A Second Look at your Hybrid Workforce

/in , , /by

In the last two years, companies worldwide have transitioned from a traditional office setup towards a hybrid workforce model as a part of a solution to the pandemic situation. While many employees are going back to the office, physical capacity in the workplace is still limited, and many companies need to make adjustments to accommodate everyone. Many businesses are finding that using a hybrid workforce is a solid long-term solution.

Connecting Everyone through Teams

In a hybrid workforce environment, employees get divided into teams where some complete work at the office while others do their job from remote locations, usually from their homes. It lets work get completed while allowing social distancing.

The challenge for management is unifying their team and getting them to work as a unit, despite having employees working in separate physical locations. This setup is where a hybrid solution comes in. A working system comes with tools like stable network infrastructure and reliable and organized features that boost productivity. And, at the same time, the tools allow employees to coordinate seamlessly with other team members in the company for a consistent and coherent workflow.

Benefits of the Hybrid Workforce System

The main objective of a hybrid system is to create balanced work productivity and to maintain consistent team effort regardless of the location of the workers. Besides the obvious benefit of allowing companies to continue operating in the face of the pandemic, a hybrid workforce also provides multiple benefits to both the employer and the employees. In fact, because of these benefits, many employers have decided to utilize the hybrid system as part of their permanent work setup.

Reduced Physical and Emotional Anxiety

While it has been going on for almost two years, the pandemic is still far from over. Many people are still hesitant to take public transport. Many also avoid taking their work to public, nonsecure Wi-Fi settings. With a hybrid system, anxiety from these issues is eliminated for everyone.

More Economical

For the employer, a hybrid setup will dramatically reduce expenses with rental space or office maintenance. This will help free up funds for other aspects of the business. For the employee, there will no longer be a need for a daily commute. The cost will also reduce, helping you control the budget.

More Access to Resources

In a hybrid setup, employers can also hire international talents and not just local ones. Employers can easily employ services from workers from any part of the world. With the wide availability of online IT management services, it is easy to keep your technology ahead of the competition.

Taking a Cue from Microsoft’s Approach in Hybrid Workforce

Migrating any business into a hybrid workforce environment is a lot of work. The process is not overnight. Microsoft came up with an approach that we could follow and developed powerful tools that we could all use to navigate the challenges of the transition.

If you have not yet taken any steps to shift to a hybrid system, now is the perfect time to go through Microsoft’s Hybrid Work: A Guide for Business Leaders. You’ll learn more about the need to make the transition. How it can benefit your company and your employees, and how to make the shift successfully.

Microsoft Teams Rooms is one of the many innovative tools Microsoft has developed to support hybrid workforce environments. It will connect remote workers in the office using tools that are powerful, flexible, secure, and easy to use. If you do not use the Microsoft Suite, you can always use ZOOM or similar programs.

Up Your Hybrid Workforce Game with our Help

Working with an MSP is the most efficient way to achieve the highest productivity out of your new hybrid workforce. We can provide you with all technical advice and security as you shift your business to online usage. We use state-of-the-art tools to keep you ahead of the competition. Also do all kinds of assistance in terms of hardware, software, data storage, and online support. Contact us today to learn how to flawlessly integrate your existing work setup into an efficient hybrid workforce system.

Upgrade your Business with 179 Tax Deductions

/in , /by
If your company is upgrading computer software or hardware, now might be the right time to save lots of money for your business. Lots of small and medium-sized business owners will be familiar with some of the available tax deductions. However, as far as Bonus Depreciation and Section 179 tax deduction are concerned, many smaller business owners often believe these to be more complicated. This blog will help you understand how business technology upgrades use Tax 179 deductions.

179 Tax Deductions technology explained

Section 179 is an incentive for smaller businesses to finance, lease or purchase equipment by allowing up to $1,050,000 each year, deducted from taxable income for qualified business equipment purchases. There are limitations on types of equipment and the amounts that they deduct. The Section 179 allowances mean that small and medium-sized businesses can make significant savings.

