Routine, Routine, Routine
I have a routine when it comes to backups. I backup my email, devices, and important files and then I backup our company and our client’s data. Yet, the routine rarely changes, other than by size and time. Every time I engage a backup, I watch the clock tick and tock.
The service IT provides is the ability to recover from a hiccup, an end user issue, or (hopefully not) a catastrophic failure. I do not care for any of those scenarios as the information is often vague or does not provide adequate details about the event or its root cause. Nonetheless, a backup will become critical to your company’s operation and for your clients’ peace of mind during those situations.
For my organization, backups can be the difference between a few minutes, days, weeks, or even months of data having to be restored. Not only is the return of the data important, but the soft hours of having staff re-enter information and the error potential make that situation untenable.
It is your IT professionals’ role to secure your data for the company. They are to have a plan, a disaster recovery, and a business continuity plan. This plan should outline the backup schedule, the duration of a backup, a communication protocol, and define a data recovery testing process with adequate storage to perform all the above functions.
- You or your business should have an immutable version of the critical business data you have online. This data source should not be on your network or accessible from your network. Not only does this save you if a physical issue (fire, flood, tornado) were to impact your business, but the immutability of a data source allows for restoration with less impact to your business during a cyberattack.
- Depending on the sensitivity of data, the configuration of a backup schedule and retention is equally important. How often are full and partial backups conducted? How often are incremental backups stored? How accessible are the backups for restoration? Who has access to the backups? Where are they stored? Is the data in its original state or is it encrypted or protected by other services such as two-factor authentication?
- Fully document the process, access and test the solution. Not just once, but regularly. Be diligent in pointing out anomalies or failures and certainly celebrate success too.
This March 31st, World Backup Day will come and go. The effort you put into securing data may make this day even more meaningful to you.