Whether you’ve been knocked off-line due to the dastardly deeds caused by one of those pesky squirrels chewing on the lines of your power generator, your computer was infected with a nasty virus or ransomware, or you just misplaced your phone for the umpteenth time, then you’ve likely learned a tough but unfortunate lesson about the importance of data access and backup. Take heart; you aren’t alone. According to the experts at World Backup Day, 30 per cent of people have never backed up their data, which is why the organisation promotes the annual observance of World Backup Day (March 31) to serve as a reminder for businesses and individuals to review best practices for backing up and securing their most critical files in order to avoid a data loss disaster.
Backing up data is a crucial part of a disaster recovery plan
Human error, technical glitches, cybersecurity failures, natural disasters, and yes, even squirrels, can all lead to a catastrophic loss of data for your businesses. Without safeguards in place, the consequences can be devastating. That’s why every disaster recovery plan must include the use of redundant and highly available infrastructure and the backup of critical data as a part of a secure file transfer system.
While most managed file transfer (MFT) technologies integrate with and leverage a variety of data storage platforms like those offered by Microsoft, NetApp, or Cisco, a high level of responsibility is on the IT staff to make sure all available options have been taken into consideration to ensure the ongoing execution of reliable backups. With so much valuable information stockpiled on our computers—things like personally identifiable information (PII), and corporate intellectual property such as business plans, customer and partner logs, financials, etc.—the stakes are too high for shortcuts.
Six things to remember about developing a backup process
Are your disaster recovery plans up-to-date? Are your valuable files stored safely?
As you answer these questions and evaluate your business’ commitment to your backup practices, here are some important tips to keep in mind:
- Create a Schedule – Enterprise or basic backup solutions normally run on a schedule and create copies or incremental updates to a backup set. If a backup schedule hasn’t been created for your business, identify what’s best for you (continuous/automated backup, once a day, twice a day, etc.) so that you can “set it and forget it.”
- Don’t Forget about your Hosting Operating System – Best practices dictate that your hosting operating system should also be backed up. In most cases the Intel or Windows Server Administration Team has a predefined standard for backup and recovery of the server OS.
- Check your MFT Configurations/Settings – While MFT configuration and site settings are normally scheduled for backup within the application, you should still verify that keys, certifications, and any special code/scripts are included in the MFT backup; if not included, some items may warrant a special manual backup. You should also investigate options to backup and restore individual items like SSH keys, SSL certs, event processing workflow logic and PGP keys.
- Data Retention Policy – Many MFT solutions include options to create a data retention policy, which will allow you to remove files of a certain age located in specific folder structures.
- Use Event Rules – Create archives or backup files as part of your event rule logic to make life easier in the event of an unexpected loss of power or data.
- Consider the Impact on Storage – Some file transfer solutions require the use of a SQL or Oracle database that also requires backup. The data stored in this database is collected over years and can be very large in size. While it is possible to archive these databases, it’s most efficient to work with smaller databases.
A common misconception with any backup process is that, just because you’ve backed up, your data will be safe and secure. Wrong! You’re not done yet.
It’s important to take it one step further and make sure to perform thorough validation and testing to guarantee that when you use your backups, they will actually work. Test, test, and test again. Trusting the safe keeping of proprietary product details, customer history, payment methods, personnel files and other high-value data to a MFT solution managed backup process should include regular maintenance, testing and upkeep.
Lost data, lost money: When not backing up your data increases your security risk
Any loss of data is costly, but when those losses are a result of cybercriminal activity, the stakes are much higher. And with an already complex cybercriminal landscape in a constant state of evolution, businesses must plan their approach to data backup not only as a hedge against data theft, but also with cybersecurity roadblocks in mind.
One such threat that has become a major security challenge in recent years is the scourge of ransomware. Ransomware is a relatively new hacking threat where hackers gain access to high-value files, encrypt them, and then demand payment to unlock the files. In many cases a business may not have their data backed up and so paying the attacker may be best—and maybe the only—option. As ransomware attacks become more profuse affecting more and more organisations, victims find themselves giving in to hackers to keep their names out of the press and their customer and partner information private. According to a report published by PhishMe, ransomware attacks grew by more than 600 per cent in 2016 as compared to 2015, at a cost of more than $1 billion to the organisations unfortunate enough to fall prey.
The good news is that investment in cybersecurity continues to rise in response to the various threats. However, data backup is far too often treated like an afterthought. And while you may have invested resources into implementing strong security measures, why not include data backup as preventative security measure so that you’re always prepared for the worst?
Whether its cybercriminals or mischievous squirrels, we must always be ready for the unexpected because until it’s too late, it’s never too late for data backup.
Greg Hoffer, Vice President of Engineering, Globalscape
Image source: Shutterstock/scyther5