179 Tax Deductions and limitations

The max we can deduct is $1,050,000, and we can purchase for the full deduction at $2,620,000. Therefore, if purchased equipment costs more than $2,620,000, then the Section 179 deduction decreases at a rate of dollar for dollar and will reach zero when the cost of equipment reaches $3,670,000.

Types of property that qualify for 179 Tax Deductions

Tangible property by the IRS use The Section 179 tax deductions . The equipment must last over one year for the business. Possible purchases include:
  • Office equipment
  • Computer software
  • Computer hardware
  • Qualified improvement property
  • Some listed property

Bonus depreciation – an explanation

This tax law is an incentive for small and medium-sized businesses to have a deduction on qualified purchases for their first year. For the year that the business buys and uses the equipment, they can deduct 100% of the expense and depreciation too. Businesses are allowed to take both Bonus Depreciation and Section 179 allowances. However, you must apply Section 179 first. After the Section 179 limit of $1,050,000 has been reached, the rest is taken as bonus depreciation.

Time to upgrade?

If you’re considering upgrading your business technology through the 179 tax deduction, now is a perfect time. You can use these purchases under Section 179.
  • Laptops, tablets, workstations, and smartphones
  • Printers, servers, and server upgrades
  • Network switches, network security appliances, and routers
  • Microsoft Dynamics and Microsoft Office
  • Other software off-the-shelf

Benefits of upgrading your business technology

By upgrading business technology, small and medium-sized businesses can save a lot of money while staying ahead of the competition. Upgrading technology will help your computers run faster. Work time is lost when computers take time to boot up. Smaller businesses feel this time lost much more than bigger companies. With upgrades in technology, productivity increases resulting in less downtime. If it’s been a while since you invested in new technology, your devices might be wearing out. With older computers, any new software you purchase might not run correctly or may run much slower than it should. So investing in new technology and making the most of the Section 179 deductions is a huge opportunity.

How we can help

As an MSP, we believe it’s important to let you know how your business can make the most of IT infrastructure and services to achieve outstanding business performance. The Section 179 tax deduction is an example of how your business can help its bottom line while improving its IT infrastructure. Contact us for a Business Technology Audit today to see how we can help you and your business.

Section 179 Deductions That Business Owners Can Use

/in , /by

When you’re a small business, it’s critical to get your taxes right. Many small business owners look for ways to maximize deductions to minimize how much tax they pay. One tax-saving loophole not everyone knows about that could help is the tax code Section 179 deductions. If you’re unaware of what Section 179 deductions is, this blog will help define it for you. We’ll explain tax 179 deductions and how you can take advantage of them with the help of your MSP.

As usual, we need to let you know that these offers may not apply to your business. To get the most out of this government program, we recommend consulting with your tax advisor. Now let’s learn how to save some money!

What are Section 179 Deductions?

When we talk about 179 deductions, these are the classic ” tax deductions,” but they offer extra benefits. With many write-offs, you can only take partial deductions over a few years. Suppose you buy a car for your business, but you can only write off a portion of the value over the next five years. By definition, Section 179 deductions in the tax code allows a business to deduct the value of a property purchased for the business against any profits (or losses) that happened during the year it was purchased and implemented, thus lowering the total tax burden. This “property” falls into the following categories:

Business Personal Property: This would include anything purchased for business use that isn’t bolted to a floor or wall. This includes furniture, computers, software — even paper and pens!

Machinery and Equipment: This includes items purchased for businesses that are too large to move or are bolted in place. An example of this would be a printing press or conveyer belt.

Business Vehicles: These are cars or trucks with a gross weight of more than 6,000 lbs and are used exclusively for business purposes.

Listed Property: This is property used for business purposes. In this case, you don’t have to use it entirely for business purposes, but you can only deduct the portion used for business proportionate to the time used. For instance: if you have a home office and work for eight hours a day for five out of seven days a week, it means you use your home for business purposes about 23.7% percent of the time, and therefore you could write off 23.7% of your mortgage.

