Backup is a vital part of any cybersecurity defence plan, yet it’s a part that is often ignored in favour of more dramatic stories. The battle to repel invaders is often more compelling, with the news focusing on security experts and hackers locked in an arms race of increasing sophistication.
But while it may not be at the forefront, backup answers a very important question: what happens when the bad guys win? Managed Service Security Providers (MSSPs) may pride themselves on being able to stop attacks, but they need to have a backup plan if things go wrong. And that backup plan, often provided by Managed Service Providers (MSPs)… is backup.
The dynamic between cybercriminals and security experts is different from other kinds of theft. For bank robbers, every heist must be executed perfectly if they want to stay out of jail. The law enforcement on their tail, however, just needs to get lucky once to put their target behind bars. In cybersecurity, the roles are reversed—the criminals get lucky once, find one chink in the armour, and it doesn’t matter if the defences were successful every other time; they’re now in and they can do a lot of damage quickly.
Ransomware had, until recently, been a less fashionable type of attack. But as cryptojacking becomes less and less profitable, and cryptocurrencies become harder to mine, hackers are turning back to less subtle and more destructive ways to make money.
Don’t wait until disaster strikes
No sensible homeowner would stop paying home insurance and spend more money on extra door locks—but this is what many organisations today are doing. The City of Baltimore, for instance, lost a lot of key data in 2019 when it fell victim to several ransomware attacks. With no cloud backup or data recovery in place, there was no easy way to recover from the loss.
The increasing use of cloud and more reliable storage media means that backup may no longer seem as necessary as it was. But it remains an effective “get out of jail free” for ransomware and other destructive attacks—because you can simply roll back to a backup before the attack took place, and it’s as if it never happened.
Today, backup is beginning to be seen as a cybersecurity tool, but its history of protecting against disaster or failure means that it is a service better provided by MSPs rather than specialist MSSPs. With many MSPs and MSSPs becoming more specialised, this raises a question—who should offer backup? Is there room for standard backup solutions when increasingly sophisticated Disaster Recovery as a Service (DRaaS) products are available?
The answer is that MSPs should continue to offer backup as a core part of their service, both for disaster recovery and in case of a ransomware attack. Beyond the large-scale disasters, there are routine weekly requirements to recover specific documents or files that may have been accidentally deleted. Many MSPs have always offered security and should continue to do so. Backup is a crucial part of basic cyberhygiene, alongside patch management, antivirus, password management, and similar services.
Plus, backup is an important source of recurring revenue for MSPs. By providing their own backup solution, they can simplify a service that is often needlessly complex, managing everything from a single dashboard across data sources and customers, rather than a mixture of solutions.
Moving from backup to data protection
MSPs and MSSPs need to talk about backup in a new way. Before it was sold as insurance, just in case servers caught fire or moving parts unexpectedly gave out. But the return of ransomware means that this has changed. Businesses need to understand that their data is now at constant risk from those who want to do them harm in order to turn a profit.
MSPs, MSSPs, and their customers need to understand that backup is more than just an added extra, but a vital layer of cybersecurity defence. Just as cybersecurity demands that the most vulnerable parts of the network are identified and protected, with backup, the most important data must be identified, and important questions answered. How often should backups of data be taken? Are there areas where backup needs to be more frequent? What data can be backed up as a volume snapshot, and what can be done more selectively? How long can the business go with data being accessible? What is critical data and what is less important?
No one really wants to buy insurance, at least not until the worst happens—if nothing bad happens then it can feel like wasted money if disaster fails to strike. By instead positioning backup as the last vital line of security, MSPs and MSSPs can better protect their customers, and be heroes if data is lost to either security failure or natural disaster.
Read the latest edition of PCR’s monthly magazine below: