By Mary Ellen Cavanagh
With World Backup Day on March 31, those of us in the data protection industry have been compelled to implore people to not be April fools by not backing up their data every year. Perhaps I’m the fool for thinking, after 25-plus years in this industry, that everyone already knows to – and is – performing regular backups.
Whether you’re a veteran in protecting your own or your company’s data, or if you’re just getting started, the best advice I can give is to plan ahead! Here are five quick tips to prepare you for World Backup Day, and every day thereafter:
1. Research storage options, and choose wisely
In the early days of backup, there weren’t many options for where to store your important data. When I began my career in the early ’90s, tape was king. Although tape isn’t going away, and in some cases it’s even making a comeback, there are many more storage options available today. You need to determine which one, or which combination of options, is right for you.
Tape: Although it may be an inexpensive option for long-term storage and disaster recovery plans (and backup performance has increased tremendously with newer tape drive technology), data recovery times will be longer.
Disk: The cost for disk storage has significantly dropped over the years, making it an attractive option for near-term storage and fast recovery.
Cloud: With cloud storage, you only pay for the amount of storage you need. It typically does not cost anything to move your data to the cloud, but there are per gigabyte costs associated with recovering that data from the cloud.
2. Identify government or company regulations
Whether you are going to be affected by the European Union’s General Data Protection Regulation (GDPR), or if you need to comply with specific government or company policies around data collection and storage, you need to know how it will impact your backup strategy. You may need to keep multiple copies of your data, and in different locations, or you may have to retain your data for specific periods of time. This will contribute to the type(s) of storage you choose, as mentioned previously.
3. Secure your data
A large percentage of security breaches are caused by the mismanagement and mishandling of data backups. There is a risk of losing data through hardware failure, accidental – or intentional – deletion. And now more than ever, ransomware. You need to do your due diligence in determining the best methods for not encrypting your data so that it cannot be accessed should it fall into the wrong hands, but also in planning your actions in the event something happens. I’m sure you would much rather recover your data from a backup copy, rather than pay a ransom for it!
4. Determine recovery objectives
Determining acceptable Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) is crucial. Performing a business impact analysis will help you establish the maximum allowable threshold of data that can be lost in the event of an outage or disaster (RPO), and the duration of time and service level in which you need to have the data available (RTO).
5. Test, test, and test again
Your backup is worthless if you can’t recover the data! Through the years I have seen so many companies focus on the speeds and feeds of their backup but neglected to test recovery scenarios for real-world loss of data events. Mark a date on your calendar to perform tests once a quarter; also include scenarios to restore in and out of place, across different locations, and ensure they are meeting your RPOs and RTOs.
Now that you have the basics, there’s no excuse to not protect your data on March 31 and beyond. Call me foolish, but I believe every day should be World Backup Day!