Data loss can happen at any time and you don’t want to be caught unprepared. Thankfully, many organizations today recognize the importance of backing up data. But a problem remains.
Data loss incidents have grown more complex and many backup solutions aren’t keeping up. To make matters worse, it can be hard to know if your backups are truly working as they should.
So, what are your backups really protecting against?
Hardware Failure and Human Error
These first two are the most common and what most backup solutions are prepared for.
If your PC dies or a server crashes unexpectedly, backups ensure you don’t lose the data on that machine. This is may be the most common issue that backups help to solve.
It happens. You or someone on your team accidentally deletes something or mistakenly edits a finished document instead of creating a new one. These mistakes are easily remedied with backups restoring the erased data.
Natural Disasters
Things get a little trickier with natural disasters. Fires, hurricanes, floods, and other natural disasters test your backups in a different way. These disasters can destroy your onsite servers which highlight the importance of secure offsite storage. This is why so many are moving to a cloud-based data backup solution.
Sometimes we see organizations that think they have offsite backups. But their offsite backup is actually an employee taking a device with data home each night. There are multiple problems with this option:
- Neglects to take it home
- Serious compliance issues are introduced
- Device could be stolen
- Device could be lost
You get the picture. This is a dangerous choice that should be avoided. A cloud backup solution eliminates that risk and takes human error out of the equation.
Cyberattacks
With cyberattacks dominating the news, it’s troubling that many backup solutions we come across aren’t properly configured to really protect you in the case of a security incident.
In a ransomware attack, the bad guys encrypt all your files and demand payment to return the data. If you have properly configured backups you can access your data before the attack happened to restore clean files. However, this situation highlights two important factors.
Backup Retention Policy
Your backup retention policy should cover frequency and length.
- Your data should be backed up daily, ideally twice a day.
- You should have access to the last 30 days of daily backups, along with access to monthly retentions from the past 6-12 months.
Why so frequent and for so long? According to IBM, the average time it takes to identify and contain a breach is 280 days. You can improve your detection to decrease the time to detection, but you may need to go back further than you thought.
Backups Separate from Your Production Environment
It’s also crucial that your backups are separate from your production environment. Otherwise, it’s possible for the cyberattack to encrypt your backups as well. That would naturally negate the value of having backups in the first place, making them unusable
Understanding Backup Recovery
We’ve covered the four reasons you need backups, but it’s also helpful to cover how you recover from those issues. Not all backup solutions have the same recovery process – you have two choices.
File-based Recovery
This backup set up saves files and folders, but not your entire operating system and applications. As a result, a full file-based recovery in the event of a natural disaster or cyberattack takes much longer to restore. And, in some cases, you won’t have a full restoration. This can mean months of downtime.
Image-based Recovery
In this case, an entire image of your computer is backed up including your operating system, applications, and files. This is a more complex solution, but the result is a much faster and more complete recovery. It could mean the difference between being down for a weekend with an image-based recovery or being down for several months with a file-based recovery.
Understanding these two options will help you better determine the risk you’re comfortable with. Then you can make an informed decision that’s right for your organization.