National Cyber Security Centre: Our new principles to help make cloud backups more resilient
We’ve come up with a new set of principles which lay out the best practice to make sure cloud backups are more resistant to ransomware. In essence, they describe the features a service should offer for backups to be resilient to ransomware actors. These principles are designed to be useful to both vendors of cloud services, and also for system owners who are procuring a new service, or assuring themselves that their existing service meets certain standards.
It’s important to say that while these principles provide a solid foundation to help prevent an actor deleting your cloud backups, they won’t protect your organisation from all the effects of ransomware – we’re thinking particularly here of the extortion threat, where an actor threatens to release your stolen data unless you pay a ransom.