Remote Workers Failing on Password Security

in ,

Remote workers may be exposing their personal and business accounts to the risk of takeover because of poor password security, according to new studies released on World Password Day.

The annual event exists to remind users of the importance of using strong, unique credentials – ideally in combination with multi-factor authentication (MFA) – and storing them securely.

It’s particularly important in the context of today’s highly distributed workforces, which are under lockdown at home due to the COVID-19 pandemic.

However, a global OneLogin study of 5000 remote employees from Germany, France, the UK, Ireland and the US found that nearly a fifth (17%) share their work device password with a spouse or child. Over a third (36%) admitted not having changed their home Wi-Fi password in over a year.

This figure rose to 50% in the UK, with the same number of Brits not having changed their device password since they started remote working.

Organizations will have to improve their home working policies if distributed working is more commonplace once the pandemic recedes.

“This global remote work study shines the light on the importance of ensuring the right people are accessing internal and customer data at all times,” said OneLogin CEO, Brad Brooks. “It underscores the importance of protecting employees and their entire organizations, aligning with privacy and security best practices around the world.”

On a similar theme, a CallSign study of nearly 4500 US and UK adults, found that over half (54%) have no plans to update their work logins for remote access, despite 60% having received information and tooling to do so.

On the positive side, new Centrify research has claimed that over two-thirds (70%) of UK businesses are using MFA and virtual private networks (VPNs) to improve remote working security.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.infosecurity-magazine.com/news

Public Sector Ransomware Attacks Rage On

in ,

To pay or not to pay continues to be the question as ransomware targets cities, even amid COVID-19.

To pay or not to pay? That is the question many public-sector organizations must grapple with when faced with a complex ransomware attack – even while the COVID-19 pandemic rages on around them.

Ransomware attacks to municipal, local, and state government agencies are on the rise. Places as prominent as Los Angeles County and Atlanta and as small as Lake City, Fla. have all found themselves at the mercy of relentless attackers seeking extortion fees in exchange for mission-critical data.

 

In 2016, there were a reported 46 ransomware attacks perpetrated against public sector agencies. In 2018, the total came to 53 attacks. Then last year, there was a big spike to more than 140 cities and counties across the U.S. being hit with ransomware attacks. There are also likely more that have not been publicized, due to the embarrassing nature of falling prey to such crimes.

There’s no evidence of things slowing down in 2020 – even as a ransomware tactic called “double extortion” has been rapidly adopted since the beginning of the year by various cybercriminals behind the Clop, DoppelPaymer, Maze and Sodinokibi ransomware families.

 

Why Do Attackers Like the Public Sector?

Unlike state-sponsored attacks, the recent spate of attacks in the public sector doesn’t seem to be bent on stealing intellectual property. The goal is financial but still ends up having a huge impact on the operations of the target, potentially harming important services such as police and fire departments. Ransomware attacks also incur massive clean-up fees, a cost that is in part passed on to taxpayers.

But why have public-sector organizations become an attractive target?

Sadly but true, governments often do not allocate enough spending on security projects, making them easier targets for attackers: “Public sector organizations are a soft target,” said Bill Siegel of Coveware. “They’re underfunded and using hardware and software that should have long been replaced.”

To illustrate this point, a recent study found that one out of three local government CIOs report using outdated technology, making them more vulnerable to cyberattacks.

Public-sector organizations also must meet additional requirements that their corporate counterparts don’t face. For example, agencies have additional requirements about public disclosure when a cyber-event occurs. With this public disclosure comes heightened media attention, headlines and copycat attacks.

And in a worrisome trend, attackers are demanding higher payments to release the hostage data, and often, they time their attacks to hit at the most sensitive moments. For example, a spate of ransomware attacks on schools last year in Louisiana was timed perfectly to occur in mid-August, just before the beginning of the school year. In March, Albany, New York State’s capital, admitted it had been hit with ransomware on a quiet Saturday morning, with few IT people on hand to deal with the situation.

 

Paying the Attackers – What is the Right Approach?

Perhaps most significant of all, some victims are opting to pay the ransom fee to have their data restored. In July, the two hacked Florida towns, Lake City and Riviera Beach, paid $460,000 and $600,000, respectively, to attackers. This goes directly against FBI directives that victims shouldn’t pay ransom fees; the FBI notes that paying up simply emboldens attackers and proves to them that their methods work.

This tack by the FBI is fine and well – in theory. But when the operation of your city is on the line – when police officers cannot write out tickets, 911 call-centre operators cannot get location data on accident victims, and government services are taken offline for weeks – paying the ransom begins to look like a more practical option. As such, many security consultants say that payment is the fastest, least costly way to get systems back up and running.

But even paying up doesn’t guarantee that cities and states will see their data again. After all, we are dealing with criminals here. There are numerous accounts of victims who have paid ransom fees for various reasons and did not receive the decryption key they were promised to get their files back. And if they did get the key, in many cases, it didn’t work.

This was what happened in 2017’s NotPetya attack. The ransomware-like virus devastated shipping giants, drug companies and others around the world in a matter of days. Some victims opted to pay to get their precious data back – but alas, NotPetya’s creators never intended on returning any data – it was a wiper, demolishing the data it promised to restore. These unfortunate targets wound up paying for data they never got back, along with paying to have their systems restored.

And so, it goes; budgetary concerns compel government organizations to place less importance than they should on security, so they become easier prey for attackers. The amount of money spent dealing with the outcomes of that decision (i.e., remediation, recovery, compensation and ransomware payments themselves) dwarfs the costs of getting set up with a more robust security infrastructure in the first place.

 

Browser Isolation and Zero Trust

Benjamin Franklin once said, “An ounce of prevention is worth a pound of cure”; this could not be truer in security. Public-sector organizations need to ensure that threats like ransomware cannot get a foothold in their network to begin with. Much of today’s worst ransomware variants enter organizations via spam emails and infected websites.

Fortunately, there are tools that can help. Implementing tools like a remote browser isolation (RBI) software, for instance, ensures that ransomware and other web-based threats cannot make their way onto endpoints. Using RBI, all website content is rendered by a virtual browser located in a disposable container in the cloud, air-gapped from endpoints.

Meanwhile, the zero-trust concept, summarized as “trust no one, verify everything,” is revolutionizing many IT cybersecurity infrastructures. When considering their employees’ use of the web, public-sector agencies can avoid many cyber threats if they assume that no site, whether a user browses to it or connects to it via a link in an email, can be trusted as secure. Organizations must simply stop trusting and start verifying, always.

Unfortunately, ransomware is a threat that is continuously evolving and shifting gears. Therefore, it’s imperative that organizations analyze their current security strategy to safeguard against sophisticated threats and attacks. Having to make the hard call between paying up or losing data and having operations disrupted can be avoided by prioritizing some key zero-trust security investments that can keep ransomware out of your system in the first place.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://threatpost.com/

Salt Bugs Allow Full RCE as Root on Cloud Servers

in ,

Researchers say the bugs are easy to exploit and will likely be weaponized within a day.

The open-source Salt management framework contains high-severity security vulnerabilities that allow full remote code execution as root on servers in data centres and cloud environments. And in-the-wild attacks are expected imminently.

According to F-Secure researchers, the framework, authored by the company SaltStack but also used as an open-source configuration tool to monitor and update the state of servers, has a pair of flaws within its default communications protocol, known as ZeroMQ.

A bug tracked as CVE-2020-11651 is an authentication bypass issue, while CVE-2020-11652 is a directory-traversal flaw where untrusted input (i.e. parameters in network requests) is not sanitized correctly. This, in turn, allows access to the entire filesystem of the master server, researchers found.

 

The bugs are especially dangerous given the topography of the Salt framework.

“Each server [managed by Salt] runs an agent called a ‘minion,’ which connects to a ‘master,’” explained F-Secure, in a writeup on Thursday. “[A master is a] Salt installation that collects state reports from minions and publishes update messages that minions can act on.”

These update messages are usually used to change the configuration of a selection of servers, but they can also be used to push out commands to multiple, or even all, of the managed systems, researchers said. An adversary thus can compromise the master in order to send malicious commands to all of the other servers in the cluster, all at the same time.

