- 707.5 million data records were stolen in 2015
- 62% of IT professionals have no clear idea where their company stores confidential security data
- 27% of companies say that data protection policies and procedures are informal or that ad hoc policies are in place, compared to 34% in 2014
Data is the lifeblood of most businesses today and the volume of data continues to grow by 50% per year alongside an increase in the number of servers at 20% per year. And as your data centre scales, so does your backup centre – and at the end of the day, recovery isn’t agile anymore. The skyrocketing growth in data is one of the main reasons why IT environments are so complex and why the job of backing up data is one of the least loved but still the most important processes in IT.
Back up, back up, back up!
Ransomware attacks, for instance, increased by 165% in 2015 compared to previous years. Ransomware is a malicious code that uses advanced encryption algorithms to block system files and demand payment in return for the key that can decrypt the blocked content – your data is held to “ransom”. But without backup there’s no recovery from ransomware. Your backup copy enables you to erase the drive, reinstall the operating system, restore the backup copy and then start fresh.
Where to store your data
Backups save costs and management time. There are various ways to back up your data, for example:
- Locally by installing software on your PC: With this solution, you need to have an IT manager who takes care of this and a strong connections to the server, which results in extra costs.
- In a public cloud: By storing your data here, you don’t need to invest in hardware or software and you are more flexible when it comes to increasing or reducing your cloud capacities. It’s the least expensive solution, but depending on your provider, you might never know in which country your data is stored.
- In a private cloud: this is more expensive than the public cloud, because you get the advantage of a provider who takes care of the hardware, updates etc., and additionally you know exactly where your data is.
Each backup solution has its pros and cons. So when making the decision where to store and back up your data you need to take into consideration how securely it needs to be stored not only for your company but also for your customers.
Keep Business Continuity with a Disaster Recovery Strategy
If a significant negative event hits, companies need to have holistic IT disaster recovery plans in place. Those ensure that despite cyberattacks, equipment failures, hurricanes, earthquakes or other natural disasters critical business processes and procedures can be maintained or resumed quickly. Important steps of a disaster recovery plan include restoring servers or mainframes with backups, re-establishing private branch exchanges or provisioning local area networks to meet immediate business needs.
Data Lifecycle Management for the sake of the reputation
As a company you are the original user and owner of data and thus it’s your sole responsibility to properly manage information across its entire lifecycle. This entails ensuring data is secure, available on demand and able to provide value. The same applies to deleting data. By not monitoring how, when and where data is removed you put the long-term success and reputation of the organization at serious risk.
A good start is to follow these guidelines if you want to eliminate damage caused by data loss and breaches:
- Backup & redundancy: Without backup no protection. Some experts even say you need to have three forms of backup: real-time, daily incremental and weekly incremental. One of the three should be offsite with a cloud provider and the other two can be at different sites of your company, or at two separate locations. The backups should not be connected to a shared drive.
- Establish “least privilege” access: “Least privilege” access can be enforced throughout the entire IT ecosystem. This ensures that no individual, team, process (computer virus) or rogue client (hacker) can have access to everything. The authorized people only have access to appropriate information.
- Data encryption: Data is the new perimeter versus networks and systems. Sensitive information has to be encrypted at source before it goes to the cloud and that is paramount if you are going to have a secure posture in the cloud.
- Choose a trusted data centre provider: Your trusted provider should adhere to the highest security and stability requirements as defined by the Uptime Institute up to Tier 3 classification.
-  Gemalto: “2015 – The Year Data Breaches Got Personal. Findings from breach level index”
-  PWC: “2015 Information security breaches survey”
-  EY’s “Global Information Security Survey 2015”