Data Loss Prevention: Preparing for a Rainy Day
One of the most terrifying experiences for a business executive, employee or IT administrator is when data loss has occurred. Perils can come from many places and it’s important to know where they come from. Knowledge is the first step to preventing this tragedy. We will go over why data loss occurs, how to recover if disaster strikes, and how to start prevention right now.
To help you get prepared for when disaster strikes, we have created a FREE Cybersecurity Incident Response Plan template that you can implement in to your business, which you can find at the end of this post.
Top 5 Causes of Data Loss
What are the main reasons your data is at risk?
1. System Malfunctions
This is the leader in data loss. Hard drives fail. Power goes out without warning. Computers are complex machines with millions of points of failure
2. Human Error
Human error continues to be one of the leading causes of data loss. Whether is it from accidental file deletion, failure to backup data, or losing a device, humans are, well, human. Accidents happen.
3. Software Errors
Who doesn’t remember working on an important document or presentation only to run into tech problems where the software freezes and the work is lost? It has happened to the best of us.
4. Computer Viruses and Malware
Viruses and malware can wreak havoc on computers and files. From ransomware encrypting data to viruses like ILOVEYOU destroying files, daily risks abound.
5. Natural Disasters
Fires, floods, earthquakes or wind. These are the most uncontrollable cause of data loss, but fortunately are also the least frequent.
Proper preparation for these inevitable events allows for business continuance and peace of mind. Let’s take a look at some commonsense ways to keep your business going when lightning strikes.
Matters of Metrics
When considering the best approach for backup and disaster recovery, it is important to understand what is being protected and the criticality of the data involved. This is where Recovery Time Objective (RTO) and Recovery Point Objective (RPO) need to be understood.
Recovery Time Objective (RTO)
RTO is the duration of time it should take to restore all applications and systems after an outage. RTO is usually measured starting from the moment an outage occurs rather than when the IT team starts their restoration efforts. Simply put, the moment of the outage is when the users and clients were initially impacted.
Critical questions to consider when determining your Recovery Time Objective (RTO):
1. How long can your business afford to be down before a negative impact, be it revenue, reputation, or another critical metric, is observed?
2. What is your budget for restoration services to occur?
3. What tools, process and resources are needed to meet the objective?
Recovery Point Objective (RPO)
RPO defines the point in time to which you will restore your data after a disaster. It limits how far to roll back your recovery and defines how much data your business can afford to lose before affecting productivity, revenue, and reputation.
Critical questions to consider when determining Recovery Point Objective (RPO):
1. How often does your business data change? Is it high transaction data or mostly static content?
2. What type of backups are being performed?
3. What are the storage requirements to meet this objective?
Down to the Basics
Once you have determined your RTO and RPO, you can start to plan out your strategy. Let’s start with the three basic types of backups; Full, Incremental, and Differential.
A full backup is just as the name implies. It is a total backup of everything. While it is good to have a full backup, it also takes the greatest amount of time to perform or restore, not to mention the amount of space it consumes. If you determine your RTO is short, then using a full backup daily is not a good choice. Conversely, if your RPO is weeks or months, then you will likely depend on full backups.
Typically, only a small percentage of the information in a partition or disk changes daily, or even a weekly basis. For that reason, it makes sense only to back up the data that has changed daily. So, what’s the balancing point? That’s where the other backup types come into play.
A differential backup backs up only the files that changed since the last full backup. For example, if you do a full backup on Sunday then Monday you back up only the files that changed since Sunday, on Tuesday you back up only the files that changed since Sunday, and so on until the next full backup.
Differential backups are quicker than full backups because so much less data is being backed up. It is a better choice for shorter RTO and less attractive for a longer RPO. The amount of data being backed up grows with each differential backup until the next full back up so the storage requirements can become substantial over time.
Incremental backups also back up only the changed data, but they only back up the data that has changed since the last backup — be it a full or incremental backup. If you do an incremental backup on Tuesday, you only back up the data that changed since the incremental backup on Monday. The result is a much smaller, faster backup. They are a good choice for meeting an aggressive RTO but not good for a long RPO. The characteristic of incremental backups is the shorter the time interval between backups, the less data to be backed up, so your storage needs are lower than full or differential backups.
While incremental backups give much greater flexibility and granularity for restoration, they have a reputation for taking longer to restore because the backup has to be reconstituted from the last full backup and all the incremental backups since.
Backups, the Next Generation
If your head is hurting just thinking about the complexities of backup strategy and execution, you are not alone. Doing backups used to be so complex that there was a dedicated position in most companies just to keep it all on the rails. Even then, there were problems. Broken or old tapes and disks added to the headaches of being confident about your strategy. Employees had to make sure their files were closed during the backup window. Periodic recovery testing would take entire weekends to complete. It was a mess.
Enter the next generation of backup.
Modern backup strategies employ advanced software, hardware and cloud services that simplify things, A LOT.
Most backup software available today uses snapshot technology to create a point-in-time copy of the data. Typically, the snapshot copy is done instantly. The original copy of the data continues to be available to the applications without interruption, while the snapshot copy is sent to an on-premises or cloud-based storage location.
Snapshots provide an excellent means of data protection. The trend towards using snapshot technology comes from the benefits that snapshots deliver in addressing many of the issues businesses face. Snapshots enable better application availability, faster recovery, easier backup management, reduces exposure to data loss and virtually eliminates the need for backup windows while lowering total cost of ownership (TCO). Snapshot technology allows businesses to meet most any RTO and RPO goals. The cost of this technology is typically higher than traditional methods because of the storage requirements involved.
Continuous Data Protection
Continuous data protection (CDP), also called continuous backup, refers to backups of data when a change is made to that data by automatically capturing the changes to a separate storage location. CDP effectively creates an electronic journal of complete storage snapshots.
Continuous data protection is different from typical snapshot implementations because it creates one snapshot for every instant that data modification occurs instead of one point-in-time copy of the data created by other methods. CDP-based solutions can provide fine restore granularities of objects, such as files, from any point in time to crash-consistent images of application data, for example, database, filer and mailboxes.
Validation of successful snapshots is often accomplished by actually starting and testing the machine image taken. This offers an unparalleled level of confidence in the integrity of your backups.
There is no “one size fits all” approach for data protection, and some things are worth more than others. There is a myriad of companies that offer backup software and services. It is highly recommended that you work with a trusted technology professional to assist in your selection so that you can achieve a balance in performance, costs and recovery objectives. Contact us today to schedule a free, 30 minute consultation, or take our free, self-guided IT Security Risk Assessment.