Protect your company data in a post-ransomware world
Recent global IT security issues highlight once again the risk associated with managing your company data.
Your company data is one of the most high risk assets your business owns and yet as the data is out of sight it can often be out of mind.
However, there are a number of ways in which you can lose all or a significant part of your business data. This includes;
1. intentional employee/competitor sabotage
2. old and dysfunctional poorly maintained server and backup systems
3. accidental file deletions
4. software database corruption
5. malware and viruses
6. and of course - ransomware
A recent article suggested 88% of firms impacted by ransomware were down for a week or more and 25% ended up paying the ransom with a number not getting the key to unlock the data. See more at legalfutures.co.uk
So what are the risk factors and what can be done?
In most cases risk is increased by poor data security, aging equipment with lax maintenance and unmonitored backups procedures. Therefore protecting data comes down to completing and monitoring regular backups and storing them in a safe place. Better protection comes from taking more frequent backups, keeping longer backup histories, ensuring all backed up data is offsite and keeping the backups separate from the production data.
Achieving all of this in an efficient yet cost effective way is another key responsibility of business management. So what are the options?
What backup options can be used to protect business data?
Option 1 – hardware backup to tape/disk
Traditionally servers in the office which stored production databases and files were backed up to a tape drive each night (and more recently hard disk drives). The data was then taken offsite each day by management and stored in a safe place (eg. a directors home).
The key issues with this approach include;
the backup software managing the process each night has to be monitored to ensure backups are actually completing successfully. If something goes wrong it needs to be resolved at a cost to the business.
the backup hardware needs to be maintained to ensure it is functioning correctly.
the media has to be taken offsite after it has completed which could be late into the night which means in many cases it is difficult to get the most recent backup offsite prior to a disaster – eg an overnight fire or outbreak of ransomware.
the restore process takes a long time and usually requires the IT support company to restore data at a cost to the business
Ultimately this approach puts a lot of responsibility on the business owner and is costly from a number of perspectives.
Our recommended backup software: Acronis
Our recommended backup hardware: Network Connected Storage – SAN (or USB connected for smaller sites)
Option 2 – Cloud Backup
Sending data to an offsite data centre location (cloud storage) rather than backing up data to local tape/disk drives is a big improvement over the traditional approach.
The key benefits of using cloud storage for your backups include;
no need to take data offsite manually
the restore process is often more simple
data can be accessed/restored from different PCs in different physical locations
in some cases data can be stored directly within the cloud storage using file versioning to keep backups
can be very cost effective – a lot of bang for your buck
Things to look out for in a cloud storage provider include;
trust – referrals and reference sites are critical in building trust in a service provider. After all, they are now the custodians of one of your most critical business assets so should not be completely unknown.
data sovereignty – is the data located in Australia? For many businesses keeping their data in Australia is very important and may be a requirement to comply with their professional institute’s recommendations on data storage.
Control and management – does the service provider offer support? Can you get help when you need it? How simple is it to access your backup data?
File versioning – one of the big benefits of cloud storage is to store files, edit and change them and then revert to previous versions. Check the options the service provider offers including how many versions are retained and for how long.
Our recommended Australian cloud storage provider: AusDrive Cloud Storage
Option 3 – Private Cloud Servers
Another option when it comes to protecting data is to store all your data and applications within a private cloud server. This means all your data associated with files and databases are backed up as part of the server backup process management and monitored by the service provider all within the price of the subscription for your service.
The key benefits of using a private cloud server include;
the private cloud server provider takes all responsibility to manage your applications as well as your data and associated backups
backups can be restored by the service provider on your behalf
Things to look out for in a private cloud server provider include all the same elements for the cloud storage and in addition include;
cost – in some cases providers overcharge clients due to inefficient infrastructure design or poor staff management (their two main costs)
performance – ask to try a demo server to gauge the performance of the service prior to signing up
contracts – most providers should provide “month to month” usage and not lock you into set period – eg. 12 months
backup policies – how many days history is retained (should be at least 14 days) and how often are they done (should be at last once per 24 hours)
support – is unlimited support for the server provided for the monthly fee or are there extra fees for support? Look for a provider that includes their support as it shows self-confidence in their service and ensures you have a fixed IT spend each month
applications – do they know how to manage your software – can they show they have experience? If not they will not know how to setup the server or ensure ongoing performance of your business software
Our recommended Australian private cloud server provider is: Habitat3 Cloud Servers
Once data is identified as a critical asset then finding the most reliable method of protecting it at the best possible price (within the framework of the key criteria discussed above) becomes the challenge for business and IT managers. However, progressive firms are showing the way leveraging the modern technologies and services highlighted in this post to protect one of the most critical yet overlooked business assets - your business data.