There are plenty of “made-up” holidays and commemorative dates that are little more than an excuse to sell something or simply lack widespread importance and cultural relevance. March 31 is “World Backup Day,” and it is actually one that has been on some lists for being a “useless” day to note.
After all, backing up our data shouldn’t be something we only do annually, and yet, many don’t even do it that often. Thus, the commemorative date that was first started by Ismail Jadun in a Reddit post in 2011 shouldn’t be seen as useless, but should serve as a reminder that backing up data needs to be done more regularly.
According to a Veeam and Researchscape survey, there is now an assumption that digital files are safely stored in the cloud. Yet, the study revealed that of the 48% of consumers who reported lost data, only 19% had a backup to restore what was lost.
An important consideration is that data can be irretrievable, and not just because of a computer crash or hard drive failure. We should be thinking of backups, plural, including those that are stored off-site. A fire in the home or office could take out the original computer and the external hard drive stored next to it.
“Always have a plan A, plan B, and a Plan C,” suggested Rick Vanover, VP of product strategy at Veeam. “We don’t know what could go wrong, we can only plan ahead to prevent and be prepared. To keep data resilient to the expectations of today and tomorrow, we need to have versatile options to avoid the next disaster. Whether it is – a user deleting a file, or a ‘fire, flood and blood scenario,’ or more likely a cyber security incident – staying resilient is always in style.”
Don’t Forget the Mobile Phone
The other important reminder on World Backup Day is that lost data isn’t from cyberattacks. Increasing a massive amount of data is literally carried in our pockets – on our mobile phones.
“According to recent statistics, 11,000 phones are lost every day, so save your precious memories by putting a calendar task for regular backups,” said Yogita Parulekar, CEO of cloud provider Invi Grid.
Combating Ransomware
A strong policy of backing up data can mitigate the threat from some cybersecurity threats, notably ransomware attacks. There is no need to pay a ransom to regain control of data if it a back up is available. If there were a more widespread policy, it would make ransomware far less effective.
“It’s easy to get swept up in worrying about the latest advanced cyber threats and forget security fundamentals – robust backups, two-factor authentication, never trusting any unsolicited email, etc.,” explained Willy Leichter, chief marketing officer at mobile security provider AppSOC.
Leichter told ClearanceJobs that the best defense against ransomware is having robust backups that are fully independent and isolated from the primary data storage.
“There still can be reputational damage if your data is breached, but being able to revert to a recent backup is always better than having your business shut down,” Leichter added.
However, that doesn’t mean that backups shouldn’t also be protected and secured.
“Ransomware actors target the backups themselves, which has driven vaulting and rapid recovery capabilities with isolation,” warned Lawrence Pingree, vice president of security provider Dispersive.
“Consistent evolution is needed,” Pingree told ClearanceJobs. “I’ve always been a fan of using backups and recovery as a method to move faster, break things, and recover quickly. My belief is that other functions can work more quickly if resilience is handled. Resilience has got to be at every layer to be effective, including the network.”
Recovering From an Attack
The final consideration when it comes to backing up data is how it will be restored. Simply having a backup isn’t good enough.
“Corporate data needs a backup strategy to survive a crisis such as a ransomware attack,” Parulekar told ClearanceJobs. “Per a recent survey, 30% of the time, restoration fails during a crisis, so testing the restoration of data and service is a key part of a backup strategy. For a well-crafted strategy, considering acceptable data loss (recovery point objective), acceptable downtime (recovery time objective), automation, offsite backup location, security of the backups and periodicity of testing are essential for preventing loss of data, reputation damage, contractual SLA violations, erosion of customer trust and going concern issues for the company.”
