In an age of diverse, pervasive cyber-threats that seek to access, encrypt, hold to ransom and steal company data, effective data backups can prove vital in allowing businesses to preserve information, maintain functionality and ultimately recover from an attack that could otherwise cause significant damage.
For example, while no backup strategy is 100% foolproof, one that is properly managed can be key to surviving a ransomware outbreak, providing organizations with the means to quickly access ‘clean’ systems and data stored separately from that which has been targeted and locked-down by malicious foes. In doing so, it can continue to operate, investigate the issue and even avoid the complicated issue of entering negotiations with the culprits just to get back up and running.
Upon that backdrop, today (March 31 2021) marks World Backup Day – a global initiative that aims to educate people on the increasing role of data in our lives and raise awareness of the importance of data backups and preservation.
To recognize the event and explore the wider inferences of data backups in the current security sphere, Infosecurity spoke with Luis Navarro, co-founder and director of award-winning, London-based IT support provider Totality Services.
What role do data backups play in modern cybersecurity?
The internet is full of threats to the integrity of your data. Viruses don’t just steal your data, in some cases, they completely delete it, so from a business continuity perspective, being able to recover critical information and files should be a priority for all types of organizations.
The key threat from a cybersecurity point of view is the ever-present risk of ransomware – you may remember the WannaCry attacks in 2017, which hit the mainstream media.
If your data is backed up using a business grade platform with high data retention rates, this threat is less of a concern, as you’re able to recover data from a specific date (e.g. two months ago), before an attack occurred.
What are the risks of failing to effectively backup data?
Keeping reliable backups is a critical part of data management, and if you don’t get it right, there are plenty of risks. The number one risk is data loss. Imagine losing client files or important data – what would that mean for your business? Productivity would obviously decrease as lots of work would need to be re-created, but your brand may be compromised too. What would your clients think about how you protect their data, and would deadlines be missed? The latter may result in loss of revenue.
There are also other risks, which relate to compliance. Many businesses have a requirement and responsibility for securing customer data, a good example are companies that are regulated by the Financial Conduct Authority. Failure to review data backup procedures regularly and not encrypting data held off site could result in penalties.
“Keeping reliable backups is a critical part of data management, and if you don’t get it right, there are plenty of risks”
What are the best practices for ensuring an effective data backup strategy?
Relying upon a single data backup source is not enough for any business, regardless of the vertical in which you operate. We recommend something called a ‘3-2-1 backup strategy.’ which can help protect critical information, databases and IP using a mixture of backup methods.
- Keep thee copies of data: retain the original data set along with at least two backups in case one or more are compromised.
- Use two different storage types: diversifying backup storage types can assist in protecting against data failures. For example, if data is stored on a physical hard drive, use a secondary platform, such as a cloud source.
- Keep one copy of data offsite: retaining two or more copies at the same location can be detrimental in the event of a natural disaster. Storing one copy offsite is a reliable protection strategy.
The 3-2-1 backup strategy ensures multiple copies of data are backed up and retained in the event of any data loss.
What are the key challenges of data backups that organizations must consider?
I would say the main challenge is budget vs functionality. When it comes to budget, the data backup systems that backup data more frequently and retain it all for longer will be more expensive, which makes sense. Secondly, from a business point of view you want to be in a position where you can easily recover any data, quickly – that recovery time is essential, and a fast recovery time will cost a lot more. So these are all factors to bear in mind.