Capital Improvements: When you improve a building used for your business, you can write off that expense. This section also includes items like air conditioning or alarm systems.

Section 179 – the basics for SMB Tax deduction

This section applies to deductions for property depreciation. It doesn’t increase how much you can deduct overall, but it does give smaller businesses the option to act more quickly. In some cases, an asset may be usable for up to 39 years. Section 179 means that a company can declare the deduction of this asset in one year alone instead of spreading over a longer time. Let’s say, for example, that a bar buys a new $4000 television. Based on ten years of the TV’s life, straight depreciation would only allow the business to deduct a percentage of the cost every year for ten years. With Section 179, the business owner deducts the whole amount the first year.

Why is this useful to small and newer businesses?

When you set up a new business, you have a lot more going out than you do coming in, and there are a lot of assets that need to be purchased. Section 179 deductions means that new business owners can take advantage of deducting their purchases now. Smaller but established businesses can also take advantage of buying new assets to help grow their company. Buying things upfront is costly, so with Section 179 deductions, this outgoing is less burdensome. In addition, you don’t have to wait years to benefit from tax deductions when you purchase assets.

What assets qualify for Section 179 deductions?

It is possible to deduct taxes for business assets that will last over one year (as determined by the IRS). These include:

  • Office furniture
  • Machinery
  • Business equipment
  • Business vehicles
  • Software
  • Computers

Of course, more groups apply, so talk to your tax advisor for more info.

MSP – How can they help?

A Managed Service Provider can help you maximize your tax savings from Section 179 deductions. In addition, they will be able to guide you through the options for your hardware and software needs. Finally, they can help forecast your business’s future needs in terms of technology, including purchase, finance, or lease services for equipment. Contact us before time runs out!

Who Should Handle Your IT?

/in , /by

In our evolving COVID-19 world, we’ve had to re-learn the way we act and think. What worked for our businesses in the past might no longer help us in the future. The pandemic caused a seismic shift for many small businesses. Those who learned to adapt to the changes survived and thrived. With COVID-19 not off the table yet, we’re now in a time where business owners need to be strong, flexible, and determined. That is why we will show you why you need a Managed Service Provider to handle your IT.

If we look back on the pre-pandemic world, we had it pretty good. Of course, life was never perfect, but we had it good compared to other times in the past – the world wars, the strife of the depression, and the hardship of the last housing crisis. At our fingertips, we had a smartphone containing answers to anything we wanted to know. Technology was our friend.

Thriving and outsourcing

The businesses that thrived in the pandemic, and came out of the other side, knew what they needed to do. They had a support system that made sure they knew what they needed to do to handle your IT needs. That support system? It’s your MSP. The Managed Services Provider who took care of things when they were on the shaky pandemic ground keeps businesses running.

While every business owner would love to stand on their own two feet and be self-reliant, the truth is that the most successful enterprises do not. Instead, they outsource to experts so that they can work entirely on their business without having to worry about how to handle their or your IT.

Relying on an MSP to handle your IT

One of the main reasons why many companies outsource their IT support is for cost reduction. By outsourcing, you don’t need to worry about employing a person in-house. What’s more, unlike a single employee, an MSP is available all year round, 24 hours a day. They won’t take sick leave or go on vacation, for example. Imagine your sole IT employee is away in the Maldives when you have a cybersecurity issue!

Another important reason why many companies prefer to rely on an MSP is due to the secure infrastructure. MSP data centers and IT infrastructure is more secure when compared to a standard IT system in a business. This extra layer of security means that network data is protected. Of course, business cybersecurity is something we can’t take lightly.

Finally, using an MSP means your company can centralize all of its servers and applications within a managed data center. With centralized data, you can have storage, backup infrastructure, and virtual services as well.

Do I need an MSP?

Only you can answer that question. However, it’s probably a good idea if you’re a small business with many employees wearing more than one hat. One drawback is that small businesses often suffer from knowledge gaps concerning IT updates and developments. With an MSP, no employee will have to wear the “IT Wizz” hat – they can all concentrate on their roles. You’ll have complete peace of mind about your cybersecurity with IT experts on board.

