- Security TWENTY
- Women in Security
Today is World Backup Day. Backups are for life – not just World Backup Day, says Jon Fielding, Managing Director, EMEA at Apricorn the hard drive and portable drive company.
World Backup Day was conceived in 2011 to raise awareness of how important it is to have a backup copy of the data and information that matters most. A decade on, and this message has taken on a significance we could hardly have imagined. The last year has proved we can never be sure what’s lurking around the corner; reinforcing the importance of taking actions to protect the business and build resilience against disruption.
We need to be prepared for anything – and backing up data plays a major role in this. It keeps information safe, and enables fast response, restoration and recovery in the event of a disaster, reducing downtime and minimising financial and reputational damage. If you don’t already have a strategy in place, developing a strategy, and implementing a robust backup plan is critical. Below are our top tips to help keep your data secure, both in the office and at home.
1. Don’t make backing up your backup plan
Backups are no longer simply about having something in place should your hardware or software prove unreliable, or if your floppy disk has failed on you. Fast forward to 2021 and the risks have grown exponentially with threats to data coming in all forms, be it malware, ransomware or even fires such as the recent OVH data centre debacle.
Backups are now a must have to cover all bases and the need to provide a secure backup has further been heightened during the pandemic with the rise in remote working and data moving beyond the corporate boundaries. A regular and reliable backup process will protect you from unexpected data loss from all potential sources.
2. Backup and backup again
It’s critical to have an offline copy – in addition to on-premise and cloud storage options, back up locally on hardware encrypted storage devices, and mandate employees to do this every day. This is particularly relevant in situations such as the aforementioned OVH cloud disaster where customer data was backed up, but done so in the same location, so both sets were destroyed in the fire with no means for recovery.
This is also a great defence against ransomware when data can’t be reinstalled. With the increase in ransomware, it is critical to store regular backups offline. Employees can then back up to a hardware device and store their data locally, offline and, in the event they have a hardware failure or some sort of malware attack, they have a quick way to restore from a clean, protected data set.
3. Make a recovery plan
Today’s ‘real-time’ culture means that in the case of data loss, users expect it to be restored at once. Backup windows have to be shortened, and fast restores are a top priority. Organisations can no longer afford to wait weeks, days, or even hours. Implementing a recovery plan allows users to proactively prevent or recover quickly from disasters, ensuring data is safe and mission-critical business applications are available. The time it takes to recover information is just as significant and should be regularly tested to protect organisations from being blindsided by an incident.
4. Test your recovery processes
It’s also worth noting a backup isn’t a backup until the integration of data is verified, and the restoration process tested – organisations must test their data recovery/restoration plan. The process is similar to that of a fire drill. Test your back up and assess how long it takes to recover, restore and get things back up and running, whether it be a full data recovery or an individual file. If data is backed up and stored locally and disconnected from the network, this should enable fast recovery if needed.
5. Encrypt and protect
By providing employees with removable USBs and hard drives that automatically encrypt all data written to them, companies can give everyone the capability to securely store data offline. It’s also the perfect solution for remote working, allowing employees to move data to, and from, office to home safely. These devices can also be used to back up data locally, mitigating the risk of targeting in the cloud.
Hardware encryption offers much greater security than software encryption and PIN pad authenticated, hardware encrypted USB storage devices offer additional, significant benefits. Being software-free eliminates the risk of key-logging and doesn’t restrict usage to specific Operating Systems; all authentication and encryption processes take place within the device itself, so passwords and key data are never shared with a host computer.
By deploying removable storage devices with built-in hardware encryption, a business can roll this approach out across the workforce, ensuring all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorised to access it.
We all recognise that data can be targeted and disasters happen, whether it be a fire, hardware crash, malicious intent or user error, the possibilities are endless, but secure backups are essential to avoid putting an end to your data.