Lapses in Protocol

To communicate, the master uses two ZeroMQ channels. As F-Secure explained, one is a “request server” where minions can connect to report their status (or the output of commands). The other is a “publish server” where the master publishes messages that the minions can connect and subscribe to.

The authentication bypass can be achieved because the ClearFuncs class processes unauthenticated requests and unintentionally exposes the “_send_pub().” This is the method used to queue messages from the master publish server to the minions – and thus can be used to send arbitrary commands. Such messages can be used to trigger minions to run arbitrary commands as root.

Also, “the ClearFuncs class also exposes the method _prep_auth_info(), which returns the root key used to authenticate commands from the local root user on the master server. This root key can then be used to remotely call administrative commands on the master server. This unintentional exposure provides a remote unauthenticated attacker with root-equivalent access to the salt master.”

As for the directory traversal, the “wheel” module contains commands used to read and write files under specific directory paths.

“The inputs to these functions are concatenated with the target directory and the resulting path is not canonicalized, leading to an escape of the intended path restriction,” according to the writeup. “The get_token() method of the salt.tokens.localfs class (which is exposed to unauthenticated requests by the ClearFuncs class) fails to sanitize the token input parameter which is then used as a filename, allowing…the reading of files outside of the intended directory.”

The bugs together allow attackers “who can connect to the request server port to bypass all authentication and authorization controls and publish arbitrary control messages, read and write files anywhere on the master server filesystem and steal the secret key used to authenticate to the master as root,” according to the firm.

According to the National Vulnerability Database, “The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt-master and/or run arbitrary commands on salt minions.”

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://threatpost.com

The Fort of Cyber Security – What is good Password Security?

in ,

A password is a drawbridge to your entire digital world… don’t make it weak

What exactly is good Password Security?

Passwords are the digital keys to your online network of almost everything; friends, family, work and your financial accounts. If you take the risk and disregard the strength & integrity of your passwords, you’ll probably find that many other people also know what it is.

The aim is to form a memorable, yet strong password that won’t be easily broken. The two most important passwords are those for your email and social network accounts, if someone has access to your email, they can ‘forget password’ their way into all of your other accounts. Enabling them to scam your friends with dangerous links, fraudulent messages asking for money… Passwords are important, it may be the last line between you and a cybercriminal.

 

How do they attack our passwords?

There are various methods that can be used to crack passwords, below is a list forming of the multiple techniques that cybercriminals will use to break into your personal accounts:

 

Dictionary attacks – Using simple files that contain words found in the dictionary, you now understand why you shouldn’t use normal words in your passwords…

Brute force attacks – Similar style to the dictionary attacks, brute force also lets the hacker detect non-dictionary words by working through all possible alpha-numeric combinations, (e.g. aaa1 to zzz9). It’s not a fast process, but it will uncover your password eventually.
Rainbow table attacks – If rainbows were actually hashes of all possible password combinations for any given hashing algorithm, I don’t think we’d appreciate them as much. Opposed to the name, rainbow tables are huge, unwieldy things that require a lot of computer power.

Phishing – The simplest method, get the user to do it for you… just by simply asking for it. (Check out Phishing here).

Social Engineering – As the name suggests, the art of phishing, but gathering the information yourself.

Malware – Such as keyloggers, screen scrapers… pieces of malware that are hidden on your system, recording and scanning your passwords.

Guessing – You’d be surprised how easy it is to guess passwords, a high percentage of people don’t take passwords seriously and will often make passwords from pets names, foods, surnames… it doesn’t take a specialist to figure out ‘Jake1234’.

Never underestimate the importance of securing your data, having multiple, unique passwords for every account you access is vital in protecting your business.

 

How do you make a strong, secure password?

Beginning with the obvious, no dictionary words, names or facts about you, pet names or locations; a strong password is a mixture of letters, numbers, symbols and ambiguous characters. for Example, ‘D56@h]!$vVcs09yH‘. The longer the password, the harder it is to crack.

