Your data is one of your business’s most important assets. Without it your business wouldn’t be unable to operate. Most companies have a disaster recovery plan in place to protect its data, however 23% of businesses have never tested their plans.
Business data is at risk from various threats, so it is important to test and reassess your disaster recovery plans regularly to limit data loss. The backbone to any disaster recovery plan is proper data backup, in this article we will discuss the risks to your business’s data and how to ensure your backups effectively support your disaster recovery plan.
What is your organisation’s current Cyber Security Posture? To understand what risks to prioritise and where your vulnerabilities are, explore the benefits of a Cyber Security Posture Assessment here >
Key risks to a business’s data
When considering the importance of data backup, first you must consider the common causes of data loss within a business. In the past, the three main risks to data were hardware malfunction, accidental deletion and natural disasters.
- Hardware malfunction is when a storage device ceases to work, this is most common in disk drives where the disk or the arm fails causing data to be lost.
- Human error is a common cause of data loss, this occurs when employees permanently delete or overwrite critical data.
- Physical disasters are not as common, however fire, floods and other natural disasters pose a risk to on-premises and off-premises data storage locations.
Whilst these risks are remain relevant in 2021, in the past 5 years the most prominent risks to data have been cybersecurity incidents.
This includes the rise of ransomware attacks and system breaches leading to data loss. With the prevalence of these attacks, it is no longer a case of ‘if’ a business will fall victim to an attack, it is ‘when’. For this reason, businesses should have a comprehensive backup plan in place to ensure business continuity when these incidents happen.
Types of backup storage
The simplest form of backup is data backup to local disks. This is where data is regularly backed up to another drive on a PC or to an external hard drive. Although this is a fast and convenient method of backup, it offers no protection against a natural disaster, or a ransomware attack if it is stored on the local drive. Depending on the amount of data and employees, this solution is often not suitable for large environments.
One of the most common form of backup storage is data backup to NAS. A NAS or Network Attached Storage is a network device that allows all users connected to the network to access and backup their data. As data is regularly backed up it can be quickly recovered in the event of a cybersecurity incident or accidental deletion. The main downside to this data storage method is, as it is on-premises it offers no protection to natural disasters.
To overcome the risk of natural disasters, at least one copy of data should be stored off-premises. A traditional method of off-premises storage is data backup to tapes. This is where data is stored on tape devices over 100 miles away from the business location. This enables business continuity if there is a data loss incident or natural disaster at the business location, however the time to recover is increased as the tapes need to be collected or shipped from the off-premises storage location.
The modern equivalent of tape storage is data backup to cloud storage. This has all the benefits of tape storage but can be quickly accessed to avoid downtime within a business. It is also a more flexible solution as it does not require any additional infrastructure within a business.
Data backup best practices
The traditional backup best practice is the 3-2-1 rule. This states that business should keep 3 copies of all data, this includes one primary copy and at least 2 backups, copies of data should be on at least 2 types of storage and 1 copy of the data should be stored off-premises. Although this method is still effective, with businesses undergoing a digital transformation, the advent of cloud technologies and the ever-evolving cyber security threat landscape, this rule is being superseded by the 3-2-2 rule.
The 3-2-2 rule states that a business should keep 3 copies of all data, one primary, a synced version through One Drive for Business and a cloud copy. The data should be stored on 2 different clouds. This means that the data is stored in 2 off-premises locations for maximum redundancy. Moving to this rule allows for faster recovery from a data loss incident and easy access of all necessary data, regardless of where employees are working.
Backup software solutions
For a business to ensure that backups are completed regularly and effectively, a software solution should be in place to limit downtime after an incident and ensure business continuity. Look for solutions that combine backup, recovery, protection management and cyber security. Full-image and file-level backups should be completed regularly and stored in the cloud or on a NAS. Data backup solutions that deploy cyber security tools like AI-based behavioural detection for zero-day attack prevention and built in ransomware recovery, gives you an additional level of protection from cyber threats too.
To find out more about data backup and how to protect your business from cyber security threats, speak to our team >