Backup is your last recourse. It’s the last line of defense that you hope you never have to use. It’s your protection from bad judgement, user error, hardware failure, or just in case the bad guys do manage to get past your firewalls, web filters, email filters, antivirus, and malware detectors.
The modern business world runs on data and losing your data could mean losing your business. So a solid backup strategy is essential for any organization that really wants to protect its data—and today, that’s everyone.
What Are the Key Points a Data Protection Strategy Should Include?
Just having a backup product isn't enough—you need a good recovery strategy in place. Of course, you can’t recover what you haven’t adequately backed up, so the following guidelines can help ensure you have what you’ll need at recovery time.
Your backups should be:
- Consistent: Backups should be scheduled to run at regular intervals with enough retention to cover data that changes both frequently and infrequently. Efficient backups of only changed data will allow you to back up more frequently, since each backup will take less time to complete. To calculate this, you need to understand how much data you and your customers can afford to lose based on how often data changes. You should also determine how long you can afford for your systems to be offline. This is your recovery point objective (RPO) and recovery time objective (RTO)—click here to read What's your RTO/RPO and how do you calculate it?
- Inclusive: Any backup strategy needs to cover protecting not only today’s assets, but also any new types of assets when they appear, as well as ensuring that nothing is left under protected. Consider servers (both physical and virtual), workstations, and SaaS applications like Microsoft Office 365.
- Scalable: Your strategy must also plan for scalability across an organization, this means it needs to not just cover key systems, servers, and users, but should also cover distributed endpoints and applications.
- Innovative: You also need to ensure your strategy accommodates the rapidly-changing IT landscape. You’ll need to support new environments and applications that you haven’t standardized on yet.
- Secure: Security is a critical element of any strategy. Your backups must be controlled to restrict and authorize access so that only pre-approved techs or admins can select, protect, modify, recover, and purge protected data. The backup product you choose must be compliant with applicable industry or regional data security regulations.
- Distributed: Your backup strategy also needs to help ensure you’re covered for all eventualities, which means storing multiple copies on different media at different locations. Here, the 3-2-1 rule is an important guide—essentially, it means having three copies of your data, across two different mediums with one off-site. Click here to read Do You Need an On-Premises Storage Vault? Part 1: Understanding the basics to find out more about the 3-2-1 rule.
- Efficient: Finally, make sure your systems work efficiently. The above points like consistency, inclusiveness, scalability etc., shouldn’t be mutually exclusive—and efficiency means they’re less likely to be sacrificed due to limited bandwidth, storage, or finances.
Recovery is Key
It’s important to not get bogged down in worrying about the methodology of how backups happen, instead you should focus on the end result—which ultimately is the ability to recover systems quickly and get businesses up and running as fast as possible with minimal loss of data. That means looking at how you manage, monitor, and report on backups on a daily basis, as well as how quickly and easily you can recover data when the unexpected happens. All these elements will help you ensure you can recover as expected.
When it comes to deciding on a solution with which to deliver your data protection strategy, make sure you do the research before you buy—and run a thorough test of your chosen backup and recovery solution. Many organizations make the mistake of not realizing backup is a long-term commitment to your products and data. It’s important to understand that switching products or providers may be a less appealing option after you are already 12 or 24 months into your backups.
Also, remember that backup is a crucial part of your security strategy—it’s your last line of defense in the event of a breach. So invest in backup like you would any other security product. Look for established products and secure locations, train and reward your staff, or contract with service providers that have a track record of keeping data protected.