Weekly Tech Tidbit – I challenge you to prove your backups work

July 14th, 2022
Weekly Tech Tidbit – I challenge you to prove your backups work

 

"None shall pass"

-The Black Knight "Monty Python and the Holy Grail"

Today I would like to challenge you to "test two aspects of your network backups.

Most of you have never done this because y预览 (opens in a new tab)ou are "too busy putting out fires". 这是夏天. If you cannot do it now, you are never going to do it. If you need extra motivation, This Spring some of the most popular cyber insurance renewal questions ask about your ability to:

  • Restore a server from scratch
  • Use your domain admin (or anyone's domain credentials) to access your network backup server?
  • Use your domain admin (or anyone's credentials) to access the storage your network backup solution uses?

Mumbling at your cyber insurer while evaluating risk does not instill confidence. We are hearing about a number of districts - even in this region - being rejected 或以其他方式 being aggressively challenged on renewing or getting cyber insurance.

I want you to do the following tasks:

  1. Turn to your staff and say, "This very important server just died, bring it back. The clock starts now. Go."
  2. You should just start wandering the network looking for the backup server and separately the backup server data. Can you find them as you? Can you find them as the domain admin ID?

Are you happy about how long it took to bring back your very important server in this disaster recovery exercise? Did the server come back cleanly? If the answer of either of those questions was "no", what happened and what are you going to improve the outcome?

Were you able to find your backup server? Were you able to find your backup data? If the answer to either of those was "yes", then you have some work to do.

The reality of our world is that if something happened - whether a technology failure or a malicious attack - your backups are your last line of defense. If the bad guys get into your network, they are going to try and break servers and other devices, 和删除, 腐败的, 或以其他方式, password protect your backups so that they can increase the pressure on you to pay their ransom to get your data and network back.

If you were not happy with the results of your impromptu DR test, please reach out to us.

We have recommendations and backup solutions that can directly address both of these major issues a thing of the past and at least pacify your cyber insurers on this one critical question in their evaluation of the risk associated with your school district.

Let me know how this goes.

-Scott Quimby