Small businesses often need more predictable budgets, too, and if this is the case, an MSP can help. Since the cost of IT changes frequently, it can be daunting for small businesses to even put a figure on their future IT expenses. In addition, budgeting for IT is not easy! One month you might not need anything at all, but the next, you might need to deal with a broken computer, a security issue, or need a crashed server. With an MSP, you can choose to pay a flat fee each month, which makes budgeting much more predictable. And because all of the systems are maintained, they last longer, which again reduces costs.

Can you be self-reliant to handle your IT?

Of course – and there’s nothing wrong with this if you know what you’re doing. If your company is in the IT industry itself, it might make sense to do everything in-house, for example. It’s up to every business owner to weigh the positive and negative aspects of overseeing your technology. As most owners soon discover, hiring an MSP to take care of the technology is often the most cost-worthy solution. If you’re interested in learning more about Managed Services, contact us today!

Don’t Rely on Your Cloud Provider for Disaster Recovery

/in , /by

It surprises some to hear this, but cloud doesn’t come with disaster recovery built in. Creating and implementing a disaster recovery strategy for your cloud infrastructure is your responsibility.

Disaster Recovery-like Features in the Cloud and Their Shortcomings

There are some capabilities in the cloud that sound like disaster recovery. Cloud has high availability, and if the hardware underlying your instance goes down, your virtual machine will readily and automatically be migrated to a new physical device. That sounds like just what you need for DR, but there are several ways this falls short:

  • If there’s a widespread outage, due to network, power, or other issues, you probably won’t be automatically switched over to a different region that isn’t experiencing that problem. Even if the cloud provider can do this, it may not meet your recovery objectives.
  • The data backed up by the cloud provider and used for your recovery may not meet the recovery objectives for your business and your workloads. Unless you’ve got a backup and recovery agreement with your cloud provider, they may only have a backup of your most recent data. This may not enable recovery in instances like ransomware.
  • If you’re using Software as a Service, you may not have access to a copy of the data to store in a different location for safety. Even with infrastructure or platform as a service, moving data out of the cloud can be difficult and expensive. Remember the 3-2-1 backup rule requires having copies of data in multiple locations! 

Build Your Own Disaster Recovery Solution

The net impact of those shortcomings is that to achieve true disaster recovery capability, you need to plan and implement a solution yourself, even when your infrastructure is in the cloud. To do this, you need to add a few capabilities:

  • Secondary location in another region, cloud, or data center. If there’s a network outage that prevents you from accessing data in your primary cloud, you need another site where you can connection. This can be another region of the same cloud provider, a different cloud provider, or a data center you still maintain and support.
  • A complete backup and archiving strategy. You need to create and store copies of your data that will allow you to load data at a secondary site, recover from ransomware, or load historical data for analytics or compliance purposes.
  • Offsite storage. Keep a copy of your data outside of your cloud to ensure you have access in case of a cloud failure.
  • Unify your cloud recovery strategy with your on-premises recovery strategy. Because most businesses are not cloud-only and have a hybrid IT infrastructure, you’ll simplify your recovery solution if you have one set of tools and one strategy that covers your systems whether they’re running in the cloud or at your own site.

CCS Technology Services develops comprehensive disaster recovery solutions that protect your business wherever your data resides. Contact us to learn how we can help you develop a disaster recovery strategy for your cloud.

Additional Disaster Recovery Resources

5 Disaster Recovery Disasters to Avoid

Craft An Effective Disaster Recovery Plan

5 Changes to Make When You Switch to Disaster Recovery in the Cloud

Summer Storms Shouldn’t Take Down Your Servers

/in , /by

Summer means power outages. That can mean a data center outage; but it shouldn’t. All businesses should have appropriate disaster recovery plans to keep them functioning through power outages and other incidents that take down systems.

A disaster recovery plan includes the steps needed to bring information systems back online, but it isn’t just a copy of the daily runbook. The plan needs to document:

  • Inventory of systems affected. Both hardware and software resources should be identified.
  • Risk assessment and prioritization. Some systems can have downtime without major impact on the business; others serve critical business functions and need minimal downtime. Analysis should rate each system’s level of risk and its importance to the business.
  • Recovery objectives. “As soon as possible” is not specific enough guidance for the IT team. In order to appropriately design a recovery procedure, the business should define a recovery time objective (RTO) and recovery point objective (RPO) for each application. These numbers tell the IT team how long an application can be down and how much data the business can afford to lose. With those numbers in mind, the technology team can implement high availability and backup solutions appropriate to the business needs. Without those numbers, IT has no choice but to overspend and provide high availability to all applications or underspend and fail to provide applications the support they need.
  • Recovery procedures. Because teams shouldn’t need to scramble to figure out what to do in the middle of a crisis, the plan should include specific details of the recovery process. It’s particularly vital to include dependencies to ensure systems are brought up in the appropriate sequence. Also critical is documenting the process to check out the restored servers and verify that they’re up and operational with the correct data.
  • Recovery personnel. Include a list of key contacts and their backups. Also document responsibilities, including who has the all-important authority to invoke the recovery plan.
  • Fallback process. Recovery may include bringing systems up at another location; eventually, they need to be restored to the normal production servers. In many ways, this process is the same as the recovery process, just to a different set of machines, but any special considerations should be noted.
  • Impacts on business processes. It’s possible that some recovery procedures will change the way the business needs to perform certain operations. For instance, you may opt not to have secondary servers for a low-priority process and to switch to a manual process in case of failure.

Once the recovery plan is developed, it needs to be tested to ensure that it works. It’s surprising how easy it is to leave important systems and important steps out of the plan! Only testing can provide the reassurance that the plan will be effective. Tests can be as simple as a tabletop read-through, but full-scale disaster simulations that execute the documented processes are the most robust way to test a disaster recovery plan.

Finally, the plan needs to be kept up to date to reflect changes in IT resources and business processes. It’s a good idea to update the plan as part of your change management process whenever a new system or device is deployed in production. Annual reviews, coordinated with an annual test, are also effective.

For more guidance on developing an effective disaster recovery strategy, contact CCS Technology Group.

Additional Disaster Recovery Resources

5 Disaster Recovery Disasters to Avoid

Make Sure Your Disaster Recovery Plan Isn’t Just Words on Paper

Craft An Effective Disaster Recovery Plan

Choosing the Right Offsite Location for Backups

/in , /by

It’s well-known that one of the best strategies for backups is to follow the 3-2-1 rule: have a least three copies of data, use two different storage media, and keep one copy offsite.

When it comes to deciding where to keep the offsite copy, cloud is an obvious choice today. However, cloud isn’t the only choice. The backup copy can be stored at your secondary data center, or at some storage facility.

How do you choose? The cost of the storage is one factor, but other factors should be considered as well. While the primary reason for keeping the copy offsite is to ensure you won’t lose it if your primary site it totally destroyed, there are other considerations as well.

The things to think about in addition to cost are the level of risk and the impact on recovery time objectives (RTO) and recovery point objectives (RPO).

Offsite storage can impact your RTO depending on how long it takes to access the data. If you use cloud for offsite storage, this will be impacted by both data access times (backups stored on a less expensive storage tier will take longer to access) as well as the time to transfer the data. That data transfer process will in turn be affected by network bandwidth. If you choose to store data offsite at a storage facility your RTO will be impacted by the time to locate the backup as well as either the network bandwidth or the time to physically ship the media to your data center. If your offsite location is a secondary data center and you’re failing over there, you may be able to recover almost immediately; otherwise, transferring the data back to your primary site requires either network bandwidth or physical transport capability.

The time delay in delivering offsite media also affects RPO. You’ll lose any data between the last backup and the outage. If it takes a day for a tape to be delivered and processed, you won’t be able to recover yesterday’s data; you’ll be recovering the day before yesterday, while yesterday’s is still in transit.

