Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

What are the best backup strategies to protect against ransomware?

If your hard disk fails or malware rips through your system, you’ll want to know that your most precious files are safe and sound, somewhere you can find them. Here’s our guide explaining the different types of backups available to you and why you should use them to compliment a robust anti-virus service.

If you have robust backup solution, then even the most unbreakable ransomware is nothing to worry about. All you need to do if you can’t get rid of the infection is reinstall your operating system and restore your files from your back, and you’re up and running.

There are many different kinds of backups, which can be used together to make a convenient, easy-to-restore, and highly personalised backup solution.

Cloud backups are uploaded to the internet. You need a fast net connection if you wish to backup and restore an entire PC’s worth of backups this way.

Cloud sync, like Microsoft OneDrive or a standard Google Drive configuration, doesn’t back up everything, but will keep an online copy of any file stored in your sync directories. Cloud sync alone isn’t a true backup solution, but can work very well alongside one.

External backups are stored on a USB disk plugged into your PC or a Network Attached Storage (NAS) device on your local network. The critical thing here is to make sure that your backups are carried out regularly.

A second local hard disk – that is, one physically installed in your PC and used by your operating system – is not an appropriate backup target. I used a big HDD as extra storage for files that I’ve already backed up elsewhere. This is because if my PC is physically destroyed or encrypted by ransomware, that disk is going down with it.

Save 81% on a VPN with SurfShark

Save 81% on a VPN with SurfShark

Surfshark has dropped the price of its VPN to £1.94 a month. Head over to Surfshark now to pay a one time price of £46.44 for 24 months of Surfshark and save 81%.

  • Surfshark
  • 81% off
  • £1.94 a month
Buy now

Your minimum viable backup solution

At very least, you want your most important data – personal documents, business records, family photos, that novel you’re working on – to be backed up in two places that are not physically attached to your computer. Make sure every user’s files are being backed up, not just your own, and consider files that might be stored in unexpected places, such as savegame files.

Cloud storage and a USB drive are an ideal easy combination, as long as you remember to regularly back up to that USB drive and unplug it when you’re finished. Any external drives connected when ransomware hits are likely to also get encrypted.

This solution is effective against both physical damage to your PC, such as fire or flooding, and the majority of malware infections, including ransomware, as cloud storage services usually have version control features that retain previous versions of files for a given period of time or a given number of copies.

If you use a cloud sync service such as Google Drive, OneDrive, iCloud or Dropbox, and have a fast internet connection, I’d suggest using a true cloud backup service alongside it, such as BackBlaze or Carbonite, as these provide more robust protection against file deletion or encryption and store unlimited versions of your backed up files.

Unlimited versioning means that, no matter how long ago a file was deleted, encrypted, or otherwise damaged, you’ll always be able to go back to a version

If you’re not sure of the difference between cloud backup and cloud sync, check out my guide, which includes recommendations of top free and paid-for backup and sync services.

Dedicated backup software

While you can just manually copy your most important files to a USB stick once a week, it’s definitely not the best approach and I don’t recommend it, given the number of free and easy automated backup solutions that are available.

Both Windows 10 and 11 have File History Backup built-in. This allows you created both on-demand and scheduled backups to network or USB drives. However, its features are relatively limited compared to some commercial and open-source alternatives.

Online backup service Carbonite provides an app that can also handle your local backups, which is extremely useful if you’re a Carbonite customer, but my current favourite general-purpose backup utility is Duplicati. It’s available for Windows, macOS and Linux, is free, and allows you to back your files to a USB drive, a local network share, or almost any kind of online storage you can think of. It also has some encryption and security features.

If you’d like something with a few less options, Easus Todo Backup is a friendly classic, although the free version is a little too heavy on the ads.

It is not a backup unless you can restore it

Test your backups! Carry out regular test restores of critical files and directories. If you have a lot of data to restore, restoring everything might not be possible, but you should at least make sure that your most precious files can be brought back from backup if needed.

If you’re using an online backup service, there’s probably a web interface that you can browse to make sure all files are present and correct. You can usually use these interfaces to download your backed up files, making it easy to test the integrity of your most important backups.

Save 81% on a VPN with SurfShark

Save 81% on a VPN with SurfShark

Surfshark has dropped the price of its VPN to £1.94 a month. Head over to Surfshark now to pay a one time price of £46.44 for 24 months of Surfshark and save 81%.

  • Surfshark
  • 81% off
  • £1.94 a month
Buy now

Know where your licenses and passwords are

For smooth recovery of a damaged system, you might also need to know where all your software license keys or their associated accounts are.

If you’re a Windows user, make sure your operating system licenses are linked to a Microsoft account that you have access to. Most licenses, from Adobe’s Creative Cloud to a game collection on Steam, are linked to an online account by default.

Both stand-alone license keys and accounts should be stored somewhere safe. A cloud-based password manager such as Bitwarden is ideal for this.

If you use a KeePass derivative, make sure that you don’t keep the only copy of your password database on your local hard disk, or else it could be lost along with everything else if your hard dies or becomes infected with ransomware.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Trusted Reviews Logo

Sign up to our newsletter

Get the best of Trusted Reviews delivered right to your inbox.

This is a test error message with some extra words