The importance of backups is normally overlooked, however, they are core to your Risk Management Program. Data loss can occur in many ways, from hardware failure, bad actors, human error, and even physical theft. A Full Systems Back Up (FSB) is crucial, it provides a secure archive of your essential information. Whether it is organizational data documents for your business or more personal information a system backup allows you to restore your devices rapidly in the event of data loss. A Full Systems Back Up, in turn, allows for quick disaster recovery (DR). Suppose you do not understand what a full system backup is. According to IBM a full system back-up is defined as “Use system backups to backup and store all of the necessary data and configuration values to restore a server if something happens to your system.”
Risk Management and Avoiding Disaster
Many smaller and mid-sized organizations often fail to consistently keep system backups up to date, according to Help Net Security “While nearly 90% of companies are backing up data, only 41% do it daily.” Thus, leaving a gap in time and vital information. Without a consistent full system backup, businesses have little protection from the impact of significantly disruptive events.
The Cost of Doing Nothing
Infrastructure failure can cost as much as 100,000 dollars per hour, and critical application failure costs can range from 500,000 to 1 million per hour. Many businesses cannot recover from such losses. More than 40% of small businesses will not re-open after experiencing a disaster. Among those that do, an additional 25% will fail within the first year after the crisis. Full system backups can dramatically reduce these risks. According to Kaspersky, “the cost of a data loss incident runs to $1.23 million for big businesses and $120,000 for small businesses.
Where do you Back-up Your Data?
Understanding the importance of a complete system back up is a good start, yet there is more to consider, where do you backup your data?
According to Norton the four most common data backup solutions are removable media devices, external hard drives, cloud storage, and 3rd party back- up services. Let us be clear though, there is much more to consider when choosing where to back up your data, there is not a one-size-fits all solution. To start, you will need to determine your recovery point objectives (RPO) (The amount of time between backups), your recovery time objectives (RTO) – (The amount of time it will take to restore your data), your storage capacity requirements.
Additionally, you should plan to backup your data in three separate locations to increase the chances of recovering any lost or corrupted data and minimize downtime. The National Institute of Standards and Technology (NIST) recommends the 3-2-1 rule. Keep three separated copies of important files and data, one primary backup and two backups (on two different media types) to better protect against the many threats we face in cyber.
What to Back-Up?
Determining which files to back up is always a challenge. There is much to consider, but to start you should prioritize files based on the business and personal value. Then ensure that you back up the event logs, user files, important organizational data, and applications.
The latter three of these examples are self-explanatory, but you might ask why you would want to backup event logs. Well, event logs are critical. They are a record of everything that happens on your system. Review of the event logs after a loss of data or ransomware attack will help technicians identify the events that precluded the loss of data and minimize the event from happening again.
Think of a data backup as the foundation of your organizations Disaster Recovery Plan. By having a backup of your event logs, user files and other vital information, you are prepared for any cyber threats, human errors, or hardware failures that might result in data loss.