The smaller you are..
Posted on 11th July 2018 at 12:51
Within smaller organisations the word or the mere mention of the process for backups is seen as: -
A hassle
A swear word
A lot of fuss about nothing
Something for bigger companies to worry about
The Reality
The smaller you are, the more critical reliable copies of your data (Backups) become, over the last few years the use of technology in the smallest organisation has been made easier, cheaper and simpler to adopt, sadly however its availability has seen a huge increase of Cyber related threats: -
Malware
Phishing
Password Attacks
Denial of Service (DoS) Attacks
Man in the Middle (MITM) Attacks
Drive by Downloads
Malvertising
Rogue Software
The Facts
Data is a currency for our businesses, with the recent introduction and enforcement of GDPR on May the 25th 2018, we are responsible for the safe guardianship of the data we hold, something which has now become even more crucial.
Any organisation, no matter their size, must place a focus on the data they hold: -
What data they have.
Who’s data it is.
Where they store it.
Who has access to it.
What they do to protect it.
Why they have it.
With GDPR we must have Appropriate Technical and Organisational Measures in order to protect our customer, client, employee and supplier data should the worst happen and we suffer a data loss from whatever source: -
A Cyber Attack
Employee Accident
Malicious Intent
With these attacks in mind, we are bound to be able to recover the data we store from before an incident occurs, to be able to do this we must have a "Stringent Complete Backup Regime" to minimise the loss and consequences of the data breach/incident, which will include: -
Reputational Damage
Theft
Financial loss
Fines
Below the surface costs
Backups - The Golden Rules
Assume nothing.
Backups should be generational daily, weekly, monthly and yearly.
User intervention should only be required upon notification of a failure, normal backups should be automatic with no human intervention.
Keep a local copy if you need however main backups should be stored offsite/Cloud.
Ensure data transfer is encrypted to avoid a GDPR breach.
Avoid the use of USB Disks or memory sticks.
Recovery of you data should be independent of the system it is backing up, otherwise your recovery time will be longer.
Regularly perform “Audit Restores” of the data you backup, in simple terms check what you think you are backing up is actually being backed up, otherwise it could a little disastrous when a failure is discovered and you have nothing to restore.
Without good backups GDPR may put you out of Business, don't become a statistic.
To create your GDPR Compliant Backup Solution
Share this post: