Backup and recovery is a critical part of enterprise IT, ensuring that organizations have access to their most critical data and the ability to maintain operational continuity even in the event of hardware failure, data loss, cybersecurity incident, or natural disaster. While the basics and best practices of backup have stood the test of time, storage technology and media are constantly changing. Businesses that want to stay competitive have to keep pace. This article provides 11 backup best practices to help organizations avoid data loss, protect backups from malware and corruption, and speed up recovery in the event of an incident or disaster.
1. Implement the 3-2-1 Backup System
The 3-2-1 formula for backup has been around for years, which means it’s tried and true. The gist is simple:
- Make three copies of your data.
- Use at least different types of media.
- Keep one of them offsite.
There are many possible permutations—for example, you might keep one copy of your data onsite or in the cloud, another in a backup server or backed up to the cloud, and one offsite and easily available in the event of a disaster. The specifics are less important than the overarching message, which is that you should not trust any single backup, type of backup, or backup location. And even as technology evolves and new storage media comes and goes, the simplicity of the 3-2-1 pattern holds true.
2. Consider the Convenience of Cloud Backups
Backing up into the cloud is far more convenient than many other approaches. It’s also typically simpler and more affordable than maintaining the internal infrastructure to rival all the benefits of cloud storage.
It’s hard to argue the ease of paying a monthly subscription fee when you’re saddled with heavy upfront capital expenditure costs and ongoing operating expenses of an on-premises solution. In some cases, the software fees and employee salaries needed to manage an in-house solution cost more than what you’d pay for cloud fees—and that doesn’t even include the hardware acquisition costs.
Cloud is not just affordable and convenient. It’s also secure. There’s a reason the majority of enterprises rely on it for some or all of their data storage. Your backup should not be an exception.
3. Use a Backup-as-a-Service Provider
You should use cloud storage for backups, but that doesn’t mean you should just shunt every piece of data to the cloud. Doing so can result in a host of problems from difficulty finding data when you need it to spiraling costs, not to mention cloud sprawl—data scattered across many different cloud repositories.
If your own backup strategies are lacking, you’d almost certainly be better off employing the services of a backup-as-a-service (BaaS) provider who can take care of all your enterprise backup and recovery needs. Many are designed specifically for enterprise users and include all the security, privacy, compliance, and automation features that businesses require. Trust your data to the pros.
4. Store Your Data in Multiple Clouds
The logic behind a distributed cloud approach is straightforward: if all essential workloads are running in a single region, cloud backups will suffer due to performance slows or downtime at some point. Even Amazon Web Services (AWS) customers have experienced outages in recent years.
If all your eggs are in one cloud provider’s basket and an entire region is down, all of your applications and backups are out of reach until services are restored. A thoughtful approach to multi-cloud storage—storing data in one region and backups in another, for example—can ensure access, ease of recoverability, and peace of mind.
5. Prevent Cloud Backup Costs With a Backup Strategy
When cloud backup first emerged, some organizations began to dump their backups onto the cloud as an easy solution—but they soon began to be hit by unexpected cloud fees as their backup bills kept pace with their accelerating storage capacities. A successful backup strategy requires actual strategy.
An organization using the cloud for backup without one could be storing massive amounts of unnecessary data—an excessive number of backup copies or expired or orphaned snapshots, for example. Or disparate parts of a business might all be paying separately to backup their own data rather than a centralized, organization-wide cloud management effort. Good IT teams manage backups across the enterprise to control costs, streamline recovery, and maintain accountability.
6. Delete Old Backups
Backups need to be purged from time to time, regardless of whether they’re stored in-house or in the cloud. Consider that some organizations are storing a complete backup every month, or even weekly—this adds up to a lot of storage over time. It can also add up to the unnecessary costs mentioned in the last section.
But there are other reasons to keep a clean backup. For one thing, it makes it easier to find and restore what you’re looking for when you need it—because when you need to restore a backup, it’s usually a high-priority need. Also, it becomes more difficult to sort through old files when they’ve been allowed to accumulate unchecked for long periods of time.
