Having the right backup solution is critical for a business to recover from a cyber attack. It’s no longer just a case of having data stored somewhere safely. It’s essential to consider what is backed up, what locations are used, how quickly systems and data can be restored, how often backups are taken, and the priority order for recovery etc.
When considering the solutions you’ll use it’s essential you plan for total loss of data including software applications and operating system software. Adopting this approach gives you a greater level of certainty that your business will recover with manageable impact.
There are four parts to consider when implementing robust backup solutions:
Before you can identify a solution for your business you need to consider what needs to be safely stored and how much storage is used. When calculating the amount of storage required it’s essential that you include operating systems, applications etc. in your total figure.
Being able to restore your data is just one part of the piece. You need to be able to restore it before it starts to negatively impact on your business operation. Recovery time (RTO) is the time by which your data must have been restored to avoid further business issues. When considering your recovery time it’s imperative you consider the time it takes to restore the operating system, applications and data. When calculating your recovery time be realistic about how long your business can cope without your data and normal operating systems.
The frequency of your backup will depend on how far you are prepared to compromise. Is it essential that you recover your data from one minute before the attack or could you cope with data recovered from a back up 30 minutes before? If you can accept losing data in the 30 minutes prior to an attack and deal with the effort of re-entering it, your backup frequency will be every 30 minutes. If this is not acceptable than you will require more frequent backup.
When you’ve considered the three points above you will be able to determine the most appropriate backup solution for your business. A variety of storage devices are now available from CDs, USB memory drives, external hard drives, tapes and cloud storage. Using CDs, DVDs and USB memory sticks isn’t recommended as they have limited capacity and can easily get lost or stolen.
Your storage options are:
- Tapes – a medium that’s been used for many years and whilst a proven technology has a number of disadvantages. The main drawbacks to tapes are that they’re an old technology, they can fail at the point of restore and recovery times can take a while. However, they’re currently used in thousands of businesses around the world and serve a purpose.
- External Hard Drives – depending on the amount of data you have these can be a perfect solution. Consider how many you will need as it will be important to have a cycle of backups. You will also need to ensure that they are removed from your office on a daily basis.
- Cloud Backups – with the cost of cloud storage continually reducing there are many solutions available that can cover all of your storage requirements. It’s important to consider how quickly you can recover your systems and data should there be an attack as some cloud services can be slow.
- Hybrid backup – this consists of an onsite backup device and offsite cloud storage as backup. With this option you benefit from being able to recover quickly via the onsite device and the knowledge that not only is your data securely held offsite but that in the event of a disaster (e.g. fire) your data can be recovered easily.