 

There are various practises that you should stick by in order to maximise security:

 

– Use Two-Factor-Authentication whenever possible

– Use a combination of Capital letters, lowercase, numbers and symbols alike the example above

– Don’t use simple, common passwords… qwerty… or Dog123456

– Make sure your passwords are at least 10 characters long

– Don’t use any speaking words, as seen by the dictionary attack, it’s too easy to crack

– Change your passwords regularly, you never know if you’ve been hacked

 

Choosing a password is entirely up to the user. The best password is one that doesn’t make any sense.

 

** Get your FREE pinpoint guide on Password Security below **

>Download the guide here<

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

The Fort of Cyber Security – What is Ransomware?

in ,

How to protect your business against Ransomware

What exactly is Ransomware?

Ransomware is a form of malicious software. Which locks and encrypts your computer or device data, then demands a ransom to restore your access.

The cybercriminal uses your own information against you, the files are still on your computer, however, they’re all encrypted and completely out of your control. They give you a set period of time and threaten to wipe the system if you don’t pay, causing many businesses to pay the ransom almost immediately.

Nevertheless, they’re not as kind as you may think… if you pay up and demand access back to your system, it doesn’t mean they will. You’re then out of pocket, still without all your data. Worst-case, if you pay up and they do return your files, they now know you’re able to pay up, don’t be surprised if they lock you out of your data again.

 

What are the different types of Ransomware?

Coming in all different shapes and sizes, with a variety of forms, some types are much more harmful than others:

 

Crypto Malware – The most harmful form of ransomware, the ability to encrypt everything on your system, once it’s started, you no longer have any control over your files, until you pay the ransom of course.

Screen Lockers – Infects your operating system to completely lock you out of your computer or device, making it impossible to access any of your files.

Scareware – As its name states, it’s used to scare you. Fake software claiming to be an antivirus and demands money for ‘finding issues with your computer’.  Some types lock you out but others mostly flood your screen with pop-ups and persistent alerts.

Doxware – Otherwise known has leakware, hackers will gain access to and will threaten to leak all your private documents, pictures and information, most victims will pay once their files have been hijacked.

 

How do you prevent being targeted by Ransomware attacks?

Ransomware is a popular money-making market for hackers and can be hard to stop. Prevention is the most important aspect of securing sensitive data. To block cybercriminals and help safeguard yourself from a ransomware attack, keep these points in mind:

  • Use security software with Advanced Threat Protection; Install trusted security suites to protect your data, you need more than just anti-virus.
  • Keep your Security software as well as your Operating System up to date, on the latest version at all times.
  • Never open email attachments or embedded links without analysing them first, you never know what it might be. similar to Phishing, you can be easily caught out into installing malicious content without you even knowing.
  • Be cautious of emails with attachments that require you to enable macros to view its content, once you enable macros, the malware inside is activated and will enter your system.
  • Use cloud services, they’re fantastic for mitigating ransomware infections
  • Don’t pay the ransom, yes you have a time limit and they’re threatening you with your won files, but a cybercriminal can ask you to pay over and over again and still never release you files, they locked you out, they won’t be kind and let you back in.

 

** Get your FREE pinpoint guide on Ransomware below **

>Download the guide here<

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

Mobile Industry Teams Up to Deny #COVID19 Smishers

in ,

The UK’s mobile and finance industries have teamed up with GCHQ’s National Cyber Security Centre (NCSC) to better detect and block SMS phishing attempts designed to capitalize on the COVID-19 crisis.

Known as smishing, these attacks use similar social engineering and spoofing techniques as phishing emails but arrive as texts, tricking users into clicking on malicious links and/or divulging personal and financial information.

The current initiative is part of an ongoing NCSC-backed project by the Mobile Ecosystem Forum (MEF), Mobile UK and UK Finance centered around the MEF-developed SMS SenderID Protection Registry.

Organizations that sign up to the registry can protect their text message headers, making it difficult for fraudsters to impersonate their brand in fake SMS phishing attempts. The system will check to see if a message is being sent by a genuine organization and block it if not.

According to Mike Fell, head of cyber-operations at HM Revenue and Customs (HMRC), the current project builds on an HMRC trial which resulted in a 90% reduction in reports of the most convincing HMRC-branded SMS scams.

