We receive a constant stream of damaged or failed hard drives through our Helpdesk with the request for our technicians to recover the businesses data. These are laborious, drawn-out and costly recovery exercises and are not always guaranteed to be 100% successful. Regardless of the reason for the data loss or hard drive failure (it could be old equipment, it could be cybercrime); the data recovery progress can be avoided if you have an efficient and effective daily backup process; and don’t forget, if you have lost data to a cyberattack, then as a rule, it cannot be recovered (unless you pay the ransom and we all know how that ends!).
What exactly is a backup?
A backup is a way of data storage that prevents the data getting lost when a primary device (such as a laptop, computer or server) is compromised. A copy of your data is stored on an alternative location, so it can be recovered if deleted or it becomes corrupted.
How often and how much should I backup?
The Essential Eight of Cyber Security (a great video resource is available here) outlines a great daily backup protocol for businesses. The 3-2-1 backup rule is recommended which is:
3 copies of your data – your live data plus at least two copies.
3 copies mean redundancy in your files and system. Multiple copies mean fewer points of failure. 3 copies mean the best, most efficient chance of recovering your data when you need it.
2 different media types – for example, storing your backups on both a NAS and USB hard drive.
2 different media mean redundancy in storage devices. This ensures that if a fault occurs in one of your media devices or if one of the devices are part of an incident, you could go to a completely different type of backup device to recover the data.
1 offsite – the data copy is taken offsite or synced offsite via the Internet.
1 copy offsite means redundancy in locations. Keep a copy (preferably all copies) of your data offsite. This means that if it is unplugged from your system and you get hit with ransomware, the ransomware can’t touch your backups. It also will save you in the event of a disaster like a fire, flood, theft, or vandalism.
Can I use Dropbox or OneDrive as a backup system?
Sadly, these services are NOT an effective backup solution. It’s good to have a copy in these services just in case your computer fails, you can easily recover that data, but that will not save you from a cyberattack on the service or if your files are deleted.
Media type and offsite backup, what is this?
There are several types of media that you can use for storage, including floppy disk drives, optical drives (like CD, DVD or Blu Ray), hard disk drives (like the NAS (Network Attached Storage) mentioned above), tape drives, external hard drives, RAID and USB storage drives.
An offsite backup program is software technology that can be installed to backup and report on what has been backed up. Examples of these are:
- N-able Backup; or
- SkyKick for Microsoft 365.
Loyal I.T. Solutions can offer you advice and assist you in purchasing this technology. Contact our quotes team at email@example.com for a quote or advice.
Monitoring and testing for effective backup
It is recommended that you have an effective management and monitoring regime in place. This is to ensure that your daily backup regime is fully effective and up to date. There are many cases where backup regimes fracture or fail and there is no obvious indication. Loyal I.T. can offer backup monitoring and remediation services for you (if you don’t have your own I.T. department). This will take the stress out of ensuring your backup is working and if there is a failure or a cyber-attack, the data is recovered or remediated as quickly as possible.
The final piece of the backup puzzle is testing. Even after following all the right steps, there is the chance that when you go to recover your system from the backup media, there is a corruption, or a fault and you are unable to open or retrieve your data. The Essential Eight states we must perform a full restoration of backups at least once when initially implemented and each time fundamental information technology infrastructure changes occur. The Essential Eight also recommends partial restoration of backups are tested on a quarterly or more frequent basis. Testing is crucial because if something is preventing the recovery of data, it is better to know about it before you need it.
Where can I learn more about my data security or cyber security in general?
Head to Cyber Security Business Connect and Protect to see the videos, Q&A sessions, newsletter, podcasts and more.
Also, we are offering for a limited time, one-on-one Cyber Security Assessments. It’s an official and Government sponsored assessment, so it’s free. Simply fill in the form available here, or give us a ring and we will book a session.