Get expert tips backing up data, as well as answers to these questions and more: Who should back up data? When should backups occur? Where should regulated data be stored?
Data, it is said, is the most expensive part of a computer. Components may be upgraded and equipment replaced, but the precious data contained in all machines is virtually irreplaceable if lost.
That is why a good backup plan is tantamount to keeping data safe, secured, and ready to use across any number of computing devices used daily. From smartphones to laptops to servers and wearables, data should be secured for all your myriad of devices, both personally and professionally.
Highlighting the cause every March 31st is World Backup Day! This day brings about awareness for every man, woman, and child that accesses data from any device to review their backup policies and—if none are in place—create a plan that will protect all the data on all your devices so you're never left out in the cold again.
SEE: Data backup policy (Tech Pro Research)
Cloudwards.net published an easy-to-use infographic that's simple to follow and includes bulletproof methods to implement a backup plan for just you or the entire enterprise (Figure A). It uses industry-leading best practices and mixed media to ensure data safety is a priority.
Screenshot of the very top of the infographic by Cloudwards.net.
What causes data loss?
Data loss comes in many shapes and forms, and it affects different types of devices in varying ways. Smartphones, for example, typically experience catastrophic data loss (being the type that is irrecoverable) due to being destroyed from human actions or extensive water damage. Desktops and laptops more commonly see the storage device, such as a hard drive, failing and taking with it any data stored therein.
However, data loss doesn't have to result from hardware damage as many valid forms of loss stem from theft of equipment, corruption, and increasingly from malware infections, like the ransomware that has been infecting corporate desktops and encrypting their data, withholding the encryption key until a ransom is paid.
How can data be protected from loss?
Through the use of at least one—though preferably more—backups to ensure a copy of the data is stored on another medium in case the primary storage mechanism fails.
The most common method is through the use of an external USB hard drive or a network-connected hard drive. These devices usually provide adequate protection for data backup. However, with more users opting for mobility, this means that the backup will only occur when the end user has connected the drive to the computer, and part of the problem with data loss in general is that it occurs in large part due to human error; so, trusting to remember to plug in the drive daily is not the best option.
Luckily, most devices are internet-enabled, and having an "always-on" connection makes cloud-based offerings perfect candidates for backup, especially since most cloud services offer a "set-it-and-forget-it" method of ensuring data is backed up automatically after the initial setup has been completed.
Another method, most commonly found in businesses, is tape backup. These magnetic tapes are an inexpensive way to store backups of corporate data, because they hold hundreds, even thousands of gigabytes of data. They also provide an additional layer of security in that they can be stored offsite, such as in safety deposit boxes, to protect against elemental issues like fire and floods to name a few.
Who should back up data?
Anyone and everyone who relies on a computing device to create, edit, or otherwise modify data for business and/or personal use should have a daily backup plan in place to protect that data in case of loss.
Some organizations and professions are legally required to make regular backups of their data and keep that data stored in a secured, even encrypted, format for a length of time due to local, state, and/or federal regulations or to add increased protection to medical or financial records.
Depending on what field you work in, regulations may be more stringent than others, requiring specific certifications to be held by vendors prior to utilizing their backup services to remain in compliance.
When should backups occur?
Backup frequency, theoretically, should be a daily occurrence. Daily backups are considered "current" and will involve the least amount of recovery time since chances are the data is one day old at max.
A better frequency to aim for is ongoing, as there are a number of backup solutions—local and cloud-based—that offer software that works to monitor your system(s) and perform continuous backups of data that is modified, as it is modified.
However, theory is often different from real-world scenarios, and in the real-world, a mobile worker might not be able to perform a backup while using his/her tablet during a meeting, so it would have to wait until a time in which the tablet is not in use through traditional methods.
This is why the introduction of the 3-2-1 rule for data backups makes logical sense for the real world, as it introduces flexibility. The 3-2-1 rule posits that there should be at least 3 copies of data that are stored on at least 2 different media, and at least 1 of the copies must be stored offsite.
In a perfect world, each copy would be identical and replicating, which means if one copy is changed, the remaining copies update to change as well. But as we've covered earlier, theory is seldom similar to the real world. What this does help with is providing another backup type that allows the end user to access his/her data from another device stored on another medium.
Where should regulated data be stored?
This largely depends on the type of industry and what company policies are in place that governs data storage requirements. The best answer for this will likely be found by meeting with executives from your company's HR and legal departments to identify what options are available.
Once the specifics are known, where and when data should be backed up, in accordance to how it should be stored, can be decided. As stated previously, certain types of industry hold firmer regulations than others over data.
In one example, Company A may be allowed to keep data offsite on cloud-based storage services. However, since part of the data being backed up includes customer records and other personally identifiable information (PII), it would be a good idea to find a service that only encrypts data transfers from end-to-end but also adds an additional layer of security by encrypting the data stored on their servers as well, to further protect customer records in the event of a security breach.
SEE: Power checklist: Managing backups (Tech Pro Research)
One tried-and-true method of providing data security—and certainly one that extends to data backups, especially in the corporate realm—is the CIA principle. CIA is an acronym for Confidentiality, Integrity, and Availability. While CIA is an information security practice, it certainly lends itself well to data backups, since it is largely made up of the very same data that needs to be protected.
- Confidentiality refers to restricting the data to only the parties that require access to that information. Typically, this would include encrypting data so that only those with the decryption key have access to view it.
- Integrity requires ensuring that data is correct and has not been modified or made corrupt, thus rendering the information useless. An example of integrity would be file-versioning, which is included in most cloud-based services as a means to roll back data in the event that the current iteration of the file becomes lost or damaged.
- Availability involves the data being accessible to users as needed. Similar to how larger websites host their content on multiple services in the event that one server fails, the secondary webserver will serve the required website in the absence of the primary webserver. Data backups may fail from time to time, due to the internet cutting out and not making a connection to a cloud-based service. So, when this occurs, a backup for the backup, so to speak, would fill the gap and still keep data protected from loss.
Why is data backup awareness only one day of the year?
Like any important day, remembrance should be daily. Making a backup once a year does not make for a safe or particularly secure backup of your device's important data.
Conversely, having too many stopgaps in place will likely create so much overhead that storage and backup will take over and prevent you from doing any work or enjoying your data in the first place.
What method do you use for backing up your data? Share your experience in the discussion thread below.
- Top 5 ways to back up your data (TechRepublic)
- Data backups: The smart person's guide (TechRepublic)
- Backup vendors say 2018 will see secondary data work smarter (TechRepublic)
- The 2018 ultimate guide to Gmail backup (ZDNet)