Educause Security Discussion mailing list archives
Re: Offline Backups for Ransomware Protection
From: John Ramsey <jramsey () STUDENTCLEARINGHOUSE ORG>
Date: Thu, 26 Aug 2021 14:49:29 +0000
We're using a combination of AWS and VEEAM. Attached is a really good two pager on back up strategies as a best practice, it's worth a quick read if you have a second. I think the interesting stat that is out there from Net Diligence states " Keep offline copies. Keep offline backups of your vital data to avoid the accidental spread of malware from publicly connected infected computers. Make sure your external storage drives or cloud backups are properly disconnected from your main corporate network to prevent backups from being accessed/infected by the spread of ransomware. Cybersecurity experts have posited that in up to 80 percent of incidents, certain types of ransomware impacted both regular network/devices and the backups. Timely recovery following a successful ransomware attack is significantly impacted by the efficacy of backup and backup segregation practices. John John Ramsey, Chief Information Security Officer National Student Clearinghouse Certified: CISSP, CISM, PMP, CSSLP, CRISC, CGEIT 2300 Dulles Station Blvd., Suite 220 Herndon, VA 20171 703.742.4428 | studentclearinghouse.org<http://www.studentclearinghouse.org> LinkedIn<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590166954&sdata=MdT45I1n7Hwbp8Zlkxlm0wEd0LdLnq5Cpr91ybCEjHw%3D&reserved=0> | Twitter<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590171933&sdata=idMHM8D4VdMRpIa2H1YUTmwMgC4ZU0L2jqL3VjVNs4s%3D&reserved=0> | Facebook<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FNSClearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590176915&sdata=ILW%2BPdv1fgHooOkbQlkP9ei%2BJOsk7YlCMzYNU572flU%3D&reserved=0> | Blog<https://www.studentclearinghouse.org/nscblog/> | Instagram<https://www.instagram.com/NSClearinghouse/> Serving Education Since 1993 This message is proprietary to the National Student Clearinghouse, is intended only for the addressee and may contain confidential or privileged information. If you receive this message in error, please contact the sender and delete all copies. From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Pelegrin, Jeremy J Sent: Thursday, August 26, 2021 10:42 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Offline Backups for Ransomware Protection EXTERNAL MESSAGE All, As we work to improve our ransomware posture, what are others doing for offline backups for recovery? Is it a subset of systems/data only? What technologies are being used? Happy to discuss offline if preferred. All the best, Jeremy Jeremy Pelegrin, MBA (He/him/his) Interim CISO | Information Technology Tulane University | 504-988-8548 (o) | 504-444-3536 (c) Collaborate | Innovate | Deliver<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fts.tulane.edu%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C24d26feda87743b0dadf08d9689fb4a9%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637655857400073452%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C7000&sdata=y3%2BqZVigaxCzUJoRNKWsKz%2BHALpfP3GXXK%2BzsiELUCU%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C24d26feda87743b0dadf08d9689fb4a9%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637655857400083411%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C7000&sdata=0UDdUG5Xa%2F9d2YMXdwiWoVEKBBxgbjgkWY4lYRdXGB8%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Attachment:
20210331_Redpoint_Article-321backup-strategy.pdf
Description: 20210331_Redpoint_Article-321backup-strategy.pdf
Current thread:
- Offline Backups for Ransomware Protection Pelegrin, Jeremy J (Aug 26)
- Re: Offline Backups for Ransomware Protection John Ramsey (Aug 26)
- Re: Offline Backups for Ransomware Protection Shane Kroening (Aug 26)
- Re: Offline Backups for Ransomware Protection Blake Brown (Aug 26)
- Re: Offline Backups for Ransomware Protection Frank Barton (Aug 26)
- Re: [EXTERNAL] Re: [SECURITY] Offline Backups for Ransomware Protection Kevin Cleary (Aug 26)
- Re: [EXTERNAL] Re: [SECURITY] Offline Backups for Ransomware Protection Blake Brown (Aug 26)
- Re: Offline Backups for Ransomware Protection Shane Kroening (Aug 26)
- Re: Offline Backups for Ransomware Protection John Ramsey (Aug 26)
- Re: [EXTERNAL]Re: [SECURITY] Offline Backups for Ransomware Protection Holley, Brian (Aug 26)
- Re: [EXTERNAL]Re: [SECURITY] Offline Backups for Ransomware Protection McCain, Alan (Sep 20)