Some 50 banks and government organizations have signed up to have their text messages protected, with 172 SenderIDs registered to date. Over 400 unauthorized text variants are being blocked thus far, but the blacklist is growing all the time.

All of the UK’s major operators — BT/EE, O2, Three and Vodafone — have signed up, as have leading messaging providers including BT’s Smart Messaging Business, Commify, Firetext, Fonix Interactive, HGC Global Communications Limited, IMImobile, mGage, OpenMarket, SAP Digital Interconnect, Sinch, TeleSign, Twilio and Vonage.

“We are pleased to be supporting this experiment which is yielding promising results,” said NCSC technical director, Ian Levy. “The UK government’s recent mass-text campaign on COVID-19 has demonstrated the need for such industry collaboration in order to protect consumers from these kinds of scams.”

The news comes as the NCSC claimed an early win in its suspicious email reporting service which was officially launched this week.

It said more than 80 malicious web campaigns were taken down in a day after 5000 suspicious emails were flagged to the automated service for investigation.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.infosecurity-magazine.com/news/mobile-industry-teams-up-deny/

Most Remote Workers Have Received No Security Training for a Year

in ,

Two-thirds of remote workers in the UK haven’t received cybersecurity training over the past year, raising fears that they may be more susceptible to attacks as hackers adapt their tactics during the current crisis.

Norwegian app security firm Promon polled 2000 remote workers to better assess where organizations may be exposed during the pandemic.

It found that, as well as the majority not having received training over the previous year, 77% said they aren’t worried about security while working from home. Over-confidence can often lead to users making mistakes which land them in trouble.

What’s more, over three-fifths (61%) said they were using personal rather than corporate-issued devices to work remotely, increasing the chances that they aren’t properly protected, configured or aligned with corporate security policies.

“Lack of cybersecurity awareness training combined with distributed business software and applications that run within untrusted environments are some of the biggest issues organizations of all sizes are facing,” Promon co-founder, Tom Lysemose Hansen, told Infosecurity.

“This is particularly prevalent in SMBs, often due to insufficient funding. Organizations must ensure that they run business-critical apps in trusted and protected environments. There are many inexpensive cybersecurity awareness platforms on the market, which are specifically designed to help SMBs remain safe from attacks and, very crucially, protect endpoint devices.”

Reports have been flooding in from multiple vendors of a sharp increase in COVID-19-themed phishing emails. Google claimed it blocks 18 million malicious and phishing emails every day for its users.

Such threats can be used to deliver ransomware, BEC, credential-harvesting phishing, VPN malware and more.

Cyber-criminals are looking to capitalize on the widespread appetite for more information about the pandemic, as well as urgent communications between bosses, partners and employees, to trick users into clicking through.

With the entire family forced to stay indoors, home workers may also be more distracted than they would normally be.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.infosecurity-magazine.com/news/most-remote-workers-received-no/

Communication is Key

in ,

Communication is Key.

 

For any business owner or manager, there is always the worry that employees aren’t as productive working from home as they would be if they were in the office.

With internal communication being such a critical aspect to any business; if you don’t know what’s going on things can start to get rather messy very quickly.

 

Introducing, Microsoft Teams.

With the ocean of tools available to us on our workstations, it’s particularly problematic to figure out what’s the best to use. Microsoft Teams can and will solve all of your internal communicational challenges.

Teams is Microsoft’s answer to a single-pane-of-glass application casing a full range of our day to day communication & collaboration requirements.

 

Introducing; Instant Messaging.

Instead of having over 200 emails floating in your mailbox, Teams allows you to chat instantly with your workforce within its single platform environment, across any device that you use. Whether you need to send a message, a file attachment or just a reminder. By uniting the conversation, Teams provides a seamless way to converse individually or as a group without the confusion of numerous emails and countless attachment versions.

 

Introducing; Real-time document editing.

With Teams you’ll no longer have to worry about misplacing or losing track of files; files won’t get lost and rewritten in the email wormhole.

To maximise your collaboration, Microsoft Office Web Apps are all supported within Teams, so you can have several team members working on the same document at the same time.

 

Introducing; Voice/video calls.