The final consideration is risk. Offsite storage that’s nearby is conveniently accessible by your onsite staff, but it’s vulnerable to being damaged by the same natural disaster that’s taken out your primary site. A more remote storage site reduces that risk but can increase delays or errors in accessing the data you need to restore.

Many times, if you’re following the 3-2-1 rule, you’ll have a second copy in your data center and won’t have to worry about accessing the remote copy. But if that onsite backup turns out to be bad, getting access to the remote copy will be extremely important. CCS Technology Group helps businesses develop comprehensive business continuity solutions that ensure you’ll have access to your backups when you need them. Contact us to learn more about what you should consider when developing your backup strategy.

Additional Backup Resources

Don’t Let Ransomware Destroy the Backups You Need to Recover from Ransomware

Effective Backups Need to Address These Challenges

The Differences Between Backups, Disaster Recovery, and Archiving Matter

How Many Purposes Are Your Backups Supporting?

/in , /by

Backups are not a new practice, but backups today face new challenges. They need to serve multiple purposes and meet multiple requirements. Businesses that are still creating their backups the same way they always did should review their strategy to make sure it meets today’s backup requirements.

Many Backup Purposes

Backups aren’t just about making copies of files. Backups need to create the duplicates in ways that allow them to be used for multiple purposes. These purposes include:

  1. Data retention. Depending on your industry, there may be compliance mandates to retain all data for some period of time. In addition, new application development and analytics projects need access to historical data. When planning for this need, it’s important to recognize that backups are not archives.
  2. Disaster recovery. Backups are the primary method businesses uses to recover from outages and other disasters that make servers inaccessible.
  3. Prevent tampering. Data tampering is a kind of disaster, but deserves mention on its own. Backed up data provides an audit trail and historic record of data changes that can identify whether data has been tampered with and restore it to the correct value.
  4. Comply with e-discovery and data privacy laws. Backup files provide support for e-discovery requests that mandate searches through historical data. Backups also provide support for new data privacy laws that require businesses share all the information they have about a consumer with that individual.

Many Backup Requirements

Along with being able to support multiple purposes, backup strategies need to meet multiple requirements. These include:

  1. Completeness. It’s easy to omit critical systems from backup scripts or to overlook alerts that backups are failing to complete successfully. At the same time, some data may change infrequently and not need daily backups. Matching the level of protection to data criticality requires analysis.
  2. Time to create. Creating application consistent backups generally requires applications to be quiescent. The windows available for shutting applications down continue to shrink as business continues around the clock.
  3. Time to restore. Different backup approaches offer different levels of flexibility and take different amounts of time to complete the file restore process.
  4. Security. In order to perform speedy restorations, backups need to be immediately available, but they also need to be protected from loss, tampering, and other unauthorized access.
  5. Scalability. Backup and recovery processes that work well on smaller volumes may fail when systems grow larger.
  6. Different sources. Backup strategies need to address a wide variety of different sources, including cloud and data centers, virtual machines and bare metals.

Does your backup strategy meet all of today’s challenges? If you need help updating your backup tools and procedures, contact CCS Technology Group. Our business continuity solutions apply best practices to protecting your data.

Additional Backup and Disaster Recovery Resources

7 Critical Factors to Consider When Developing Your Backup Strategy

5 Disaster Recovery Disasters to Avoid

Choose the Right Backup Strategy to Meet Time and Space Requirements

7 Critical Factors to Consider When Developing Your Backup Strategy

/in , /by

Backing up without a strategy, or with an ineffective strategy, is likely to generate backups that don’t protect your business. After all, the point of backups isn’t to create the backup; it’s to create a copy of data that your business can restore from when the primary copy is damaged or unavailable. Creating a backup strategy to meet that goal requires identifying key backup concerns and selecting appropriate backup technologies.

Critical Factors in Developing Backup Strategies

When you start thinking about your backup strategy, keep these considerations in mind. You’ll need to balance these factors to come up with a strategy that truly protects your business.

