How Retailers Can Implement Backup Best Practices & Mitigate Ransomware on World Backup Day
If you work in online retailing, chances are you prepare for a surge of orders during holidays like Valentine’s Day, Halloween, or Christmas. In 2020, online retailers dealt with one of the busiest holidays yet after many people shifted to online shopping due to worries of the pandemic.
But how many retailers have prepared for today? What’s so special about March 31? This date might be the most important holiday for safeguarding your business’ information — it’s when World Backup Day is observed!
This is an entire day dedicated to reminding people to backup their data, documents and information against a wide range of threats, like ransomware. With more consumers turning to online shopping and cyberattacks on the rise, World Backup Day is taking on new significance.
The Cost of a Ransomware Attack
Maintaining backups is one of the best ways for online retailers to bounce back from a disaster, such as a ransomware attack. Having more than one copy of your data, information, and files is important within all industries, but especially online retail, which is a frequent target of cyber criminals.
Online retailers simply cannot afford to lose data they’ve gathered over months and years. For one, customers would be angry if their product orders were lost. They would also lose trust in your business and take their money elsewhere. According to our research, 59% of customers said they wouldn’t do business with a company that’s experienced a cyberattack in the past year. Also, think about all the information you’ve collected on customers, from previous order history, to contact information that is used for email marketing and promotions — losing all these details would be detrimental.
What’s more, compromised customer data could result in fines and other legal action. Retailers should also be concerned with complying with regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Imagine if a consumer would like to access their data, but you’ve recently suffered a ransomware attack. If you had conducted a recent backup, you would be able to retrieve and access that data. But, if you’ve put off backing up your files for a couple of months, you could find yourself in legal trouble.
Backups are Essential to a Ransomware Response Plan
By now, you should be motivated to start paying more attention to what’s at stake if your business is faced with a ransomware attack. One step to take on World Backup Day is to make sure that your ransomware response plan is fully developed — after all, it’s best to prepare ahead of time instead of wishing you had a plan after it’s too late.
Your ransomware response plan starts with selecting the right people to handle the crisis. Make sure it includes key voices that can make business-critical decisions. Your crisis plan should detail your course of action — such as if your business is willing to take the risk of paying a ransom, and if so, how.
It’s also a good idea to look at different cyber insurance policies. These can help cover the value of data loss and any fees and fines that might come from the information lost. If you do decide to go with a policy, make sure it’s documented in your ransomware response plan.
Backups play a huge part in the disaster recovery portion of your ransomware response plan. Taking stock of what data is most critical to operations, how often it’s being backed up, and how swiftly it can be recovered is crucial to coming out of the other end of an attack unscathed.
Backup Best Practices
Having a ransomware response plan and implementing backups are essential to keeping data out of harm’s way, but it’s also important to make sure those backups are fortified and out of reach from cybercriminals.
One strategy all retailers should follow is the 3-2-1 backup strategy. This means you should have three copies of your data on two different media, with one copy stored off-site, such as in the cloud. It’s extremely important to have your off-site copy be inaccessible from your company’s network, since some ransomware strains specifically look for network-attached backup files.
If you’re wondering how you’ll be able to keep all of these backups in different locations safe, don’t worry. There are ransomware protection solutions to meet almost any organization’s needs — from ones with combined cybersecurity and data protection capabilities, to security coverage for your cloud and on-site information.
While it’s great to take the first step of backing up your data, it’s equally important to regularly test your backups. Remember: your recovery plan is only as good as your most recent working backup. A rule of thumb is to at least conduct a partial disaster recovery test every six months, and conduct a full disaster recovery test every year.
Online retailers have a great deal to lose if they don’t properly protect themselves from the threat of ransomware. Not only could purchase records be lost, but so could sensitive customer data, which could lead to legal issues. So, take March 31 to conduct a backup, whether it’s your 100th time or your first.
After all, you don’t want to be caught as a fool on April 1 if you forget to backup your files!
Sam Roguine is a backup, disaster recovery and ransomware prevention evangelist at Arcserve.
