MSP Ransomware Attack Mitigation: NIST Backup, Disaster Recovery (BDR) Advice
The National Cybersecurity Center of Excellence (NCCoE), a division of the National Institute of Standards and Technology (NIST), has released recommendations to help MSPs protect their data against ransomware and other data loss events and conduct, maintain and test backup files.
The recommendations come after Cognizant and several other MSPs recently have experienced ransomware attacks.
For MSPs that want to implement an effective data backup recovery plan for ransomware attacks and other data loss events, NCCoE provides the following recommendations…
1. Identify Files for Processes and Backups
MSPs should prioritize files based on business value and operational needs and identify what backup files/data to secure offline and any regulatory and legal data retention requirements. They can then determine if automated or manual processes are best for generating backups and use these processes to retain copies of personal identification numbers, encryption keys, web browser cookies and other credentials.
2. Determine Frequency of Backups
MSPs should establish a time frame to restore files and applications. They also should determine the maximum age of backup files to ensure their operations can be reestablished with minimum acceptable interruption of operations.
3. Test Your Backup Recovery Plan
MSPs should develop response and recovery processes and procedures built on backup files and backup systems, perform tabletop exercises to identify improvement areas and determine workplace relocation options. In addition, MSPs should test individual systems and monitor backup processes for failures and consistency.
Effective data backup strategies enable MSPs to minimize the impact of ransomware attacks and other data loss events and improve their business operations and resiliency, NCCoE stated. Furthermore, these strategies empower MSPs to highlight their dedication to data security, backup and recovery to prospects and customers.