Categories ArticlesData Center

Data backup: Reliable ways to get it done and make it more secure

For a business, losing data is a nightmare of the worst kind. Records of thousands of customers, thousands of products, financial statements, contracts, invoices, inventory records, process knowledge, product guides, and whatnot - imagine what would your day be like if all these data assets were to be lost. Today, it’s not only a natural disaster such as flood or earthquake or a tragedy such as a fire that can cause irreparable damage to your business data. Malicious insiders, cybercriminals, and accidental human error can also cause massive data to be wiped out, forever. If you do not have a data backup plan, you have no plan at all.

Already backing up your data?

That’s a good start. Just that it’s not enough to ensure disaster recovery and business continuity. For most businesses, data backup is mostly about:

  • Backing up data regularly.
  • Creating these backups on reliable and affordable media.
  • Safekeeping the backed up data at an off-site location.

Five years ago, this would have been enough to describe a basic reliable data backup process in an organization. Today, there are a lot more variables in the equation, which calls out business to be more vigilant, innovative, aggressive, and proactive in how they manage data backup for disaster recovery and business continuity.

In this guide, we’ll cover some of the lesser-known and appreciated aspects of data backups. Read on.

Extend your enterprise data security policies to data backup

It’s surprising how many companies continue to manage enterprise security policies and data backup/data recovery in isolation. Every aspect of your company’s data security policies must be extended across to data backup systems and applications. This includes:

  • Access and authorization control to determine who can access the data backup application, and to what extent.
  • Systemic monitoring to ensure that the backup system is healthy and ready to fire up its engines when called upon to do so.
  • Physical security of media where data has been archived.
  • Password policies (complexity conditions to be met, the time before password needs to be reset, etc.).

Build your disaster recovery plan including your data backup systems

A data backup system is not an equivalent or replacement of a disaster recovery plan. Disaster recovery must evaluate the different ways in which the data backup process of the organization could be broken, and build business continuity workarounds to accommodate the same.

It’s only by considering data backups in the light of incident response capabilities that an organization can truly consider itself equipped to meet modern disaster recovery challenges.

Isolate your data backup recovery process and the backed up data

Sounds pretty basic? You have no idea how many businesses lose their data, in spite of a data backup process, purely because the fire that burnt down the server room also burnt down the media storage room where the hard drives were kept. Perhaps a car fell on top of the server room like what happened in that glorious movie “Blackhat”!

Whether you store your data on tape, network attached storage (NAS) or any external drives, remember that it’s your responsibility to implement strong access control mechanisms.

So, review your company’s data backup and archival mechanisms and make sure the backed up data is stored off-site, at a location where it’s safe from natural and human triggered calamities, yet accessible enough to ensure business continuity when the need arises.

Deal with vendors

Invariably, your company’s data backup processes will require services from one or more vendors. Vendors offering Disaster Recovery as a Service, courier services for priority and safe movement of your hard drives, off-site storage services, data center services, or fireproof safes must understand your concerns.

For instance, if you’re going to store magnetic disk drives in a safe, you need one that is rated media-safe and not merely fireproof (because the melting point for optical and magnetic disks is lower than paper). And if you don’t understand how hot fire can get, then watch the movie “Backdraft” or “Only the Brave.”

Also, your service contracts must explicitly mention the fallback mechanisms that help deal with contentious situations. Primarily, you’d want to understand what your vendors do to ensure that your backed up data remains secure throughout all the touchpoints involving them.

Review what’s being backed up

Considering the pace at which data is being generated in businesses, and acknowledging that newer formats of data are being included in the mix, organizations can’t continue with outdated backup rules. Imagine the angst you’d experience to realize that your data backup doesn’t include a crucial bunch of documents because nobody updated the backup process to include these files in the backup scope.

This is best done via regular (biannual or quarterly) audits of your data backup process. Also, if a lot of your backed up data is stored on tape, the audit must also include a recovery test for the data, to make sure it’s healthy and reliable.

Consider cloud-based data backup solutions

In the past few years, cloud-based data backup solutions have emerged as serious competitors to traditional methods. Because of some irrefutable service quality and cost benefits, small business and startups have particularly adopted these cloud-based solutions. Some of the noticeable advantages are:

  • Leading technology giants offer these services, which means you get state of the art technology working to keep your data secure.
  • Most of these players offer affordable monthly subscription plans, wherein companies can upload a certain agreed volume of data.
  • To manage peak loads, companies can quickly get additional storage space provisioned for them.
  • The data is encrypted, which provides another layer of security. The password should not be something like the word orange or your birthday since that can be hacked too easily.
  • Data is accessible anytime, from any device, via the Internet, because it’s hosted on a cloud-based server.

Note: Companies find it useful to press the button for hybrid strategies where the business-critical data is also stored on SSDs, so that they get the ease of the cloud model for most data, along with the peace of mind associated with traditional archival methods.

Difference between business success and failure

Data backup is a technical capability that you have to focus on. This is not something anyone else is going to do for you and this could be the difference between success and failure. A mistake in your data backup process could result in immeasurably huge implications in the case of a data disaster.

Photo credit: Shutterstock

Benjamin Roussey

Benjamin Roussey is from Sacramento, CA. He has two master’s degrees and served four years in the US Navy. His bachelor’s degree is from CSUS (1999) where he was on a baseball pitching scholarship. He has an MBA in Global Management from the Univ. of Phoenix (2006). Currently he lives in the Phoenix area after living in Cabo San Lucas, MX for 3 years. He enjoys sports, movies, reading, and current events when he is not working online.

Share
Published by
Benjamin Roussey

Recent Posts

Losing your edge? 7 free tools to keep you focused at work

Staying focused at work in an always-connected world is hard! Here’s how to use tech — and some free tools…

11 hours ago

What’s next in the evolution of biometrics and facial recognition technology?

Facial recognition technology has matured to the point of being reliable — for better or for worse. What does the…

15 hours ago

Locking down your Exchange server with cipher suites

Cipher suites are a set of algorithms you need to secure your environment, either by using SSL and TLS. Here’s…

18 hours ago

AI cyber risks: What to look out for when deploying AI technology

Artificial intelligence has greatly improved modern life. But businesses must recognize that AI cyber risks exist and take appropriate measures.

1 day ago

Review: Office 365 synchronizing and administration tool CiraSync

CiraSync offers an enterprise solution for syncing global address list contacts and calendars to smartphones and other mobile devices. Here’s…

2 days ago

HIPAA IT compliance: Privacy and security rules you must know

HIPAA is the mandatory health regulation that must be followed strictly. But if you’re an IT pro in the health-care…

2 days ago