Cyber Insurance Backup Requirements
More and more Insurance Companies are splitting off Cyber Insurance from the regular policy. This new-age coverage is designed to protect your company in the event of an internal or external attack. Purchasing Cyber Insurance is crucial these days based on the number of sophisticated methods cyber criminals have at their disposal. From online scams, viruses and spoofed emails, employees are still taking the bait and falling into traps.
Below is a list of Cyber Insurance Backup Requirements.
-
Multifactor Authentication
-
Data Segmentation
-
Backup Encryption
-
Virus and Malware Scanning
-
Routine Backup Tests
-
Recovery Time Objectives
Multifactor Authentication
2 factor authentication should be enabled on everything, including your onsite and offsite backup software. Having just a username and password isn’t enough these days. Cyber criminals have the ability to restore the entire contents of a server after obtaining a copy of the backup. If you’re using an antiquated onsite backup solution such as the Windows Server Backup software, it’s time to upgrade to an enterprise backup solution to increase overall security.
Data Segmentation
This process involves setting up a separate network accessible to your servers only. This can be achieved by setting up a VLAN to segregate the networks. On the segregated network is where the backup storage devices will reside. A separate username and password should be used for backup operations and overwrite/delete permissions should be removed to prevent deletion and encryption. Rotate and swap backup drives whenever possible to ensure you always have a copy of your data even though it will be slightly outdated.
Backup Encryption
The Windows Server backup utility doesn’t encrypt data when backing up. When cyber criminals obtain a copy of an unencrypted backup, they can restore the contents onto another computer. Backup encryption happens during the backup job using specialized backup software. The files and data are encrypted when written to the local storage device or cloud storage.
If someone obtained an encrypted backup, they would not be able to restore it. Encrypted backups required the software used for creating the backup job and the log in credentials for the account.
Virus and Malware Scanning
As written about in the Cyber Insurance Antivirus Requirements article, standard antivirus doesn’t cut it anymore. Endpoint Detection and Response, plus Advanced Threat Protection with Heuristic Capabilities need to be enabled and configured for the highest level of protection.
Routine Backup Tests
This doesn’t need to be made complex. Just restore a file every month or so to ensure the backup job is working. Then every 6 months restore the entire contents of the server to another machine to fully test the integrity of the backup job.
Recovery Time Objectives
Its best to review your companies Recovery Time Objectives once a year at a minimum to ensure everyone knows what to except during an outage or attack.