Get full visibility and control over 320,000+ apps and browser extensions with our AI-powered assessment. Try it now.×
Home » Spin.AI Blog » Cybersecurity » Google Workspace » Ransomware Backup Strategy: Secure Your Backups
February 5, 2020 | Updated on: April 26, 2024 | Reading time 7 minutes

Ransomware Backup Strategy: Secure Your Backups

Author:
Avatar photo

Vice President of Product

When someone asks you about the best ransomware protection, the first thing you’ll probably come up with is a backup. After all, backup is the only security practice that actually can get your infected data back. Antivirus software and firewalls are just the first line of defense, which is far from being 100% effective against ransomware

But there is a problem. Ransomware can infect backups. In this article, you’ll find out about ransomware backup strategy, a set of possible ways to make your data more secure. 

Can Ransomware Encrypt Backups?

Short answer: yes, there’s a chance your backup will be encrypted together with the source data. We recommend reading how ransomware works to understand more about ransomware attacks and ways to prevent them.

Ransomware can get into the system and encrypt your data, including data stored in the Google/Microsoft cloud. Ransomware spreads through the cloud, as all local changes are automatically synchronized with the whole cloud. Usually, the encryption begins shortly after ransomware has sneaked into the system, for example, as a result of a phishing attack.

However, some recent ransomware strains do not encrypt your files immediately. Instead, they are hiding in the network and searching for system-critical data. That’s what is called lateral movement. Such strains are able to stay hidden for months, even years. For example, that’s how Ryuk works. When the important data pieces are identified, the encryption begins. 

To put it simply, your data can stay infected for a long time before the encryption begins. Naturally, there is a chance you’d preserve infected data with a backup. And when the time comes and encryption begins, your backup may contain only corrupted files.

But everything is not so bad. Corrupting backups with malicious code is not a certainty, but a probability. Though that probability can not be reduced to zero, there are several best practices that you can use to improve the chances of preventing ransomware infection of your backups.

How to Protect Your Backed-up Data from Ransomware

To increase the chance your backups won’t be infected with ransomware, you can implement a ransomware backup strategywhich is a set of security practices. Let’s take a look at four of the practices: 3-2-1 backup, multiple backup versions, making backups frequently, and the use of additional anti-ransomware software.

Though none of these practices makes your backups completely ransomware-proof, implementing them together is an extremely powerful security strategy.

Would you like to find out more about other ways to avoid ransomware? Check our article about ransomware protection to find out more about protecting your data from ransomware.

Follow the 3-2-1 Backup Rule

As ransomware spreads through the system, it may infect everything the infected user has access to. Let’s take a ransomware attack on the Office 365 cloud as an example. The backup data is vulnerable if it is stored in the same O365 cloud as the source data. However, there is a way to keep cloud data backups safe. 

3-2-1 backup strategy is a method of organizing your backups securely. The name 3-2-1 stands for having 3 separate copies of your data stored on 2 different kinds of media, with at least 1 copy stored off-site. Following this strategy means that even if one copy of your data is damaged, there are always other, safe ones. 

Generally, you can implement this strategy manually by using several cloud storage/hard drives to store your files. But in real life, this way may be too time-consuming to handle a significant amount of data. That’s why businesses often use cloud backups to ensure the safety of their SaaS data. Would you like to boost the security of your cloud data? Try third-party backup tools following the 3-2-1 best practice like SpinBackup for Google Workspace and Office 365.

Try SpinOne for free

Keep Multiple Backup Versions

As we’ve mentioned before, some ransomware pieces can stay undetected for a long time. This may lead your system to back up the corrupted items. Having multiple backup versions is a very straightforward solution. If ransomware hits your backup and the most recent versions are corrupted, older ones may be safe. Ideally, you should be able to recover the encrypted data in its pre-infection form.

In a nutshell, the more backup versions you have, the higher the chance that one is safe. Of course, this method is not a panacea, as there is a chance that even the oldest versions are encrypted as well. The longer the backup data retention, the lower the chance gets.

That’s why it might be a good idea to consider backup software supporting multiple backup versions and indefinite backup data retention.

Make Backups Frequently 

Another significant element of keeping your data secure is making your backups frequently. The major benefit of this practice is the safety of your daily progress. The more frequent backups are, the less not-backed-up data may be lost in case of a ransomware attack.

However, making backups too often requires too much storage space. Perhaps, the best idea would be making a backup several times a day, which protects your progress without excessive storage costs.

Looking from a reliable backup solution? Try Spinbackup for Google Workspace and Office 365 – a cloud backup software that combines 3-2-1 strategy offers multiple backup versions and automatically backs up data three times a day.

Use Additional Anti-ransomware Software

Using additional anti-ransomware software is a great practice you should consider. Unlike a backup, that can only recover files from a ransomware attack, a ransomware prevention tool will help you to stop it before it has gone too far.

Detecting ransomware ASAP is the key to preventing it from causing significant damage to your files. Early ransomware detection allows prevention of ransomware spreading through the whole network. Complete your ransomware backup strategy with advanced ransomware prevention software for Google Workspace and Office 365. Free trial included!

SpinOne: All-in-one Ransomware Protection Software

Perhaps most important in ransomware backup strategy is putting all the best practices together and making them work without relying on day-to-day attention from a system administrator.

SpinOne is automated security software that combines advanced backup functionality with ransomware prevention. This solution follows the 3-2-1 strategy, offers multiple backup versions, and automatically backs up data three times a day while utilizing advanced ransomware detection methods.

SpinOne utilizes an innovative ransomware detection method—behavioral analytics. This method is based on understanding ransomware patterns via abnormal file behavior. Powered by machine learning algorithms, it allows achieving 99% accuracy in detecting ransomware.

Here you can read more about SpinOne and its features.

Have more questions about SpinOne? Schedule a demo and get them answered!

Try SpinOne for free

Was this helpful?

Thanks for your feedback!
Avatar photo

Written by

Vice President of Product at Spin.AI

Davit Asatryan is the Vice President of Product at Spin.AI

He is responsible for executing product strategy by overseeing the entire product lifecycle, with a focus on developing cutting-edge solutions to address the evolving landscape of cybersecurity threats.

He has been with the company for over 5 years and specializes in SaaS Security, helping organizations battle Shadow IT, ransomware, and data leak issues.

Prior to joining Spin.AI, Davit gained experience by working in fintech startups and also received his Bachelor’s degree from UC Berkeley. In his spare time, Davit enjoys traveling, playing soccer and tennis with his friends, and watching sports of any kind.


Featured Work:
Webinar:

How Can You Maximize SaaS Security Benefits?

Let's get started with a live demo

Latest blog posts

Data Loss Prevention: Protecting Your Gold

In today’s digital landscape, data is one of the most valuable assets to your company....

Avatar photo

CEO and Founder

Read more

Obsidian Security vs. Spin.AI: Comparing Popular SSPM Solutions

Partnering with third-party applications and browser extensions have clear benefits to increasing the efficiency of...

Avatar photo

Product Manager

Read more
What is the NIS2 Directive Compliant Requirement and Checklist

What is the NIS2 Directive? Compliance Requirements and Checklist

With the rise of increasingly sophisticated cyber threats targeting all sectors, securing networks and information...

Avatar photo

Product Manager

Read more