You may have heard the phrase, “Denial ain't just a river in Egypt.” We think of that phrase when talking to cities about data backup. Without much explanation, we hear their data backup is “fine.” But it often sounds like denial of deeper problems. What does “fine” exactly mean?
Data backup is obviously a touchy subject for cities, but also one of the most important. Without proper data backup and disaster recovery, a city can permanently lose its most critical data. Many think about potential natural disasters like fire, flooding, and tornadoes. But what about very common potential disasters such as ransomware, a disgruntled employee, or simple user error?
It’s okay if your data backup is “fine.” But before we’re convinced, we ask cities to consider the following questions.
1. When did you last test your data backup?
Testing remains one of the most overlooked, underrated aspects of data backup. Even cities with robust, expensive data backup and disaster recovery solutions often don’t test them. Then, when an incident or disaster occurs, they find their expensive data backup solution didn’t work.
Don’t misunderstand this point. The problem wasn’t because of the technology or solution but because of technology misconfiguration and poor management of the city’s data backup needs.
We’ve talked about data backup testing extensively in past blog posts. In a post titled “Can You Pass Your Data Backup Test?” we outlined five key tips:
- Test your data backup as soon as possible.
- Simulate a full disaster.
- Ensure that your most important data can be recovered.
- Dig deep during a test.
- Set a testing schedule.
Without consistent, proper testing, you cannot guarantee recovery of your data.
2. How fast can you recover your data?
It’s one thing to recover your data. It’s another thing to recover it quickly. You’re a city that serves citizens. They depend on you. When an incident or disaster occurs, they expect you to be up and running soon so that continuity of services doesn’t get broken for weeks or months.
A good data backup and disaster recovery solution should talk about recovery in terms of minutes, hours, or (in a worst-case scenario) days instead of weeks or months. Solutions today involve offsite storage in the cloud that allows anytime/anywhere access to data as long as you have a computer and internet connection. Yet, it’s still common to hear about many cities after a ransomware attack or other disaster that cannot recover data for weeks, months, or ever.
3. Are you backing up your most critical information?
This kind of mistake can often happen with cheap, consumer-grade data backup solutions that aren’t clear about what they can and can’t back up. By default, consumer-grade backup solutions will back up common user files (such as documents, spreadsheets, images, etc.) but they do not back up all of a city’s critical data (including user data). A comprehensive data backup solution that considers all the files and databases that your city needs backed up must be configured, managed, and monitored ongoing.
While many parts of it can be automated, your data backup and disaster recovery solution needs some manual oversight especially related to prioritizing critical information. You need to ensure that payroll, accounting, financial databases, public safety data, court data, utility billing, 911, and other mission critical systems are recovered first. Less critical information then gets restored second. Otherwise, you could face a situation where your photos of past city events are restored first while you wait on your payroll software to get restored.
4. What happens if a ransomware virus hits?
Many data backup and disaster recovery solutions are “fine” until ransomware hits. In dozens of news articles over the past few years, cities say they are “stunned” at how fast and damaging a ransomware virus becomes. Suddenly, cities find they cannot restore data so easily or need expensive professional IT help that lasts weeks or months. This reactive in-the-fire response typically costs a city many times more than the much lower cost of following data backup best practices and proactively addressing data backup needs before a cyberattack.
When a ransomware virus hits, it encrypts files so that they are unusable. If it spreads, that means encrypting information on computers and servers. While endpoint detection and response (EDR) software, IT support monitoring and alerting, and employee training can help decrease the chance of a ransomware attack happening, sometimes one gets through. (It takes just one employee to click on a malicious link or attachment.)
Preparing for the worst, your data backup and disaster recovery solution needs to continuously capture changes to your data made across your entire system. Then, when ransomware hits and the damage looks really bad, you can revert to the last version of your systems before the ransomware virus hit. Sadly, you may lose a little data—but it will be minimal compared to losing all of it.
5. What happens in case of a natural disaster?
In these cases, many cities say their data backup is “fine” when referring to their “offsite” component. We put “offsite” in quotes because it usually means the data is stored close by.
In the minds of city management, the data may seem “offsite” if it’s stored in another building, a few blocks down the street, at someone’s house, or even a neighboring city. However, that’s not strictly offsite. Two key risks emerge:
1. A natural disaster that affects city hall will likely affect buildings nearby.
2. Storing “offsite” data at someone’s house or a bank vault risks manual error, lapses in regular backups, and liability issues.
Cities that take this “offsite” route may experience an incident that reveals they will lose that data too. Instead, cities need a true offsite component such as cloud data backup storage. This data will be potentially stored across multiple data centers geographically far away from the city, and these cloud data centers offer data accessibility anytime/anywhere. Because of redundancy, it’s nearly impossible to lose your offsite data under such an arrangement.
So, if you tell us your data backup is “fine,” then “fine” should mean:
1. I know it works because I continue to test my data backup regularly.
2. I know I can recover my data very quickly.
3. I know my most important critical information is backed up.
4. I know I am prepared for a ransomware attack, and my systems won’t be down for weeks, months, or forever.
5. I know I am prepared for a natural disaster, and I will be able to access my data as long as I have a computer and internet connection.
With data backup, you must know that you know you can say these five things. Otherwise, you are not “fine.” If that’s the case, reach out to us today for help.
Original Date: 4/10/2019