Page 50 - Cyber Defense eMagazine December 2023
P. 50
How Should Firms Protect Backups?
We recommend organizations of all types, including law firms, employ the following approach:
• Always have five copies of its data:
o One: The production data.
o Two: All data backed up to physically redundant, immutable backup storage.
o Three: All backups replicated to physically redundant, immutable offsite backup storage.
o Four: All backups copied to digitally air-gapped, immutable storage.
o Five: All volumes on all storage platforms (NAS, SAN, etc.) immutably snapped.
Through this method, firms can ensure redundancy, immutability, and recoverability—should a threat
actor attack one data repository, other immutable copies exist on different technologies.
Putting Backups in the Forefront to Secure Business Operations
In the end, when your data is gone, so, too, is your business. Backups MUST be considered a first line
of defense, and with this, law firms need to prioritize learning how to defend not only their front-line
defenses, but also their resiliency in the event an attack occurs.
About the Author
John Anthony Smith is CSO of Conversant Group and its family of IT infrastructure
and cybersecurity services businesses. He is the founder of three technology
companies and, over a 30-year career, has overseen the secure infrastructure
design, build, and/or management for over 400 organizations. He is currently
serving as vCIO and trusted advisor to multiple firms.
A passionate expert and advocate for cybersecurity nationally and globally who
began his IT career at age 14, John Anthony is a sought-after thought leader, with
dozens of publications and speaking engagements. In 2022, he led the design and
implementation of the International Legal Technology Association’s (ILTA’s) first annual cybersecurity
benchmarking survey.
John Anthony studied Computer Science at the University of Tennessee at Chattanooga and holds a
degree in Organizational Management from Covenant College, Lookout Mountain, Georgia.
Cyber Defense eMagazine – December 2023 Edition 50
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.