  1. Cost. Like everything else, backups cost money. You may have to buy hardware and software, pay for a maintenance agreement, and train your staff.
  2. Backup location. Today, many default their backups to the cloud. However, you should still consider potentially keeping a copy of your data in another location as well. Cloud outages are rare but do happen.
  3. Backup method. You can choose from different kinds of backups. Each backup method requires a different amount of storage, impacting costs, and a different amount of time, impacting both the length of the backup procedure and the length of the recovery procedure.
  4. Backup (and recovery) flexibility. When creating backups, you generally want to backup everything, but that’s not true for recovery. Recovery needs to be able to scale from restoring a single file to restoring an entire server.
  5. Backup schedule. Your backups should be automated and run on a schedule, not rely on someone remembering to execute them manually. They should be scheduled to run frequently enough that you’ll capture data that changes often as well as data that changes rarely. They should be scheduled around production workflow needs. Your recovery point objective and recovery time objective come into play here; note those targets shouldn’t be global but should be tailored to the needs of each system. Your backup schedule may be unique to each system as well
  6. Scalable. You can expect your data to grow and your backup needs to grow along with it. Your backup process should be able to handle expected volumes of new data. You should have a process that ensures new servers, applications, and data stores are added to your backups.
  7. Backup security. Backups need to be accessible when needed, but they shouldn’t be accessible by just anyone. Making sure backups are safe from tampering is vital to protect your business.

Backups are part of a comprehensive business continuity solution. Contact CCS Technology Group to learn more about how these critical factors can shape your backup process.

Don’t Let Ransomware Destroy the Backups You Need to Recover from Ransomware

/in , , /by

Backups are the primary means a business can use to recover from a ransomware attack. It’s no wonder, then, that many forms of ransomware now attempt to destroy any backup files they encounter. Protecting your backups against ransomware is an important part of your defensive strategy.

The Ransomware Threat Against Backups

Ransomware is a form of malware that encrypts system and data files with an unknown encryption key. This encryption makes the files unreadable by their owner. The only way to recover the data is to pay a ransom and receive the encryption key or restore the files from an unencrypted backup.

Some malware implementations attempt to recognize backups by file extensions and will delete those files. On Windows systems, ransomware can detect and delete shadow copies that support file recovery. Ransomware will also attempt to spread through the network, accessing mounted file systems containing backup, and encrypt those files as well. Ransomware may even be able to reach and corrupt backup files stored in the cloud.

Ways to Protect Backups Against Ransomware

The methods to protect backups against ransomware rely on making multiple copies of backups and taking steps to make them inaccessible to any ransomware.

Make Multiple Backups

It’s a good idea to use specialized third-party backup software rather than (or in addition to) built-in backup solutions. Ransomware can’t know how to target every vendor’s backup files.

Keep multiple versions of your backups. There are good reasons for this that have nothing to do with ransomware, but if your latest backup is encrypted, you can restore an older version of your files from before the ransomware attack.

Keep Backups Inaccessible to Ransomware

There are several ways to make backups inaccessible to ransomware:

  • Store at least one copy of your backups in an offsite location.
  • Dismount backup devices after the backup process is complete.
  • Make backup files read-only, or store on write-once media.
  • Use access controls such as Windows Controlled Folder Access to prevent unauthorized processes from accessing backup files.

Note that backing up to cloud does not make those backups inaccessible to ransomware, unless the only access to the backup is via an API rather than mounting the cloud as a drive.

Test Your Backups

It’s important to test your backup files periodically to verify that the data is complete and that you know how to access it and use it to restore your data. You should conduct a full disaster recovery test at least annually and continuously monitor your backup process and address any alerts or failures.

CCS Technology Group helps businesses implement comprehensive business continuity solutions to protect against ransomware and other causes of IT outages. Contact us to learn more about implementing a backup solution that protects your backups as well as your data.

Additional Ransomware Resources

Take These Steps to Avoid Expensive Ransomware Recovery Costs

Don’t Lose Your Files to Ransomware

Ransomware 101: Keeping Your Organization Safe