Ransomware attacks have become increasingly common in recent years. These malicious programs encrypt files on a device and demand payment in order to decrypt them. Proper and regular backups can help prevent disruption from ransomware. Here are some best practices for backing up your data to avoid ransomware attacks:
Keep Regular Backups
The most important defense against ransomware is having recent backups of your files. Backups allow you to restore your data if it gets encrypted by ransomware. I recommend maintaining both local and cloud backups.
Local Backups
Local backups involve copying important files onto an external hard drive or network attached storage device. The key is backing up regularly – I do local backups daily so that I have multiple restore points in case an infection happens. I use backup software that does incremental backups to only copy new and changed files each day.
Store backup drives disconnected from your network and computer when not in use. Ransomware can spread quickly across connected devices. A backup drive that is only connected during the backup process has less exposure.
Cloud Backups
Cloud backups provide an additional layer of protection in case ransomware spreads to connected local backup drives. Leading cloud services like Backblaze and Carbonite offer unlimited cloud backup for a reasonable monthly fee.
I configure cloud backup software on my devices to continuously backup important folders. Cloud services retain 30 days of file versions, allowing recovery of previous unencrypted files if ransomware strikes.
Test Restores Regularly
Simply having backups is not enough – you need to regularly verify that you can successfully restore files from them. Otherwise you may find your backup is not working when you need it most.
I test restoring folders from local and cloud backups monthly. This ensures my backup process is working properly and files are recoverable. Testing also identifies any problems to correct.
Use the 3-2-1 Backup Strategy
The 3-2-1 strategy is an effective way to maintain resilient backups I recommend:
- 3 copies of important data – On your production device, a local backup, and an offsite cloud backup
- 2 different storage media types – Such as a local hard drive and a cloud service
- 1 copy offline and disconnected – The local drive or cloud backup protects if ransomware spreads
This covers your data from multiple risk angles. Even if ransomware infects your local system, your offline and cloud backups act as redundancy to restore from.
Backup High Value Folders
Prioritize backing up folders containing your most important data and files that would cause disruption if encrypted and held for ransom:
- Documents
- Finance files
- Photos
- Videos
- Other irreplaceable data
Focus your backup efforts on these high value folders for best protection.
Disconnect Backups When Not Running
As mentioned for local drives, keep backup storage disconnected from your network when not actively backing up files. This prevents backup drives from being infected over the network by ransomware that has compromised your computer.
I only connect my backup drive using a direct USB or Thunderbolt cable during daily backup runs. The rest of the time it is safely disconnected from any network access.
Use Account Privileges Wisely
Ransomware often relies on administrator privileges to spread quickly and access files on a system. Avoid logging into your computer with admin privileges for day-to-day work.
I set up a standard user account for most work tasks on my PC. I only switch to the admin account when installing software or making system changes. This limits how far ransomware can spread if I were to get infected.
Conclusion
- Regular, versioned local and cloud backups provide redundancy against ransomware encryption.
- Test restores ensure your backups are working properly.
- The 3-2-1 strategy covers multiple backup scenarios.
- Focus on backing up high value data folders.
- Disconnect backup drives when not actively backing up.
- Use standard user accounts whenever possible.
Following these best practices will help you be prepared and quickly recover your files should a ransomware attack occur. Proper backups serve as an important last line of defense against ransomware.
