Get Started Today! (206) 709-9556
Backing up data is not new. In fact, it has been a common practice among people who have been using computers since they were invented. The process has become more efficient nowadays, and the reasons for needing backups has shifted.
Why backup your data?
There are three main reasons why people perform backups.
The first reason is to protect against data loss caused by user error - when people accidentally delete or overwrite data that they have been working on.
The second reason is loss of either physical location or hardware failure. Loss of physical location may be due natural disaster, such as fire, flood, earthquake etc. while hardware failure could be due to a bad hard drive or a damaged component in a computer/server. This used to be much more critical since the hardware did not used to be as robust, or replacement components so easily sourced.
The third reason is to provide protection from malware viruses or ransomware.
Historically, computer viruses have been a problem but were not considered as big an issue as they are until the emergence of crypto currencies. Crypto currencies allowed bad actors to receive anonymous payment for their actions. This has led to an explosion of malicious software or ransomware. Since they can now monetize their efforts, these groups create software which encrypts your data, and they will provide decryption mechanisms in exchange for payment in crypto currencies, such as Bitcoin. In order to mitigate against malware or ransomware, companies need to have a strong backup and disaster recovery strategy to allow them to recover their data in the event they are attacked. If done properly and monitored thoroughly, it could be the difference between down time and the complete loss of a business if they were unable to recover their data.
Considerations in Data Recovery
When a business temporarily stops its operations due to system failure, it causes what we refer to as down time. When quantifying the impact of downtime, there are two things need to be considered.
First is the Recovery Point Objective (RPO) and the second is the Recovery Time Objective (RTO). RPO refers to how far one has to go back to retrieve the last good backup of the data. Needs to be decided based on your business needs. Do you need to be able to restor and only lose an hour of data, or depending on the importance of the data that needs to be recovered could a day be an acceptable loss.
RTO refers to how long before the business is operational again after an event. This does not necessarily mean a hundred percent return to normal operations; For instance, this may be where a virtual replica of the server running is up and running, either on-site or remotely. This can often times be done in a matter of a few minutes.
The 3-2-1 Strategy
A common backup process that is being used by many organizations is the 3-2-1 strategy. This means that there should be three copies of the data stored on two different media devices, and at least one copy is stored remotely to the location where the main data is located. The main data may be stored on a personal computer or server. The second copy is stored in another device in the same location (an external drive or Backup server), but the third copy is stored in another device in an entirely different location. In other words, there is an original file (1), a local backup copy (2) , and an offsite copy (3). The offsite copy may be in another office or more typical these days offsite copies are typically replicated in the Cloud. If done properly, storing backups in the Cloud is one of the safest ways to back up data, since it is stored in an environment isolated from the primary data source or ‘Air Gapped’.
What is Air Gapping
It is important that backups should be protected from being altered or deleted. The easiest way to do this is by ‘air gapping’ them. Air gap means that there is no direct connection between the local device and the one that is offsite or remote. Different credentials are used to log in to the network that is being backed up as to the network where the air-gapped backup is stored. Data is encrypted when transmitted between the two networks so that it cannot be intercepted during transit. It is also important to retain a history of different versions of the data from the past so that one can go back prior to the infection if it is not immediately detected. This is referred to as the retention period and it varies based on individual needs and requirements – for instances, some data may have a legal requirement to be held for a defined period.
Verification of Backups
Backups need to be verified and tested on a regular basis to ensure that they work. It is also important that the people in the business know how to use them, otherwise, it is of no value. A backup which doesn’t work when you need it has no value, so it is critical to have known documented processes which are thoroughly implemented and regularly tested.