March 31, 2021
10 Backup Practices to Embrace World Backup Day
Pick a date. Any date. Guess what: it’s a world, or at least national, day for something. But whereas you can be excused for politely ignoring National Avocado Day, it stands to reason that you would enthusiastically embrace World Backup Day on March 31. And the best way to honor it is by backing up your data.
To give you a head start on data protection, we’ve put together actionable advice on safeguarding your environment from data loss, and added some backup statistics for good measure. Even though this article is geared toward IT professionals involved in data protection, those occupying managerial roles will also find it useful for undertaking business continuity initiatives in their companies. Without further ado, consider a few things to know and a few things to do in preparation for World Backup Day.
What the Experts Say
Disaster recovery experts agree that data loss is unacceptable. This sentiment is often followed by recognition of the unfortunate fact that data loss is inevitable. Perhaps for this reason, a group of researchers from Stony Brook University urge that “backing up important data is crucial.” European Union Agency for Cybersecurity echoes this statement in ISO/IEC Standard 17999 reminding that backup is an “important part for maintaining the integrity and availability of information.”
Here at NAKIVO, we cannot agree more with the expert take on the role of backup in the maintenance of data integrity. To further emphasize the importance of backup, let us present you with the recent statistics on data protection and data loss.
What the Numbers Say
11 seconds.  That’s the expected frequency of ransomware attacks by the end of 2021. And the average time it takes a business to recover after a ransomware attack is a whopping 16.2 days.  Can your company take a productivity hit of this scale? What about noncompliance penalties, lawsuits, falling share prices, damaged reputation and missed business opportunities associated with data loss?
No matter how devastating, the encryption of your digital assets with ransomware is not the sole cause of data loss. Other data loss threats to look out for are incidental deletion, malicious deletion, hardware malfunctions, software corruption, and retention policy gaps, to name a few. If one or several of these threats manifest in a data loss incident, the cost of associated downtime can reach upward of $11K per minute. 
Financial consequences notwithstanding, more than 20% of SMBs operate without backing up their data.  The organizations with data contingency plans see 50% of their restores fail due to poor backup management. 
Ahead are more backup statistics at a glance:
What You Can Do
Now you know the bad news: The stakes of losing your data are high, just as high as the probability of data loss. With this in mind, let’s move on to the good news. Backing up your data is not a complicated endeavor. Gone are the days when you had to run manual backups. Nowadays, you can choose among dozens of commercially available backup solutions to protect the integrity and safety of your data. Pick the one that fits your budget and reliability requirements, and follow these practices:
- Apply the 3-2-1 rule
At the risk of stating the obvious (Reassuring note: Less obvious backup practices are soon to follow), let us emphasize the importance of following the tried-and-true 3-2-1 rule. It goes like this. Keep at least 3 backup copies on 2 different media one of which is located offsite. The incorporation of the rule into your backup strategy is your best bet against data loss.
- Store your backups offsite
In line with the 3-2-1 rule, at least one backup copy should reside offsite. If your primary on-site backups are compromised, which is not an uncommon occurrence, you can fall back on the viable restoration option. It doesn’t matter that much whether you opt for physical or cloud storage; the important thing is to keep your backups out of harm’s way.
- Run incremental backups
Storage space accounts for a large portion of your backup budget. It stands to reason to consume as little storage space as possible, which is why you want to run incremental backups. Rather than copying your entire data set every backup cycle, copy only data that has changed since the previous incremental backup. Not only does this allow you to save storage space, but it also spares system resources.
- Verify your backups
Your backups are only as good as the recovery possibilities they offer. If you can’t recover in a critical moment, there’s no point in storing useless backups. For this reason, you should opt for a data protection solution supporting automatic backup verification. It’s also not a bad idea to set up email reports informing you about successful backup verification.
- Test your disaster recovery plan
Not unlike backup verification, testing your disaster recovery (DR) plan is a critical piece of the data safety puzzle. By doing so, you mitigate the risk of unsuccessful data retrieval, which can bring your organization to a halt. Before you start, define RPO, RTO and other DR objectives as well as determine the testing frequency and success criteria. Then, run the test and evaluate its results.
- Encrypt Your Backups
Another good practice to follow is to encrypt your backups to prevent unauthorized access to your data. Since the purpose of data encryption is data safety, make sure to use AES 256 — the encryption standard universally recognized for its reliability. By encrypting your backups in flight and at rest you can ensure that no one can access them without permission.
- Automate backup routines
Back up regularly; back up frequently. To spare yourself the hassle of running backup activities over and over again, automate them. Thus, you will save a tremendous amount of time and maximize the effectiveness of your backup efforts. Also, there’s no getting around the fact that you can make some errors while executing repetitive data protection tasks manually.
- Adjust for BYOD
Since there’s no sign of waning of the bring your own device (BYOD) trend, you should adjust your backup policy for it. Make sure that the home devices brought by employees to the office are also backed up regularly. To minimize errors, backups should run without employee involvement while imposing a minimum resource strain on their devices.
- Perform application-aware backups
Your organization will be well-served by performing application-aware backups. This type of backup captures the complete state of applications at the moment of backup creation. Thus, when it’s time to restore from backups, you will not have to worry about bringing your applications up to a consistent state.
- Control access to backups
You should have different levels of restricted access to your backups. After all, not everyone in your company is in charge of data protection activities. The easiest way to eliminate unauthorized access is by implementing role-based access control. It will also help you track who and when seeks access to data protection resources and activities.
Data safety is the sum total of consistent actions. By abandoning the haphazard approach to backup and adopting a holistic view of data safety in your organization, you will move closer to its operational stability. And there’s no better day to start than today.
- Global Ransomware Damage Costs Predicted to Reach $20 Billion (USD) by 2021. Cybercrime Magazine, 2019.
- Ransomware Attacks are Causing More Downtime than Ever Before. ZDNet, 2020.
- The Cost of Downtime. Datto, 2020.
- How Prepared are SMBs to Recover from Disaster? Helpnetsecurity, 2020.
- 10 Backup Statistics Every Business Needs to Know. Justgilbey, 2020.