Backup frequency: The Goldilocks zone for ransomware readiness

With MSPs increasingly targeted by cybercriminals, regular backups are critical to protecting both service providers and their customers. Carrie Reber explains.

Carrie Reber, senior product marketing manager at N-able.

Ransomware is on everyone’s minds these days, with attacks against small businesses, hospitals, and local governments increasingly in the headlines. Managed IT service providers are experiencing a dramatic increase in attempted cyberattacks. In fact, in our recent State of the Market: The New Threat Landscape Report which surveyed 500 senior decision makers at MSPs and was conducted by Coleman Parkes Research, we found that attempted attacks have almost doubled to an average of 11 per month per MSP since the start of the COVID pandemic.

Clearly, criminals have realized that MSPs are an efficient target to impact multiple businesses at once. This puts the already heavy security and response burden even more firmly on the shoulders of MSPs around the world. While endpoint security and ransomware detection technologies are critical and well deserving of investment, it seems inevitable that some attacks will be successful, making backup the MSP’s last line of defense and best avenue for recovery. The rise of ransomware brings new backup considerations, including the critical question of how often to do it.

Meeting acceptable recovery point objectives

Shockingly, the same survey also showed that 73% of servers are backed up infrequently—every 48 hours or less often. Only 27% of those surveyed are performing daily backups. If this is more broadly true, it points to a dismal inability to meet acceptable recovery point objectives (RPOs). Are businesses really willing to risk losing two full days of transactions, data, and productivity?

At the opposite extreme are those that invest in continuous data protection, which provides for real-time replication of every change to data. While this protects against data loss, it comes at a high cost, and may be overkill for most small or medium-sized businesses.

Getting the right frequency

So where is the happy medium? Where is the “just right” Goldilocks frequency for backups in this age of ransomware? And what are the acceptable cost tradeoffs? The answer may vary by customer and type of device, but some general best practices include:

  • Back up at least once a day for less-critical data, and at least twice a day for more transaction-heavy devices and applications.
  • Some data protection products make it easy to back up as often as every 15 minutes, with small, efficient backup files that minimize storage usage and data transfer time. Look at the size of your backup files and evaluate whether this is feasible, or whether it may be time to consider alternative solutions.
  • Ransomware has revealed the risks inherent in local-only backup storage. Be certain to keep at least one copy of your backups offsite, where they are insulated from attacks on the local network.

As you invest for improved ransomware readiness, don’t forget about backup. Be sure your last line of defense is strong, equipping you to meet your customers’ recovery requirements no matter what.

Carrie Reber is senior product marketing manager for N-able.