As ransomware continues to evolve, we want to ensure our customers are in the best position to protect themselves and their data. In the event the unthinkable happens, we also want our customers to be able to easily recover their infrastructure and data. Today we would like to ask you to ensure your critical servers are being backed up in case you are impacted by ransomware or other malicious software.
Microsoft Azure and MyCloudIT have gone to great lengths to protect our customers data and infrastructure, but users continue to be one of the weakest links in the security chain. Usually malicious software penetrates a customer’s infrastructure by taking advantage of an end users’ trust, or lack of knowledge. With that in mind, we ask that you continue to educate your end users, and administrators, to not click on unknown links, and to always leverage the principle of least privilege access when possible. Microsoft is working hard to incorporate the ‘Just in Time’ security capability, but some legacy applications are unable to function with minimal privileges; and we understand that problem. While we want to prevent attacks as much as possible, we also need to help our customers be prepared in case an attack is successful.
With that in mind, we would like to ask you to review your backup configuration for the critical VMs within your infrastructure. Our Best Practice guidance is that the following Azure VMs should be backed up using the VM backup capability through the Azure portal:
We recommend you retain a minimum of 14 days of backups for each of these VMs listed above in case ransomware encrypts your VMs and data. In the event of a breach, we offer services to assist in the recovery of your infrastructure and data.
We have guidance on how to enable VM based backups for an Azure VM.
We are happy to assist you in configuring these backups and will review your existing backup plan to ensure all the critical servers are protected. We have a support team that is happy to meet with you and walk through your configuration as a second set of eyes to ensure all critical workloads are protected. If you would like our help, you are welcome to email them at support@mycloudit.com to schedule an appointment.
Want Future Best Practices Delivered Right to Your Inbox?