Data Protection Wellness Plan
Simple strategies to help get your backups into shape.
We know we’re supposed to eat right and exercise but putting that knowledge into practice can be a challenge. Unfortunately, the same holds true for data backups in many organizations.
Businesses without a sound data protection plan leave themselves vulnerable to ransomware and other cyber threats that can corrupt, destroy or deny access to critical information. Natural disasters, system failure and human error can strike at any time and without warning. When critical information is compromised, organizations can expend valuable time and resources attempting to recover or re-create it. In many cases, the data will be lost forever.
Regular backups are the only safeguard against costly and sometimes disastrous data loss. Unfortunately, many organizations continue to struggle to get data protection right.
Backup processes have grown increasingly complex with exploding data volumes and the “always-on” nature of business. Additionally, many critical data sources exist outside the corporate data center environment, in departmental file stores, cloud applications and even individual devices.
It’s not uncommon for business-critical data to be stored on the CEO’s smartphone. What are the consequences to the business if that device is lost or stolen?
Assessment Is Key
The first step in developing a backup strategy is to identify all the information that needs to be protected. Leave no stone unturned — in today’s mobile and remote work environment, the backup plan may need to include smartphones, tablets, laptops and home office computers. When evaluating backup solutions, it’s important to choose one that can handle all these data sources so that the organization doesn’t wind up with a fragmented data protection environment.
The next consideration is how often the data is backed up. That’s defined by the recovery point objective (RPO), or how much data the business can afford to lose in the event of disaster. Small to midsize businesses often settle on daily backups, but it may be necessary to back up data as frequently as every few minutes. Modern backup solutions also allow for tiered RPOs, in which critical data is backed up more frequently than secondary data.
Armed with an understanding of the amount of data to be backed up and the frequency of backups, organizations can calculate data storage requirements. Compression and de-duplication can help optimize capacity, but growth should be considered in estimating storage requirements. It’s also important to consider how quickly data will need to be recovered — the recovery time objective (RTO). The shorter the RTO, the faster (and more expensive) the storage needs to be.
Nothing can be riskier than believing you are protected against data loss, only to find out that is not the case. Backups need to be tested regularly to ensure that data is recorded correctly. Backups should be “air gapped” to protect against ransomware, and at least one backup stored offsite or in the cloud to increase the odds that information will always available in the event of a site disaster.
Backups also require security just like other components of the IT infrastructure, especially when it comes to Social Security numbers, payment card numbers and other sensitive information.
Encryption can protect backup data but it’s important to select the right encryption tools so that performance is not impacted.
Organizations also need to consider government regulations such as HIPAA and GDPR that mandate the security, accessibility and retention of information. These regulations make it even more critical to evaluate backup practices and storage infrastructure to ensure requirements are being met. Those who do not properly comply could face stiff criminal and financial penalties.
Technological advances and ubiquitous network connectivity have helped bring about explosive data growth. Regular backups to ensure accurate and up-to-date data protection have never been more imperative. Organizations should establish a solid backup regimen to ensure good business health.