Categories ArticlesData Center

Data backup: Reliable ways to get it done and make it more secure

For a business, losing data is a nightmare of the worst kind. Records of thousands of customers, thousands of products, financial statements, contracts, invoices, inventory records, process knowledge, product guides, and whatnot - imagine what would your day be like if all these data assets were to be lost. Today, it’s not only a natural disaster such as flood or earthquake or a tragedy such as a fire that can cause irreparable damage to your business data. Malicious insiders, cybercriminals, and accidental human error can also cause massive data to be wiped out, forever. If you do not have a data backup plan, you have no plan at all.

Already backing up your data?

That’s a good start. Just that it’s not enough to ensure disaster recovery and business continuity. For most businesses, data backup is mostly about:

  • Backing up data regularly.
  • Creating these backups on reliable and affordable media.
  • Safekeeping the backed up data at an off-site location.

Five years ago, this would have been enough to describe a basic reliable data backup process in an organization. Today, there are a lot more variables in the equation, which calls out business to be more vigilant, innovative, aggressive, and proactive in how they manage data backup for disaster recovery and business continuity.

In this guide, we’ll cover some of the lesser-known and appreciated aspects of data backups. Read on.

Extend your enterprise data security policies to data backup

It’s surprising how many companies continue to manage enterprise security policies and data backup/data recovery in isolation. Every aspect of your company’s data security policies must be extended across to data backup systems and applications. This includes:

  • Access and authorization control to determine who can access the data backup application, and to what extent.
  • Systemic monitoring to ensure that the backup system is healthy and ready to fire up its engines when called upon to do so.
  • Physical security of media where data has been archived.
  • Password policies (complexity conditions to be met, the time before password needs to be reset, etc.).

Build your disaster recovery plan including your data backup systems

A data backup system is not an equivalent or replacement of a disaster recovery plan. Disaster recovery must evaluate the different ways in which the data backup process of the organization could be broken, and build business continuity workarounds to accommodate the same.

It’s only by considering data backups in the light of incident response capabilities that an organization can truly consider itself equipped to meet modern disaster recovery challenges.

Isolate your data backup recovery process and the backed up data

Sounds pretty basic? You have no idea how many businesses lose their data, in spite of a data backup process, purely because the fire that burnt down the server room also burnt down the media storage room where the hard drives were kept. Perhaps a car fell on top of the server room like what happened in that glorious movie “Blackhat”!

Whether you store your data on tape, network attached storage (NAS) or any external drives, remember that it’s your responsibility to implement strong access control mechanisms.

So, review your company’s data backup and archival mechanisms and make sure the backed up data is stored off-site, at a location where it’s safe from natural and human triggered calamities, yet accessible enough to ensure business continuity when the need arises.

Deal with vendors

Invariably, your company’s data backup processes will require services from one or more vendors. Vendors offering Disaster Recovery as a Service, courier services for priority and safe movement of your hard drives, off-site storage services, data center services, or fireproof safes must understand your concerns.

For instance, if you’re going to store magnetic disk drives in a safe, you need one that is rated media-safe and not merely fireproof (because the melting point for optical and magnetic disks is lower than paper). And if you don’t understand how hot fire can get, then watch the movie “Backdraft” or “Only the Brave.”

Also, your service contracts must explicitly mention the fallback mechanisms that help deal with contentious situations. Primarily, you’d want to understand what your vendors do to ensure that your backed up data remains secure throughout all the touchpoints involving them.

Review what’s being backed up

Considering the pace at which data is being generated in businesses, and acknowledging that newer formats of data are being included in the mix, organizations can’t continue with outdated backup rules. Imagine the angst you’d experience to realize that your data backup doesn’t include a crucial bunch of documents because nobody updated the backup process to include these files in the backup scope.

This is best done via regular (biannual or quarterly) audits of your data backup process. Also, if a lot of your backed up data is stored on tape, the audit must also include a recovery test for the data, to make sure it’s healthy and reliable.

Consider cloud-based data backup solutions

In the past few years, cloud-based data backup solutions have emerged as serious competitors to traditional methods. Because of some irrefutable service quality and cost benefits, small business and startups have particularly adopted these cloud-based solutions. Some of the noticeable advantages are:

  • Leading technology giants offer these services, which means you get state of the art technology working to keep your data secure.
  • Most of these players offer affordable monthly subscription plans, wherein companies can upload a certain agreed volume of data.
  • To manage peak loads, companies can quickly get additional storage space provisioned for them.
  • The data is encrypted, which provides another layer of security. The password should not be something like the word orange or your birthday since that can be hacked too easily.
  • Data is accessible anytime, from any device, via the Internet, because it’s hosted on a cloud-based server.

Note: Companies find it useful to press the button for hybrid strategies where the business-critical data is also stored on SSDs, so that they get the ease of the cloud model for most data, along with the peace of mind associated with traditional archival methods.

Difference between business success and failure

Data backup is a technical capability that you have to focus on. This is not something anyone else is going to do for you and this could be the difference between success and failure. A mistake in your data backup process could result in immeasurably huge implications in the case of a data disaster.

Photo credit: Shutterstock

Benjamin Roussey

Benjamin Roussey is from Sacramento, CA. He has two master’s degrees and served four years in the US Navy. His bachelor’s degree is from CSUS (1999) where he was on a baseball pitching scholarship. He has an MBA in Global Management from the Univ. of Phoenix (2006). Currently he lives in the Phoenix area after living in Cabo San Lucas, MX for 3 years. He enjoys sports, movies, reading, and current events when he is not working online.

Share
Published by
Benjamin Roussey

Recent Posts

New Mexico sues Google for violating privacy of minors

New Mexico is suing Google for alleged privacy violations against minors, specifically that it uses…

6 mins ago

Exchange 2019: Peaceful coexistence with Exchange 2016

Exchange coexistence has been around for a long time. This can be having Exchange 2010…

5 hours ago

How to check the VM sizes available on your Azure Region

If you want to check VM sizes available to any given region, Azure Portal is…

8 hours ago

Cybersecurity 101: Close the door on open network shares

If you have open network shares on your network, you are opening the door to…

1 day ago

Spear-phishing email results in U.S. gas pipeline ransomware attack

A spear-phishing email has resulted in a U.S. gas pipeline ransomware attack. Making the attack…

1 day ago

Planning your Azure reserved instances and flexibility groups

To really lower your Azure costs, you need actionable information. Get info on flexibility groups…

1 day ago