The term ransomware, also known as “data hijacking,” refers to malicious software that restricts access to certain files on the infected operating system, demanding a sum in exchange for removing such restrictions. In other words, it charges a sum of money to release restricted data as “ransom.”
In this article, we will focus on understanding how to strengthen the strategy against ransomware, leveraging the new features of Veeam Backup for Microsoft Office 365. The figures related to ransomware are staggering, and it’s interesting to note that in just one minute, losses resulting from this software can go up to $1,400, while in an hour, they can reach $88,000. These figures have been confirmed by IT leaders. Additionally, it is estimated that 94% of attacks target the backup repository, including the repository generated by VEEAM, as cybercriminals recognize our tool as a well-known and robust solution in the market. In 2021, 76% of companies suffered at least one ransomware attack.
Following such an attack, there is an average data loss of 36%, as in many cases, it’s not possible to restore them, and 24% of companies claim they were unable to recover them at all. Globally, a ransomware attack occurs every eleven seconds. While it’s expected that this figure will decrease in the future, it is currently a reality we must live with and prepare for.
Only 10% of companies have an effective security plan, meaning the remaining 90% are not adequately prepared. This situation represents a significant opportunity today, as it’s crucial to protect data and have recovery mechanisms in place.
In this regard, there is a market rule known as the “3-2-1 rule,” which states that 3 copies of the data should be maintained on 2 different storage media, with 1 of these copies stored off-site, for example, in the cloud. The purpose is to have an external copy that allows data restoration. This is the importance of the 3-2-1 rule. VEEAM adds two extra elements due to the importance of having an air gap, which implies that the data is disconnected from the network. This functionality can be enabled through VEEAM Backup, thanks to a feature called immutability, which essentially seals the backup repository for a minimum of 7 days, preventing anyone, not even the backup author, from modifying it during this time. Finally, with VEEAM’s recovery feature, the backup can be restored without errors. Having a backup copy is useless if, at the time of restoration, it doesn’t function correctly. With this solution, restoration can be done smoothly, ensuring uninterrupted operations.
In the current market, Microsoft’s basic offering is very limited, and frankly it’s not the company’s responsibility to protect or back up data; its function is to provide some degree of user assistance. Companies like SYAAT can store various copies of data in past periods, ensuring the ability to restore data without being affected by ransomware or viruses. On the other hand, the backup offered by Microsoft consists merely of a copy stored in the recycle bin for approximately 30 days. So, if that copy is infected, what’s the point of restoring a compromised copy?
The function called “internal protection,” unfortunately not offered by Microsoft, can only be provided by a service provider like SYAAT. This function is implemented through a technology called Veeam Cloud Connect, which is only available to cloud service providers, aimed at providing internal protection to their clients.
Implementing this strategy can completely change the situation and save a considerable amount of money for any company. SYAAT can also automate the service, allowing the company itself to perform the restoration, resulting in cost savings, as the company can choose whether SYAAT performs the restoration or the company does it as needed.
When a company seeks to create a data protection strategy, several aspects must be considered: strengthening the recovery plan through services that not only back up Office 365 but cover all necessary aspects; backing up and being able to restore physical machines and servers; ensuring everything is set with the immutability function; and ensuring there is an off-site backup.
There are still many companies that need to retain data for more than a year, and this simply cannot be achieved with Microsoft’s basic solution; instead, the intervention of a third party like SYAAT, along with Veeam Backup for Microsoft 365, is required for the process to perform correctly.
Veeam Backup for Microsoft 365 includes backup for Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams. And perhaps most importantly, its self-service mode helps automate the restoration process.
This contributes to the stability of companies because as demand increases, processes also consume more time, which can generate high costs. And saving time means saving money. With SYAAT, time and money are saved. Additionally, VEEAM also helps improve security through multifactor authentication (MFA), which involves sending a code to the mobile phone to confirm identity and access to the Office 365 account.
This allows access to restoration without the need to provide direct access to the backup server, which is essential for restoring access to the server containing all the details and critical and strategic backups of the company.
Another new feature in version 6 of VEEAM is backup copy with low-cost object storage. Data storage in public and private clouds is becoming increasingly expensive. This type of long-term storage allows data to be divided into individual retention periods, which can reduce storage costs by up to 20 times. Moreover, this way of handling hardware failures provides greater security thanks to the immutability achieved with VEEAM, and the backup complies with security and protection standards. It’s a much more flexible way to perform backups and with superior performance.
Veeam Backup for Microsoft 365 is a product that allows the company to have backup and replication, which is ideal. All VEEAM needs is access to all organization privileges and logs. The configuration will allow selecting which elements will be protected, such as Exchange, SharePoint, and Microsoft Teams. Then, backup infrastructure or object storage will be established. The backup repository must have a portion of local cache, and finally, this club repository will be assigned to comply with the established policy.
By following all these steps, your company will optimally comply with the 3-2-1-1-0 rule. Remember that having truly protected data is a necessity for all companies. Don’t fall behind and take a step in the right direction.
Sign up for our webinar!
