I have discussed the need for backing up your data in a previous blog post as well as in my 5 Step Security Plan for Small Businesses. Backing up your data is extremely important in order to protect your business from a data security incident. The other side of the coin though is you need to be able to recover your data backups in the event of a security incident, and this blog post discusses the measures you should put in place.
- What do you backup? – In addition to your data, make sure you have backups of your software applications and operating systems.
- Define your backup procedures, who is responsible, and determine how you will restore your data. Let’s take a look at some examples. Backing up your data, although it has gotten much cheaper, can still consume a significant chunk of your IT budget so it helps to define your data and backup accordingly. For example you may have “immediate need” data such as accounting data, email, business documents, etc., that you will need immediate access to in order to resume your regular business activities. In most cases you would back this data up via disk (mirrored network, hard drives, cloud, etc.) so you can restore quickly. Say for instance you get a virus on your Windows network and you are unable to remove it. You can quickly roll back to a restore point using your backed up data and get up and running. For archived data, such as data needed for tax purposes, you can backup to a media type like tape which is much cheaper than disk but may take longer to restore. This type of backup would apply to data that you do not consider “immediate need.”
- Test, Test, Test - You should always conduct a test restore of your data backups. Pick a defined test period such as quarterly or twice yearly and test your backups. You do not have to restore everything. Just simple pick a sample restore and ensure you can restore it without issue.
- Make sure your backups are secure. If you have your backups onsite, use a fireproof safe. If you keep your data offsite, which I advise, make sure you are using secure facilities. If you are backing up to disk and/or the cloud, ensure you have encryption in place to protect your data.
Follow these procedures to esnure you can restore your backed up data in a timely manner in order to resume your regular business activities quickly in the event of a security incident. And as always if you have questions or comments, please feel free to list below.