December 2016

How to design a backup strategy

How to design a backup strategy

How to design a backup strategy

How to design a backup strategy

Your business continuously generates additional data. Being without your data for even an hour could be expensive and extremely detrimental. The answer is to back up everything. All the time. First, you need to choose what you’ll use for backup, and then you need to decide on a combination. One source of backup is never enough.

Readily available options

Direct attached storage (DAS)

DAS devices connect to your PC or server (usually via USB). They are handy and portable, which means they could be taken out of action at the same time as your main storage if the issue is something like theft or fire damage. That makes them a great first line of defense, but don’t make the mistake of depending on these devices for your entire archiving and disaster recovery plan.

Network attached storage (NAS)

NAS appliances connect directly to the network. They have file server and redundancy capabilities, and in some cases, they have the ability to synchronise data with a compatible remote NAS.

This demonstrates the necessity for a remote solution, which is essential to any robust strategy. This might involve physically rotating devices offsite; however, if they aren’t taken far enough away from the site, the same event, such as an earthquake, might still jeopardise the components in your backup system.

Disaster protected storage

One precaution to take against fires, floods, or earthquakes is disaster-protected NAS or DAS units. These devices are built tough, and manufacturers claim that the devices have the ability to survive day-long baths or periods of fire. This isn’t always the case.

Fears of Mass Data Loss Disaster with ATO storage.

Therefore, we always recommend to check and verify that data is recoverable at least once a year and ideally every quarter.

Going online

Assuming your online provider’s servers are located far from your computers, you’re insulated from a city-wide disaster when you upload your data. On the upside, you’re not investing capital upfront, and sending data online works well if it’s done in installments; however, an initial upload (seeding) can require a long period of time, as can downloading data in the event of a disaster, if you need a full restore. We can do initial seeding of your backup, which means we’ll upload your data at our office with the fast link to a cloud storage.

Private cloud

A private cloud has all the advantages (and disadvantages) of sending your data online without the worry that it’s in the hands of a third party. It can be prohibitive for small businesses, but innovations have made the private cloud more affordable and worth exploring.

Old school

Backing up data to tape drives, DVDs, and Blu-Ray DVDs may seem obsolete, but Google and Facebook use tape and optical media.

The right combination

A good starting point is the rule of three: 2 + 1.

    • 2: A full copy of everything on at least two different physical devices plus plus
    • 1: A third copy that’s offline at another location. Consider investing into automatic cloud backup

The offline version is critical. It can’t be hacked, it can’t be corrupted accidentally, and it’s harder for someone with malicious intent to access (a rampaging ex-employee, for instance). Like everything else associated with data, a good backup strategy involves simple math.

Call us on 1800 12 42 32

 

Do not open a door for data thieves

Do not open a door for data thieves. Lock your Data

Do not open a door for data thieves. Lock your Data

Do not open a door for data thieves.

In the movies, hackers only have to swivel from their pizza boxes back to their keyboards and type a couple of lines. With that, they have access to everything from their target’s credit card number to their emails and appointment books.

With organisations investing heavily in IT security, the reality might be a touch more difficult. That means those with malicious intent are becoming physical. They might come to your premises to steal the information they’re after. Alternatively, their visit might be a preliminary step, such as stealing a manual or a telephone directory they can use for social engineering.

Your light-fingered visitor might not be a visitor at all. It might be an insider—an employee or a contractor.

 

If someone can walk into your office and walk out with an unsecured laptop loaded with customer and financial information, it might be a lot easier than trying to hack their way into the same information.

Here are some simple tips.

1. Lock down the lobby

If you’re lucky enough to have a receptionist, don’t assume they’ll be able to have their eye on the door to the interior at all times. If you don’t have a receptionist, you definitely need a locked door between the entrance and the equipment

2. Lock the data centre

Someone with their hands on your equipment can do things that someone with only remote access can’t. Whether your data centre is buried in a mountainside or a server cluster in a cupboard, lock it.

3. Check the locks

Proximity cards seem secure, but those beeps on acceptance can give a false sense of security. Make sure you’re using encryption or that someone nearby can simply capture the data and clone the card.

4. Keep “eyes” on at all times

The price of cameras and hard drives is so low today that there is no excuse for not having cameras. We recommend Axis or Bosch cameras as most reliable

  1. They’re a deterrent
  2. They’ll show you a threat in progress (if you’re watching—put a monitor on someone’s desk)
  3. If you’re not watching, you can review afterwards

5. Secure the portables

A central locker is a good thing to provide for laptops and external drives. If you don’t want to have to move the laptop from your desk every time you walk away, you can lock it to the desk. Portable locks are available when you’re using a laptop on the go.

Whatever physical security solutions you choose, the most important thing is to remember that you should always be aware of the physical weaknesses in your IT security.