When we perform a Business Technology Assessment for a client, backups are an area that frequently need attention.
We’re not referring to the places where backups aren’t being done at all. That is a problem that’s easy to identify and resolve. Those are the conversations which usually contain phrases that begin “I know I should back up more often, but…”
The truly dangerous situation is one where everyone thinks that backups are adequate, but they really aren’t. By the time they find out, it’s often too late to do anything about it.
Here are seven warning signs that your backup “eggs” could be vulnerable:
#1 – There isn’t a written procedure for backups.
Documentation doesn’t need to be fancy or complicated, but it does need to contain everything that you need to restore data in case of a disaster.
At a minimum, it should outline what is backed up, how that process works, how to check to make sure it’s really working, and how to restore the data when you need to.
Make sure that a second copy of this information is maintained in a different location that is easily accessible in case the original is lost or destroyed.
#2 – Backup data isn’t being verified.
Backups that can’t be restored are worse than no backups at all. They give a false sense of security and encourage careless behavior.
Know how to check whether your backups can actually be restored, and spot check them on a regular basis.
#3 – You only make one backup copy
We recommend that you always have at least three copies of your data – one live copy, one on-site backup, and one off-site backup.
The off-site copy should ideally be stored offline, and when possible it should also be stored in a different format than the on-site backup.
For example, if you use a tape drive for the on-site copy, you may want to occasionally put a copy of that onto an external drive and store it in a safe at another physical location.
#4 – Backup data isn’t being kept offsite.
We already covered this, but it’s important enough to say twice. If the only backup of your data is in the same physical location as the original data, then you’re at risk. Simple as that.
Figure out a way to make a copy that is stored somewhere else, and make sure that happens as often as is practical.
#5 – Backup data isn’t being kept offline.
With high speed internet being available to so many businesses, it’s tempting to just make a copy of your backup data and store it on a server in another location.
The risk in doing this happens when someone maliciously targets your data and tries to destroy it. If they can get to the first copy, they can probably get to both. Keeping the second copy offline adds an extra layer of protection against this threat.
#6 – You don’t secure your backups.
You should be storing your backups with the same level of security that you use for the original data.
Nobody should have physical or network access to a backup unless they also have access to the original data.
#7 – You don’t check up on your backup provider
It’s great to hire experts to ensure that your backups are working. When you do, be sure that you understand both how the backups are done, and how you recover if there is a problem.
The first six warning signs are equally applicable to outsourced backups, and should be followed even if you choose not to handle the backups in-house.
Don’t walk on eggshells when it comes to backups.
Hop to it, and make sure that they are working BEFORE you need them.