Pillars of Technology Protection – Part Four – Recoverability

The fourth pillar of protection is likely the one that keeps you up at night, but shouldn’t. We’re talking about system and data recovery.

Much has been made of the recent spate of ransomware attacks. But the truth is that if you had reasonably competent backup software and a process in place, these miscreants would have only slowed you down a bit, not stopped you dead in your tracks.

Let’s consider the two types of system recovery backups you can or should make. One is file backups that you can use to recover from something like a ransomware attack. The other is a full system restoration of operating system, all programs, and the data you created and collected. There can be some overlap here, and we’ll explain that a little later.

From a file preservation point of view, either cloud services (like Egnyte, for example, or SecuriSynch from Intermedia) or even Microsoft’s free backup program and an external hard drive, allow you to make point-in-time snapshots of your important data. As long as you keep your data in the specified locations (documents, downloads and desktop, for example) your data will either be backed up to the cloud service or ‘grabbed’ and backed up when you run the backup program.

Most of these products can be configured to keep both an initial and some number of prior generations of documents. So, for example, if you have a contract you use that changes from time to time, you can set the number of versions or revisions to say, eight, and you will be able to revert to or activate any of the last 8 versions of that document or file.

In the case of ransomware, IF you end up with an encrypted disk, AND it replicates to your cloud backup, then each file is treated like a new version of the original. You then simply revert to the original version(s) and synchronize the files back to your PC. It takes time, but you have pretty mush immediate access to your files for the few you need that day. (Of course, you want to make sure you remove and remediate the virus that did the damage before you recover!)

Another strategy for recovery is to have individual backup programs on each PC that either create a backup of your data or of your entire PC so that you could completely recover the pc. We refer to this a being able to recover from a ‘bricked PC’ because when it won’t boot, it’s as useful as a brick! This type of backup is best done in a networked environment because you want the backup to exist someplace other than the PC. Now, this backup file can be saved to a cloud environment. BUT the size of the backup might prevent this from being practical. In most cases a full restorable backup from a program like Aomei, Acronis, or Symantec is best stored on an external USB drive. The good news is that most people can store 2 or 3 full recovery copies of their entire PC on a single, 1-terabyte hard drive.

For recovery, these programs allow you to make a bootable USB or DVD that in turn walks you through installing the drive, selecting the backup image and then copying it from the external drive to your PC. You can also make a full baseline backup, and then incrementally store what has changed since last time. This makes the subsequent backups MUCH shorter and gives you the ability to spick a specific point in time to restore to. Pretty sweet, eh?

Better still, these programs also often offer the ability to ‘open’ the archive and recover individual files as well.

If you have complex billing systems that use database products like Microsoft SQL server or other products with complex file collections like Autocad Archtecture, you require specific recovery considerations that are beyond the scope of this short discussion. But not to fear, as these are well known and understood, the backup considerations are fairly standard. Complex, yes, but again not ‘hard.’

The take-away: with the availability of free tools from Microsoft, and inexpensive and fast external hard drives, everyone should have the capacity to restore their system ‘from scratch’ to a reasonably close period of time. For a modest investment, additional software can be purchased to allow greater flexibility in recovery point (how far out of date your files are when you restore) as well as the ability to ‘roll back’ files to a prior point in time.

Positive SSL Wildcard