In today’s online world, with cyberattacks becoming increasingly commonplace, securing corporate data is very important for every business. Whilst most businesses backup data, others do not and that is even more of a problem. Having an effective data backup program can significantly reduce the impact of cyberattacks or natural disasters and enhance the technology resilience in your business.

Traditionally, data backup has an integrity focus in the confidentiality, integrity and availability (CIA) triad.

Those who only do regular backups are living with a false sense of security as the information may not be able to be restored and if restored this may not occur in a timely manner, resulting in significant reputational fall-out.

Some amazing and affordable technologies exist to mature our approach to backup way beyond the well proven grandfather-father-son backup routine.

This article aims to help raise the maturity bar by moving from a backup-only mindset to including a business continuity concept to improve availability. Returning the system to an operational state in a timely manner is equally important, as is having the right data to recover. This approach introduces the availability focus, along with the integrity focus, in the CIA triad.

Consider the Following

When enhancing your data backup solution, ask yourself the following:

  1. What options are available when a backup drive becomes corrupted?
  2. When did a test to restore information from one of the backup media last occur?
  3. What will be the impact to the business if critical data cannot be restored?
  4. How long will it take to restore data and be made available to the business?
  5. How much data could be lost and what is the impact on the reputation of our operations?

Having data backed up is great; however, it is only the first step to a successful recovery. If this is critical business data, then you really need to recover and be up and running very quickly, preferably in minutes, not hours or even days.

Introducing Recovery Time Objective and Recovery Point Objective

The last two questions above open up a very worthwhile discussion about two key availability topics:

  1. Recovery Point Objective (RPO): the point to which information used by an activity must be restored to enable the activity to operate on resumption (aka maximum data loss).
  2. Recovery Time Objective (RTO): the period of time following an incident within which a) product or service must be resumed, or b) activity must be resumed, or c) resources must be recovered.

This can be best summarised in the following table:

RPO/RTOIn simple terms, the RPO is how much data you are willing to lose, whilst the RTO is how much downtime you can withstand.

Consider Following these Steps

By following the steps below you may well improve the current backup approach and be able to reduce both the RPO and RTO significantly:

  1. If you have not already done so, move to a fully automated backup process. This removes any dependence on human interaction to backup data sets.
  2. Ensure you regularly test a recovery of your current backup media: this is key to ensuring the integrity of the data you plan to recover from should a major disaster occur.
  3. Do not just keep your latest copy of backup Should that become corrupted too, then you have nothing to restore!
  4. Investigate secure cloud-based backup services, being mindful of any security requirements. This is particularly useful if a site-wide loss occurs (for example, fire, flood or major natural disaster), providing the opportunity to recover critical information at an alternate site.
  5. Where possible, reduce the backup If the current backup of data occurs once per day, then consider reducing it to every few hours. This effectively reduces your RPO from 24 hours down to a few hours!
  6. Have automated snapshots available that you can easily rollback to so that you can recover prior to the data being corrupted or lost.
  7. Have the ability to recover your environment onto a virtual machine (VM). This effectively reduces your RTO significantly. Combined with snapshots mentioned above, this enables rapid rollback to a restoration point prior to data corruption/loss

Where to from here?

A conversation with your infrastructure staff or local IT technical contact can help identify areas for improvement to ensure your business can get back and operational post-crisis, in the shortest possible time. Additionally, there are some great solutions on the market that ease the burden of restoring data when needed most. Remember to promptly get things in place, so that your business can be back up and running!

Tim Rippon
Tim Rippon is the founder and director of elasticus, advising Australian-based executives on how to best manage cybersecurity, disaster recovery and business continuity before a major disaster or crisis occurs. He holds a certified Master of Information Security (ISO 27001), certified Master of Business Continuity (ISO 22301) and Lead Cyber Security Manager (ISO 27032) from PECB. Tim can be contacted via mobile 0417 036 026.