3-2-1-1-0 rule to stay ahead of ransomware

Spain is the seventh country in the world affected by ransomware attacks. This type of malware infects computers and encrypt your files so you can’t access them. Unless pay a ransom. An extortion that generates millions of euros in losses, profits for the fraudsters, and that implies the loss of documents important and that companies and individuals cannot continue with their day to day. Unless you are proactive and apply a policy of Backups according to the 3-2-1-1-0 rule.

In a previous article I talked about the 3-2-1 rule. Thanks to her, the Backups whatever you do, at home or in your office, will be safer and you can use them if something happens to your computer. Due to a computer problem or a ransomware infection. But this rule can be improved. And security experts are already promoting an extended version known as the 3-2-1-1-0 rule. It starts from the same basics but improves it to defeat ransomware even before it infects your devices.

And it is that if it is already difficult to make backup copies, if on top of that you do not save them correctly, they will be of little use to you when you need them restore them and thus recover your files and important documents. Precisely, going to the backup copies is the fastest solution if you are ransomware victim.

Remembering the 3-2-1 rule

Making a backup is not that simple. You have to decide what is worth being in that backup. Where are we going to store it? With what periodicity we will do it How many copies do we need? In part, this prior preparation is much more important than the copy itself. And there are many applications designed to make automated backups. Hence the recommendations with the 3-2-1 rule or its extended version, the 3-2-1-1-0 rule.

When I talked about the 3-2-1 rule Earlier, I explained that each number refers to a phase of the backup. Thanks to this easy-to-memorize rule, backups make more sense, since they are easier to recover and are designed to deal with all kinds of calamities and unforeseen events. It is better to spend some time and not need them than later to regret not having prepared them correctly.

The 3 of the 3-2-1 rule refers to making three backups. A first copy and two additional ones. The more copies the better. But three is enough. One could also serve, but just as we can lose the original filesit is also possible to lose a backup.

The 2 has to do with saving the backups in two different locations. For example. If you keep your files and your backup on the same device, if it is lost, stolen or stops working, you will not be able to recover neither the original nor the copy. Solution? Locate each backup in a different location than the original files you want to protect. And today it is very easy choose multiple fonts: optical discs, flash drives or USB memory, external discs, SD memory, online storage, dedicated servers, NAS units…

Finally, the 1 of the 3-2-1 rule means keeping a backup outside of the physical location where you have your files and one of the copies. The clearest example. You have your files on your office computer and a backup in a drawer. What happens if someone breaks in or if there is a fire? You will lose the original and the copy. But if you keep a second copy in your house or in a second office, things change.

The 3-2-1-1-0 rule is used to combat ransomware and any unforeseen or flaw

Safer copies with the 3-2-1-1-0 rule

Now that we have the 3-2-1 rule in mind, explain what is its improved version it will not take long. It basically adds two additional phases or elements to the equation. So in addition to 3 backups, 2 different locations and 1 of them outside where the original is, we can add two improvements.

The 3-2-1-1-0 rule adds two new elements. The first is that one of the backups is available offline. This is important because ransomware attacks they come from the Internet and consist of infecting any file that is visible from the network. Have at least one offline backup It will allow us to recover those important files and thus calmly format the computers affected by the ransomware without fear of losing anything. Everything is in the backup.

The last number of the rule 3-2-1-1-0 means zero backups unverified or with errors. One detail that we do not take into account when we make backup copies is that the file copy may not be entirely reliable. That is, files may have been skipped, or some may not have been copied correctly. The causing: micro power outages, saturation or imperceptible stops in the devices that send and receive the data… The solution is included in the backup tools. After the copy is finished, check that this has been done correctly and that it has no errors.

By applying the 3-2-1-1-0 rule to your home or office, if one day you come across a ransomware infection, you won’t have to worry about paying the ransom or losing hours of work because you can’t access your equipment. Disconnect them from the internet, format them, reinstall everything, install the patches and updates corresponding, check that there is no infection and, finally, restore the backups. Backing up using the 3-2-1-1-0 rule takes time, but the process can be automated And it’s worth wasting your time. In the worst case, there will come a day when those backups will be necessary. In the best of cases, you will not have to go to them.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.