Your small group has leveled up quite a lot over the past few weeks. Way to go! So far you have acquired:
- an asset (accounts, systems, technology) checklist,
- a password manager full of unique passwords for each of those assets,
- two-factor authentication configured for your important assets,
- patched and up-to-date technology and systems.
This is like the final boss. But in true RPG form, you have done all the side quests and collected all the loots so this final fight will be a piece of cake.
Step 5. Configure backups
Backups need to be configured to automatically run for any systems and technology you look after.
This means for your mobile devices and computers, your operating system should let you set automatic backups. Most of the time these backups get stored to a cloud storage account (so don’t forget about side quest 3 about 2FA).
For your systems, backups can usually be configured to run automatically and sent to a safe place but it depends on the technology. The important point here is to make sure that your systems send their backups somewhere safe and that it happens automatically without you having to worry.
If you can't get them automatically run, set up a diary reminder to perform a backup once a week or once a month. The amount of time depends on how much data you are willing to risk if something went wrong.
Even after spending time securing your technology, things can go wrong. Even the best of us accidentally leave our laptops in the back of a taxi, or leave a server open to find a treasure-trove of malware. When that happens, you really want to have a backup plan.
If automatic backups can't be performed and shipped somewhere safe, it might have to be a manual task. Be sure to set up a reminder than you will respond to so you don't forget about it. It could be as easy as getting an external hard drive, plugging it in to transfer the backup files, unplugging it, and hiding it somewhere safe.
The storing them somewhere safe is important. Ransomware is a particular nasty type of malware that can crawl through your network and infect everything it touches.
Treat that backup the same way you would a spare key for your home. You want to make a copy to make sure you can still get in, and you want to put it somewhere safe so only you can access it and use it when you really need it. If you just leave it under your doormat, well, a bad person might be able to easily find it and lock you out (literally and figuratively).
Sometimes configuring backups can be tricky since it depends on the technology and systems you are trying to configure. You should be able to answer most of your question with a quick Google of "technology name" and "backup configurations". When in doubt, it might be time to phone a friend for help.
If you want to go for bonus points, set aside a day once every few months to check on your backups. Sometimes these files can become corrupted and fail to work. Doing a test every now and again lets you sleep better at night knowing your backup plan can (and will) work when you need it to.
You did it! You made it to the end, you beat the boss, and you saved the toads and princesses.
Your small group is now pretty darn secure. Just like any good Mario game, it doesn’t stop there. Technology does change, so it is important to keep up these habits and be ready to level up when the attackers up their game.
For now, enjoy your victory cake. 🎂 It is moist and ever so... secure?
If you are looking for extra side quests, take a look at CERT NZ’s guide for keeping your business safe for some other tips on staying secure.
Till next time, adventurers!