Perform a baseline review of your backup and recovery strategy with our easy guide.
There are many ways for data to be lost. From natural disasters to human error and cyberattacks, protecting your data is key. So is being realistic about how important it is to have secure, frequently tested backups.
Do we have what we need?
What is our critical data? In case of a disaster, what data do we need to continue operating or resume operations? What is our Recovery Time Objective (RTO)? RTO quantifies the amount of downtime a business can tolerate. Understanding this metric is crucial to determining what data to backup, and for how long -- more on that later.
Where is our data being kept? Where are our backups?
Not everyone in your organization needs access to everything. Limit admin access only to those who need it. When it comes to backups, ensure you have backups offsite, and, ideally, air-gapped, especially in case of natural disaster.
How are we protecting our data?
Preparedness is vital. But even better than recovering data is not losing it in the first place. Ensure you have a well-rounded data protection strategy in place (including an effective employee education program) to keep your data safe.
What are our retention periods?
Backup copies must be made regularly to minimize the amount of data lost between backups. The more time passes between backups, the more important data your company may be missing when you attempt to recover. While each business’ needs are different, best practice for retention is 14 dailies, 4 weeklies, 3 monthlies, and one yearly for certain businesses.
Regardless of how you’re storing your data, ensure that it’s readable and can truly be recovered.
Network (SAN or NAS)
Pros: Connectivity is faster, meaning you can back up and restore more quickly.
Cons: Data always grows, so disks must continuously be added.
If you’re on the network, you’re more susceptible to attack if your network is compromised.
Pros: Can be disconnected and stored for safety. Because it is physically air-gapped, the chances of a remote hacker accessing it are few if it’s properly secured. USB devices are also faster and have greater capacity than tape.
Cons: Generally much more expensive than tape, susceptible to damage or destruction.
Pros: Inexpensive and a true air gap system, which makes it more difficult to destroy or attack.
Cons: Deteriorates over time and can become damaged. Must be physically changed (relying on a person to remove the media and plug in the next tape) which introduces the possibility of human error.
Pros: Reliable, low cost, easy to access, requires no physical storage space
Cons: Lack of total control, can be difficult to migrate, and requires internet access. Cloud storage also poses security and confidentiality questions for companies reticent to hand their confidential information over to a third party.
Are we testing often and appropriately?
Having backups in place does your company little good if you don’t test with periodic file restores to ensure your data is fully recoverable. Regardless of how you’re storing your data, ensure that it’s readable and can truly be recovered.
Are our backups immutable?
Immutable data is unchangeable and cannot be tampered with. The next best thing to an air-gapped backup, an immutable backup prevents data corruption and encryption because it can’t be overwritten, modified, or deleted — only read.
What's the safest method for backing up?
Air gaps (having a physical air gap between your backup and the network) can drastically shrink your vulnerability, but they're not infallible. ACS recommends investing in USB drive or tape and having multiple copies of your backups to minimize risk.
Need an assessment, advice, or have questions about protecting, backing up, and recovering your data? Our Storage & Virtualization team has the skills you need.
Get in Touch