You may be thinking: ‘I haven’t got time for all this messaging, can I just make a phone call?’ The answer quite simply is yes.  The Teams app features voice and video conferencing.  It is built from the foundations of Skype and allows you to host calls between 2 or more users.

 

This could be a great opportunity to look at your current processes, with a view to improving them regardless of the Coronavirus emergency. If you are already part of the Office365 ecosystem there are plenty of other apps that you have at your disposal and could use to increase the efficiency of your business.

 

WE’RE CLOUDSCAPE.

 

It’s our belief that you should have the best solutions for your business.

We’ll get to know your business so that solutions can be tailored around your operation.   We are commercially savvy, so we will always aim to find the most cost-effective, time-efficient solutions that meet your technical/performance requirements.  If you feel that your data isn’t being backed up correctly, please get in touch.

Making sure your team can work safely & efficiently

in ,

Let us guide your business to Remote Working!

 

Protect your business at all times.

Protecting your business from cyber-crime should always be your biggest priority. You’ve probably got security covered in your office already – all of your computers have anti-virus software; you use a secure VPN and your data is stored away safely.

 

But what exactly is a VPN?

A ‘Virtual Private Network’ gives you online privacy & anonymity by creating a private network from a public internet connection.

VPNs hide your IP address so your online actions are untraceable. Most importantly, VPN services establish secure and encrypted connections to provide greater privacy than even a secured Wi-Fi hotspot.

 

Why do you need to use a VPN you ask?

Browsing the web or transacting on an unsecured Wi-Fi network means you could potentially be exposing your personal information and browsing activities. Which is why a virtual private network, more commonly known as a VPN, should be a must for anyone concerned about their online security and privacy. Especially from a business point of view.

 

When preparing for a potential office shut down, you may need to provide your employees with equipment and infrastructure in order for them to complete their duties from home. When doing this, it’s best to take this approach: If it’s not secure, there’s no point in having it.

 

In addition to a virtual private network, you should also consider a range of other security precautions such as: multi-factor authentication for all accounts and business accounts to protect information;  ensuring that all employees are using approved devices; ensuring that strict rules are enforced relating to anti-virus software and downloading obscure files if they are using work devices.

 

WE’RE CLOUDSCAPE.

 

It’s our belief that you should have the best solutions for your business.

We’ll get to know your business so that solutions can be tailored around your operation.   We are commercially savvy, so we will always aim to find the most cost-effective, time-efficient solutions that meet your technical/performance requirements.  If you feel that your data isn’t being backed up correctly, please get in touch.

The Fort of Cyber Security – What is a good Data Backup?

in ,

Having a Data Backup is one thing, but a good one…

What exactly is a good Data Backup?

In this day and age, it’s essential to have backups of your entire IT system & infrastructure. With endless possibilities just around the corner, it’s only a matter of time before you lose everything.

The key to backing up your data is simple, just follow the 3-2-1 backup rule.

In other words, just make sure you’ve got more than 3 copies all in unique, separate locations.

You really want to make backing up data a part of your daily life cycle. If you happen to lose your data due to a hardware defect or ransomware attack, having a backup could save your business.

 

Where do you even start with a Data Backup?

There are lots of ways to back up your data. Each way has its own procedure. Still, here are some general guidelines when it comes to making a good backup:

 

Storage is cheap, so it makes the most sense to just back up everything.

Cloud storage offers some advantages over local storage.

The more places your data is backed up, the better.

Don’t underestimate the value of having physical copies of things

Identify what you need to back up.

Backing up isn’t an all-or-nothing proposition.

 

Never underestimate the importance of securing your data, having multiple, unique versions of your infrastructure or lastly, losing all your data to a malicious hacker.

 

What options of backup are available?

There are plenty of options to back up your data. It’s smart to understand the types of backup and get one that suits your requirements:

– External Hard Drives

– Cloud Backup

– Flash Drives

– Online Backup Services

 

A lot depends on the kind of data you’re protecting. Cybercriminals can use seemingly unimportant data and patch it together to commit identity theft. A strong backup strategy can make a big difference in your digital life and give you peace of mind.

 

** Get your FREE pinpoint guide on Data Backups below **

>Download the guide here<

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.