Tips to set up an effective backup system

According to Gartner, “by 2029, 50% of organizations will consider endpoint protection platforms as part of an overall workspace cybersecurity strategy, compared with around 20% in 2024.”

This upward trend is a positive sign. Nevertheless, the application of best practices and security hygiene rules will remain a priority.

One of these is the implementation of backup systems. In the event of data theft or damage to an information system, the ability to recover and restore data is a key factor in a recovery process.

An effective backup system also helps control the costs associated with the fallout of an attack, which can run into millions in many sectors. For example, IBM reported in 2022 that the cost of recovering from a data breach was around $4.5M, with the healthcare sector being the most targeted; in 2016, the attack on Uber cost the company $148M. Attackers aren’t letting off the gas.

Given the human and financial resources involved, securing data is crucial. And that’s without counting the risks associated with regulatory and legal aspects.
For example, under French law, the Consumer Code requires online platform providers to carry out an audit to ensure the security of the data they host, a breach for which Dedalus was fined 1.5 million euros for a data leak in 2021.
At a European level, Meta was also fined 91 million euros.

So how can we best reduce the impact of an attack and improve an organization’s resilience?
ANSSI, the French Cybersecurity Agency, offers a checklist of practical tips for optimizing data recovery and restoration processes in the event of a security incident.

Build and protect

Define a backup policy

Identify the data critical to your organization’s business.
Schedule backups at fixed, regular intervals.

Protect your backup and restore operations

Hardened administration workstations, network flows… Apply the same level of protection as for any sensitive administration operation.

Isolate your backup infrastructure

Network segmentation is necessary to isolate data from environments where production directories – such as Active Directory – are operated.

Control access to backups

Make sure that backups cannot be modified or altered, and that they are always available, by precisely controlling access. This applies equally to data stored locally and in the Cloud.

Ensure data security wherever it’s stored

Whether stored off-site, in the public cloud or with a service provider, it is imperative that sensitive data be backed up with enhanced security measures – such as encryption.

Upgrade your backup infrastructure

As information systems evolve, so do threats. Keep your infrastructure up to date and continuously improve it to protect the information system against risks, vulnerabilities, and emerging attack techniques.

Anticipate and react

Define a restoration strategy

The restoration strategy must be defined in conjunction with the disaster recovery plan, according to the various possible attack scenarios (espionage, ransomware…). This plan must be tested regularly, in particular by means of restoration tests, and must also take into account cases of operation in degraded mode, as well as the backup of installation media and business application configurations.

Plan regular offline backups

Data backups must be carried out regularly and stored in places disconnected from the information system.

Stay aware, even when it comes to backups

Following an attack, even backups can contain the vectors of compromise. It is therefore imperative to restore them from trusted sources, check that configurations are compliant, and schedule an antivirus scan.