The data backup checkup: Are you prepared for the worst?
If you take one lesson from the ransomware epidemic that has hamstrung companies across the world, it should be this: Mind your backups.
When Hancock Health Hospital was hit with ransomware, its backups were infected, leaving it with little choice but to pay the ransom of $47,000 in bitcoin. When WannaCry tore through over 200,000 computers across the world, patches were to blame. But proper backups could have lifted businesses back on their feet a lot faster.
With a clean backup, you can simply wipe and reimage an infected device. Of course, ransomware isn’t the only reason to back up applications and data. However, as we have seen, too many organizations aren’t ready for a disaster.
Even if you’re confident in your backups, by reviewing your policies and procedures, you can rest assured that you’re ready for anything. It’s not a matter of if you’ll have a disaster, but when.
And since March 31 is World Backup Day, there’s no better time than now to reassess how you back up and how quickly you can recover in the face of a disaster.
3 common backup mistakes
Even if you’re attentive to backups, you might be making one of these common mistakes that could be putting all your hard work in jeopardy:
1. Backing up to one location. By limiting your backups to one location, you increase their potential for failure. Adopting a hybrid model that mixes off-site data centers, cloud recovery, and even tape or disk (if the data isn’t business critical), can hedge against any one method failing.
Just make sure these backups are in a different physical location. Use data centers that are on the opposite coast, and store tapes and hard drives far enough away so that, for example, a hurricane that knocks out your primary data center doesn’t affect your backups too.
2. Assuming the cloud alone is enough. Data and applications in the cloud are accessible from anywhere, and cloud storage can always grow in tandem with your needs.
However, the cloud can still fall victim to human error and software errors. What if your cloud vendor goes down and you can’t access your data?
Keep an eye on your budget too. If a price change spurs you to switch cloud vendors, you might have to pay a fee to migrate your data. This is just one situation in which multiple backups can save the day.
3. Thinking backing up is simple. Backing up your data should be more than copy and paste. While the hybrid method is the most effective and the safest way to back up, it’s also complicated. When you’re combining backups on servers, hard drives, and the cloud, you’re building a complex system.
Let’s say you’re running applications on a virtual machine within the cloud. Some of the app’s data may be stored locally, some is in the cloud, and some is in your data center. All of this data will need to be synced both locally and in your cloud backup if you want a successful restore.
Ask these questions to get your backups in order
Even if you don’t fall prey to these mistakes, you should still perform regular checkups to ensure your backups are ready to go in any emergency. Here are five questions to ask:
- How often do I need to back up? This will depend on your business. Some will need to back up hourly while others could go a day or more. It will also depend on how much storage you have and can afford.
- How quickly do I need to recover? Take stock of your critical applications and data. If you’re a popular ecommerce site or a financial services firm, an hour of downtime could be costly. If you’re an engineering firm, a day might be acceptable.
- How often do I conduct fail-over testing? You should practice possible disaster situations at least once or twice per year to see how much you can recover. Based on how much you need to recover (RPO) and how long it will take (RTO), grade your success. To test further, try and recover specific files and applications.
- How often do I educate employees on cyber threats? Simulate attacks monthly. There are ransomware environments that you can run on your system so you can test whether or not you’re ready for an attack.
- Do I have a file-level backup or an image backup? Image backups are complete copies of your system, while file-level ones carry less data and applications. Knowing what you have – and what you need – will ensure you recover quickly and successfully based on your needs.
What can you do now?
On the endless list of IT goals and to-dos, backups can sometimes take a back seat. It’s the kind of process you set and forget. But few aspects of your IT are more important when the inevitable disaster strikes.
Ask yourself these questions to see how closely your current backups meet your needs. Then head on over to the World Backup Day site and pledge to back up your critical data.
About the author
Gaidar Magdanurov is the Chief Marketing Officer for Acronis.