Every year, on March 31, we celebrate the World Backup Day. It reminds us to protect our precious electronic and digital documents as we become more reliant on technology.
For companies, the topic of data protection has never been more important. As systematization advances—with automation blatantly prominence—protecting data becomes even more urgent.
Now, does everyone who leads the enterprise ecosystem understand the importance of a backup strategy? Unfortunately, the answer is a painful “no”.
There are still myths to be debunked about backup; and nothing better than taking advantage of World Backup Day to launch arrows of knowledge to bring them down.
That's what you'll see next. Follow up!
The importance of a backup strategy for your company
A backup strategy is a company's first line of defense against cybercrime. It's also vital for business credibility — customers and business partners need to be assured that their data is in safe hands.
So what should you consider as backup and recovery best practices?
Costs, risks, backup frequency and number of copies are critical to a successful backup plan, but first you need to think about what you need to protect.
Are they systems, servers, data, files or programs? Or is it all? The answer is yes — anything that keeps your business operational needs to ensure continuity in the event of an attack or even disaster (cyber or physical) should be under the umbrella of the backup strategy.
Next, you must think about the potential risks to your business. Think about your location — can flooding pose a threat to your daily life?
Also think about how the data is accessed. Do your customers use passwords to access your services? Are they properly encrypted? Has your company ever been a victim of cybercrime?
If so, what was the route of the crime and do you have enough defenses to prevent it from happening again? With a successful data backup strategy, none of these risks pose a serious threat to your business. Without it, it can be devastating.
→ Also read: 5 Best Practices for Securing AWS Backup Services!
7 backup myths that need to be busted!
1. “Weekly data exports are good enough”
→ The truth: if you back up weekly, your data is still at high risk!
If you're backing up weekly, a lot can happen in the period of time between when you back up your data and when you lose it.
If you run a weekly export on Friday and then a data loss occurs on the following Thursday, you have lost six days of data.
2. “The only reason to back up data is in case of disaster”
→ The truth: data loss is an everyday occurrence and most of it is accidental!
In recent years, several studies have been published showing that SaaS data losses happen and that the most common cause is human error, by a wide margin.
The simple fact is that typical data losses are not caused by a phishing attack or a rogue employee. Most are just mistakes.
And the larger the application deployment, the more likely errors are to occur.
Every time every user with permission registers to operate systems, every API call, every connection point to another application, every interaction with a third-party service provider is an opportunity for someone to make a mistake that corrupts and destroys corporate data.
3. “All data backup solutions on the market are basically the same”
→ The truth: not all that glitters is gold; you need the right backup solution for the particularities of your business!
An increasing number of backup and recovery tools and services are available on the market today. There are many excellent options, but it is crucial to match the solution level to the need level.
A solution that works well for a small or medium-sized business is unlikely to meet the needs of a large enterprise.
Here are some key points of difference to consider when evaluating your options:
Security
Most backup solutions aimed at smaller businesses cannot offer “no-view” service — this means vendors can see your data, which can leave them exposed to additional risk of breach.
For organizations with high regulatory requirements or security needs, this can be a big problem.
Performance
Dealing with large volumes of data, at speed, requires specialized infrastructure and the ability to capture all aspects of your data, which incremental backups cannot do.
Solutions designed around the needs of smaller companies can be too limited to handle the amount and granularity of data that companies need to manage.
Expertise
Simply having the technology is only part of the equation for effective backup and restore.
You also need the right process and training for teams and, in many cases, the ability to outsource backup when in-house teams aren't available.
This requires a level of expertise and support that the simplest applications may not be designed to provide.
4. “My company's data is in the cloud, so it's always protected”
→ The truth: if you haven't taken deliberate steps to back up your data, it's not 100% protected!
Cloud platforms adopt a shared responsibility model for data. This means that you can count on the provider to ensure the security and integrity of the application, but you are responsible for protecting and managing all the data it generates.
For example, if a disk array fails on a backend database, the provider will fix it. But a data loss resulting from a user error, a failed integration, or a malicious attack on your organization is your problem to solve.
5. “Data backup and disaster recovery are the same thing”
→ The truth: there is “kinship”, but one thing is one thing and another thing is another thing!
Data backup and disaster recovery are two equally critical parts of the same concept: business continuity; that is, you cannot have one without the other. Changing it up: data backup is the process of making the backup itself, while disaster recovery is when those backups are recovered.
To better explain these differences: Data backup represents a figure called 'recovery point objective', which is the amount of data that needs to be recovered to keep operations going. And disaster recovery makes use of the 'recovery time objective', which takes into account how long this process takes.
That is, your business continuity plan should include recovery point and recovery time objectives.
6. “We don't have high-value data to protect with a backup strategy”
→ The truth: look...
No matter the size, every business generates valuable data every day. Credit card information can be as high as $5 per record on the black market, while personally identifiable information from customers and employees can be worth up to $450 per record.
Then there's financial and sales information and intellectual property, which competitors may be eager to obtain.
When it comes to ransomware, attackers don't necessarily care about the resale value of the data they're holding hostage; they just need the company to need the data enough to pay to retrieve it.
In fact, the cost of ransomware-related downtime is around 50 times higher than the ransom itself.
7. “We don't need a backup, our antivirus software will protect us”
→ The truth: you are abusing your naivety!
With the wide variety of sophisticated cyber threats out there, antivirus isn't enough to protect your company's data.
No Datto's global study, half of respondents reported that ransomware-type attacks were able to bypass antivirus and antimalware solutions, including legacy anti-malware and signature-based antivirus filtering.
→ Also read: Is your company prepared for the GDPR?
How about, your company can celebrate World Backup Day without worries? What did you think of this list of myths that are still alive? make contact with us and see how we can structure an Amazon Web Services backup strategy for your company!