Third party retention tools can help with this. But an even simpler solution is to establish a data retention policy that determines what backups are kept and which are purged after a set amount of time, and stick with it.
7. Keep Backup Infrastructure and Systems Up to Date
Some organizations are still using small tape drives for weekly or monthly backups, and others rely on consumer-grade backup solutions when enterprise-class cloud services offer more features for little additional cost. If your backup infrastructure is aging, it might be time to give it a facelift to keep up with changing technologies.
Review your backup approach, systems, and technologies regularly. You don’t have to switch to the latest and greatest just because it’s new, but neither do you want to miss out on faster, more reliable, and more secure backup tech—especially if it’s more affordable.
8. Secure and Assess Backups Regularly
In the grip of a ransomware attack, you don’t want to be let down by your backups—and yet it happens all the time. Organizations’ confidence in their backup practices masked their complacence, at least until they tried to restore and learned that the malware had already infiltrated the backup system, or worse, their backups were unaffected by malware but were corrupted or incomplete.
Storage and backup security firm Continuity analyzed more than 700 storage and backup devices used in more than 200 enterprise environments from a mix of providers (Dell, NetApp, Veritas, Hitachi Vantara, Pure, and Commvault) and found hundreds of security issues. Before you need your backups is not just the best time to find and correct security risks, errors, or failures—it’s the only time.
9. Patch Your Backup Software
Unaddressed common vulnerability and exposures (CVEs) are among the security weak points that impact backup systems. Backup appliances and backup software are subject to regular updates to fix bugs, add features, or plug security holes—but many organizations neglect patching. Unpatched vulnerabilities in backup systems are the main points of attack for ransomware.
10. Use Air Gaps and Sandboxes
Cyberattacks on backup systems are commonplace. Organizations get hit by ransomware and find backups infected, or hackers use backup vulnerabilities and misconfigurations to gain easy entry into enterprise systems.
Isolating backups and backup systems from other systems is a reliable way to keep them secure. Using the 3-2-1 approach and retaining one offsite copy on tape in particular can eliminate the risk of infection, as the tape is “air gapped,” or not directly connected to the internet. When a recovery is needed, the tape or tapes can be connected securely and the data sent where it is needed.
Regardless of whether backups are being done from air-gapped tapes, the cloud, or on-premise systems, it is also a best practice to “sandbox” recovered data, or keep it separate from main systems until its security and status can be assured. Scan the data in the sandbox to verify it is clean before returning it to production. Otherwise your organization may go to great lengths to enact a recovery only to discover you’ve reinfected your systems.
11. Emphasize Recovery and Prioritize Data
Backup is useless without recovery—and recovery speed is imperative. If it takes a week to recover all systems, your organization may suffer income and reputational loss. Review all backup processes and technologies in place to see how well and how quickly they can recover organizational data. Conduct regular tests and drills to determine how long it takes to recover data and how much data is recoverable.
Some organizations have deep enough pockets to implement state of the art systems that can ensure all data can be recovered rapidly, but most do not. A smart approach is to choose what data is the most critical to recover immediately rather than trying to recover everything at once. In that way, key systems are up and running in hours and production can resume.
Bottom Line: Protect Your Organization’s Data
Backup and recovery isn’t just a process—it’s also a baseline for how organizations of all sizes keep their data safe at a time when risks abound. From unintentional deletions to hardware failures to file corruptions to malware, cyberattacks, or natural disasters, there is no shortage of opportunities for businesses to lose access to the critical data they rely on for operations, and backing that data up is only the bare minimum.
A good backup and recovery process starts with a strategy and touches on reliability, policy, cybersecurity, IT, and accounting. It should be a living process, one that is regularly reviewed and updated as needed to keep pace with evolving technology and more sophisticated threats. It’s never too soon to tighten up your backup and recovery strategy, but if you wait too long it might be too late.
To learn more about the best vendors providing cost-effective enterprise cloud storage solutions, read 8 Top Storage-as-a-Service (STaaS) Providers next.