- October 13, 2022
- Catagory cloud backup
If it’s not a matter of if disaster strikes, it’s when. You need a comprehensive checklist for your cloud backup and data recovery procedure if you want to avoid a disruption to your business and your customers.
This checklist isn’t a one and done, either. You’ll want to revisit it regularly to tweak your processes and the cloud backup and data recovery tools you have in place. Here are five key things every checklist should have:
- Write it down: Document your cloud backup and data recovery procedure and be sure to have a hard copy. It should be a living document that you revisit regularly and outline all mission-critical applications and interdependencies – you can group them together and ensure all connected applications and their data safeguarded equally. Your plan should also detail the roles and responsibilities for everyone involved in executing it, so they know what needs to be done to restore primary systems from a cloud backup.
- Set your objectives: When you lose data, applications become unavailable. A recovery time objective (RTO) gives you a deadline as to how long you can go without an application and decides how much time it will take to recover after the disaster strikes. A recovery point objective (RPO) directs you were to focus your efforts so you prioritize the data you restore from cloud backup – an RPO defines how much data you can afford to lose in an outage scenario and can guide you on how frequently application data must be backed up.
- Add redundancy: Complexity should always be avoided, but don’t streamline your storage as far as to put all your eggs in one basket – be sure your cloud backup service provider has adequate redundancy and consider having data storage options that aren’t on your network to protect it from ransomware.
- Bolster your network: You need a secure and robust network to support your cloud backup and data recovery. Employing deduplication will help you reduce the pressure on your networking and storage resources because you’re only moving data you need to. Meanwhile, make sure data is encrypted when in transit and at a rest.
- Never stop testing: You must test your cloud backup and data recovery procedures by running regular fire drills. This will provide peace of mind that you can completely recover all data and applications as determined by your RPOs and RTOs. Be sure to monitor and verify that cloud backup and replication processes are taking place, that your destination storage media is operating, and that you can easily restore mission critical data with ease.
An ounce of prevention is worth a pound of cure. By having a checklist in place for your cloud backup and data recovery procedure, you can bounce back from a disruption with minimal impact on your business and to your customers.
- June 16, 2022
- Catagory cloud backup
If you want to effectively protection your data, it’s best to keep things simple – complexity is your enemy.
While it’s important to have redundancy for your mission critical applications and data, the more tools and systems implemented to safeguard data, the bigger the likelihood of something going wrong and the greater potential for data loss. Simplifying your data protection systems will make it easier to get back to business in the event of a disruption due to data breach, malware and ransomware, natural disaster or human error.
Less is better
It’s easy to fall into the trap of setting up a complex solution for data protection because your business information systems tend to be complex. But even when you have a wide variety of applications and data to back up, complexity makes your data protection less effective.
The problem is that when lines of business incrementally add Software-as-a-Service (Saas) applications such as Microsoft Office 365 and Salesforce, they often assume data is automatically backed up by the vendor. However, they are just adding to the mix of systems that must be backed up by IT, including multiple endpoints including servers, workstations and laptops, and remote workers and satellite offices. Every time a new software solution, endpoint or physical office is add, incremental data protection is added to keep up with infrastructure sprawl. Complexity is an unintentional side effect because when data protection is put into place, it tends to be done in a silo, not holistically with all other applications and data in mind.
In the same way having more endpoints, network access, and applications creates more attack surfaces for threat actors, having more data protection systems increases the number of potential points of failure in your organization.
More complexity means risk
It may seem daunting to simplify data protection when your data is distributed across different applications and endpoints, especially with rise of remote work and the emergence of the hybrid workplace. Having multiple backup system in place to protect all this information increases complexity and risk of a data breach that can disrupt your operations, cost you customers, and even lead to a breach of regulatory compliance.
And as much as data protection is necessary, you don’t want to create any more work than necessary for your IT teams. Data protection systems must be configured, maintained, and updated, and backups must be verified – double checking backups takes time and people. Each tool you implement requires expertise and training and represents a software license you must pay for and manage.
Overprovisioning your data protection capabilities is an unnecessary expense and doesn’t improve your overall security posture. Running multiple backup solutions with overlapping features and even backing up the same data to different locations, is costing you time and money.
Given the complexity of production systems, it’s not realistic to have a single data protection system for everything, but it’s essential your streamline as much as possible. Settle on a small number of backup tools that will encompass all your system so that your IT team isn’t overwhelmed by their data protection duties. Otherwise, you can end up with misconfigurations that defeat the purpose and result in a data breach.
Most of all, remember that data protection may be essential, it’s not a strategic IT activity, so consider looking at how a managed service provider can consolidate your data protection tools to reduce complexity and ensure all your backups are effectively safeguarding your mission critical information.