snapshots that go far back in case your backups get infected. And you need to keep training employees who often unknowingly take actions that let in viruses and hackers.

Worried about what would happen to you if a ransomware virus hit? Reach out to us today.