Data breaches cost companies $4.24 million per incident on average, according to a report from IBM and the Ponemon Institute. There are many scenarios in which data loss can occur, such as ransomware attacks, human error, storage failures, server failures, and natural disasters. In addition to the monetary ramifications, organizations risk crippling production delays and reputational damage when data is stolen or compromised.
World Backup Day was created to remind organizations and individuals of the need to back up business and personal data that is deemed of value. With the cost and frequency of data breaches on the rise, this annual March 31 event is the ideal time to talk with your managed IT service clients about reevaluating their data protection and privacy policies.
Tips to Secure the Backup Environment
Backup is a copy of an organization’s most valuable digital assets. Implementation of secure backup policies is necessary to facilitate disaster recovery protocols when adverse events threaten to disrupt operations. A successful backup strategy requires a deep understanding of the different types of data under protection and the urgency of the data for the users who depend on it. Backup policies, recovery time objectives (RTOs), and backup intervals vary depending on the type of data.
In honor of World Backup Day, consider these three tips for discussing a more secure backup infrastructure with your clients:
1. Don’t confuse cloud storage and cloud backup.
Cloud storage is designed to supplement existing hard drive space and requires manual selection of the files an organization wants to store in the cloud. It doesn't include data integrity checks, and the data in transit inside the physical boundary of the provider is not necessarily encrypted, both of which create security risks. It also lacks file versioning and point-in-time restore. A cloud backup service, on the other hand, is designed to let organizations restore files in the event of data loss, automatically saves and syncs files on designated devices to the cloud, and often includes private-key encryption.
2. Know your data.
Be sure your clients understand what data their business cannot function without. Identification of mission-critical data allows organizations to prioritize backup tasks based on desired recovery options. This is especially important when dealing with large datasets.
Take the time to learn what data is part of a critical application, and how that data and application ties into business operations and/or revenue. Does the data need to be archived? Does the data live in a legacy system? Is it subject to regulatory frameworks, which could expose a business to penalties if data is breached? Backup plans should account for all data and storage a business has, from cloud to local, including archived data.