We spend a lot of time touting the benefits of backup for preventing data loss. But in the interests of full disclosure, backup won’t protect you from every risk to your data. The same holds true for antivirus. While it prevents a lot of malicious actors from getting into your system, you still need a plan for when a virus slips past your perimeter defenses.
The truth is antivirus and backup work together to form a comprehensive data protection cyber resilience strategy. We talked with Carbonite™ Vice President of Product Management, Jamie Zajac, to put a finer point on the need for multiple layers of defense to protect yourself from a wider range of threats.
Q: What are the common misconceptions about antivirus? Why do some people think they don’t need it? And why do others think that once they have antivirus, their data is secure?
Many people think that all anti-virus is the same. Or that the more technical features there are, the better. Then there are those who think about prevention but not recovery. The truth is, not all antivirus solutions are the same. Some are better than others. And not all forms of data loss are the same. Antivirus and backup are different in terms of how you use them.
People tend to be over-confident when it comes to their data. Many people go on thinking that nothing bad will happen, until something does. We often think about the most common applications that we use and need to protect, but we forget about protecting important documents, pictures, and content on our computer, until it’s too late. External hard drives or USB drives seem safe but are easy to lose or drop and are prone to infections.
Q: What are the strengths of both antivirus and backup, and what are their weaknesses?
Antivirus helps prevent cyber-attacks. If you’re targeted by a cybercriminal, and you or one of your users (if you’re managing an environment) clicks on a malicious link, antivirus may be able to identify it as a bad link before you click on it.
But antivirus can’t protect against everything. Cyber criminals are always developing new techniques to circumvent cybersecurity solutions. For example, phishing is the number one technique used in successful breaches. And preventing phishing attacks has more to do with education and awareness of cybersecurity best practices.
Antivirus also won’t help with data loss from accidental deletion, malicious deletion (like insider attacks), a dropped computer, application data corruption or a natural disaster. It’s just not designed for those scenarios.
Backup, on the other hand, is a great foundation for a cyber resilience strategy, but it, too is not enough. Though backup will ensure that you can get your computer up and running, you also want to block as many incoming or internal threats as possible. It’s like the saying, “a stitch in time saves nine.” Having comprehensive security and protection can prevent a lot of activity that would otherwise take a lot of work and effort to correct.
Also, a comprehensive cybersecurity strategy, with both antivirus and backup, helps prevent more than just ransomware and data loss. Some malware will exfiltrate your data, which could lead to identity theft. If you’re a business in a regulated industry, this puts you in breach of compliance requirements. Malware can also log keystrokes, steal your passwords and more. Often times, malware (and especially advanced, persistent threats, known as APTs) will hide in your system and go unnoticed so that they can watch your activity and steal information slowly and over time. Detecting it, without an advanced security suite, is very hard.
Q: What are the threats that antivirus is designed to address?
Modern cyber threats including viruses, trojans, APTs, phishing attacks, Denial of Service (DOS), crypto-jacking and many more.
Q: What are the threats that backup is designed to address?
Data loss due to device theft or simply misplacing a device, hardware failures, application corruption, accidental deletion and malicious deletion (also known as an insider attack).
Q: Are some of these threats exclusive to individuals or businesses?
The specific tactics will change for an individual or business but ultimately, both are constantly under attack. For example, in a business environment, a phishing attack may be disguised as a past-due invoice or a message from the CFO whereas in an individual scenario, the phishing may be disguised as an amazon shipping notification.
Q: How do antivirus and backup work together to protect data and users?
There are many threats to your data. While cybercriminals are trying to steal your personal or corporate information, they could also hold it hostage in a ransomware scenario. Antivirus and backup work together to combat a wider range of threats than either one of them working alone. Antivirus prevents a lot of attacks that would otherwise lead to a lengthy disaster recovery effort. But if an attack does get through, backup enables you to recover clean copies of your data without paying a ransom.
Q: With backup and antivirus, how secure are you and your data? Are there still gaps in protection that need to be addressed, even if someone has both antivirus and backup?
There is no silver bullet, even with backup and antivirus. You always need to be vigilant. A common gap is security awareness, which requires regular training. Many businesses run training exercises on an annual basis to keep their users informed as attack methods evolve, and to support compliance requirements. Training needs to be an “always-on” mentality to encourage employees to remain vigilant.
You also can’t ignore basic practices to minimize the attack surface such as locking down ports not in use, using least privilege accounts, building a zero-trust network, and patching and auditing your environment continuously.
Q: Antivirus and backup have both been around for years, perhaps decades. How are they still relevant for today’s internet usage and IT infrastructures?
I think they are more relevant than ever as individuals and businesses become more reliant on internet access. The threats are always changing. Cyber criminals continually find new ways to exploit vulnerabilities or use social engineering to gain access. So, data protection and security applications and methods continue to evolve as well. It’s a good practice to make sure you are using the most up-to-date version from your vendor as well.
Q: How do people know that antivirus and backup will continue to stay relevant as technology evolves?
As we spend more of our lives online, the need for data protection and security only becomes more important. The form factor of that protection and the exact features will change, but the overall concepts will probably never go out of date.
Q: How do antivirus and backup fit into an overarching data protection and business continuity strategy?
A comprehensive data protection strategy includes having a plan for getting systems back up and running after any sort of interruption. You want to have as many layers of protection as possible to allow you to mitigate downtime scenarios. A truly disaster-proof data protection strategy combines multiple layers of defense, including security training, network protection, web blocking, endpoint protection, data protection and recovery testing to reduce the impact of system downtime. Consider these different layers of protection like the security layers of a house – you can lock your front door and be pretty safe, but if you don’t lock your back door and widows, you’re more exposed to threats. Each additional lock strengthens the security of your home, and every additional data protection layer strengthens your overall business continuity strategy.
Q: How do antivirus and backup fit into an overarching cyber resilience strategy?
Cyber resilience is the ability to absorb a punch and get back up and running. You want to have as many layers of protection as possible to allow you to absorb that punch. A cyber resilience plan combines multiple layers including security training, network protection, web blocking, endpoint protection, data protection and recovery testing to reduce the pain from that punch. Consider cybersecurity layers like the security layers of a house – you can lock your front door and be pretty safe, but if you don’t lock you back door and widows, you’re more exposed to threats. Each additional lock strengthens the security of your home, and every additional cybersecurity layer strengthens cyber resilience.
How Disaster-Proof are Your Systems?
There's no better time than now to ensure that your home network is secure and that you are protected from both cyberthreats and data loss. The Carbonite Safe Plus plan now includes both backup and antivirus.
