Best Practices: Backing Up Data

September 07, 2017

In a data-driven world where information is often a company’s most valuable asset, protecting data is more important than it’s ever been. In one of the most significant cyberattacks of 2017, the WannaCry outbreak caused massive damage—up to $4 billion according to one estimate—to businesses around the world. The estimate doesn't just account for the lost data, but also from its related consequences like the loss of productivity and data restoration costs. Operating systems, software, and even hardware can be replaced, but data is not so easily recoverable or replaceable. While there are solutions that can completely or partially recover lost data, these are often neither inexpensive, nor do they work for every kind of circumstance. What companies need to understand is that the most effective solution to prevent data loss is also the most obvious one: backing up data.

Why are backups important?

Everyone who stores data on a device—whether it’s consumer databases, employee files, medical records or even simple photographs of memorable events—should make it a point to back it up in one form or another. However, organizations are often the ones who have the most to lose when it comes to data loss, as this often results in consequences that can affect production and services.

As mentioned earlier, a company's data is now considered one of its most valuable assets, so it should make sense to do everything possible to protect it. Just as a business owner will purchase insurance to protect their physical business assets, a backup acts as “insurance” against data loss incidents. Backing up ensures that data is easily recoverable and operations aren't affected as much.

How often to back up?

One of the most important steps in creating an effective backup plan is to figure out how often data needs to be backed up. Ideally, organizations should be backing up their data as often as their resources can allow. While many companies, especially smaller businesses, can make do with a daily backup, those that deal with constantly changing data, such as financial organizations, should back up even more frequently—sometimes as much as several times a day.  Companies can look into software that automatically backs up data at selected intervals to make the process easier to manage.

The importance of the data should dictate how often backups are done. Companies with limited time and resources should prioritize backing up their most important files, such as databases. Non-essential data and personal user files can be backed up less frequently.

What is the most effective backup strategy?

The standard best practice for backing up data is known as the 3-2-1 rule.

Why is it called the 3-2-1 rule? Because it involves the following:

  • Creating up at least three copies of the data
  • In two different storage formats
  • With at least one copy located offsite

If a company needs to back up a database of customer information that is essential to their business, following the 3-2-1 rule means saving at least three copies of their database (rule #1) in two different backup formats (rule #2). For instance, they can store a copy of the database in an internal hard drive and two copies in an external device.

The third step involves keeping a copy offsite. This prevents losing copies of the database in case of an event such as a natural disaster. One of the most common examples of an offsite backup is through the use of the cloud. Another alternative is to keep a physical copy in another secure location.

What are the methods used for data backup?

There is no single most effective method for backing up data, as each method has its own unique set of advantages and disadvantages.

External devices such as USB drives and external hard drives are often the cheapest and simplest way to back up data. They are easy to use, transportable, are relatively fast when backing up smaller amounts of data, and provide ample amounts of storage space. They are also offline, which means that they are isolated from potential attacks coming from the internet.

However, external devices can also get damaged, lost or stolen. For example, an office fire can burn down external hard drives storing vital information that is needed to run the business. Without another backup, this data is essentially lost.

Another method of backing up data is to store it in the cloud. This method provides several advantages: for one, it doesn’t use a physical device, thus the data stored in the cloud is protected from physical loss. Cloud backup is also automated, which means that as long as the device or computer storing the original data is connected to the internet, it will continuously and automatically sync files to the cloud – saving both time and resources. Furthermore, many cloud providers use technology such as data encryption and server virtualization for added security.

Cloud backup can take more time, however, as the speed of backing up is limited by the bandwidth of the user doing the backup. In addition, by virtue of being connected to the internet, cloud-based storage solutions can be affected by attacks that target the service provider, such as Distributed Denial of Service (DDoS) campaigns.

Given each method’s advantages and disadvantages, it’s clear why a combined backup strategy like the 3-2-1 rule is important, as it takes advantage of each method’s strengths while minimizing weaknesses via multiple layers of protection.

What should organizations do moving forward?

A large number of data loss incidents can be prevented—or at least mitigated—by the proper backup of data files. It is an aspect of security that organizations should prioritize given the importance of data in their operations.

Every March 31, the world celebrates what is known as World Backup Day, which serves as a reminder of the importance of backing up to protect data. However, it should also be a reminder that backing up isn't something one only does on a single day of the year: backing up data should be performed on a regular basis as part of a company’s culture of security.

HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.