Welcome back for day 2 of my top 5 controls for all businesses! Today’s control will highlight the importance of backing up valuable information. Have you ever experienced a computer freezing before you had the chance to save an important document? Or accidentally deleting a file and having no idea if, or how it can be restored? Backing up company information and data can save you much more than just frustration. A 2019 report from LogicMonitor shows that 96% of organisations experienced a data outage within a 3 year period and that loss of data can lead to $8000 per hour downtime.



What is backup and recovery? 

Let’s start off by exploring the definition of backing up information and data. Backup and recovery is the process of creating and storing copies of data that can be used to protect your organisation against data loss. This process can also be referred to as operational recovery. Backing up data typically involves taking a copy of data and storing it in another place so that it can be accessed or recovered should the original copy become inaccessible. 


Why is backing up data important?

The purpose of information backup is to create a copy of data that can be recovered in the event of a primary data failure. Primary data failures can be the result of hardware or software failure, data corruption, or a human-caused event, such as a malicious cyber attack through a virus or malware, or accidental permanent deletion of data. Creating backup copies allows data to be restored from an earlier point in time, ensuring that your business can recover from an unplanned event. 

68% of businesses have reported losing data due to accidental deletion or hardware/software failure. Aside from the agonizing anxiety of losing the CEO’s presentation, loss of business-critical data can have serious consequences for employee productivity, customer experience, day-to-day operations and even revenue.

Backing up your data

The best part of this control is its simplicity. I suggest first identifying and separating data based on its level of criticality to your business. (Top Top – Remember that there are legal requirements and regulations for handling public data and these must be a high priority). It is a good idea to categorise data into one of the following categories: ‘Public’, ‘Private’, ‘Confidential’ and ‘strictly Confidential’. Once you have your data categorised, you can choose the required level of backup to suit your organisational needs.

For best results, backup copies should be made on a regular basis in order to minimise the amount of data that could potentially be lost between backups. The more time that passes between backup copies, the higher the risk of data loss when recovering from a backup. The optimal period of time between backups really depends on the type of data in question, how often it is edited or updated and its criticality to your business. Retaining multiple copies of your data provides the ability to restore to a point in time not affected by data corruption or malicious attacks.

Where to backup your data 

Choosing where to back up your data ultimately depends on your business requirements. When choosing a solution (which could be a hybrid based on data sensitivity), be sure to take into account the security provided (2FA, password requirement and file encryption), the amount of storage required and the ease to upload, edit and share files. Based on these criteria, take a look at my list of suggestions below.

  1. Cloud storage
    Cloud storage is by far the most convenient method of backing up your data. Using cloud storage means that your data will be accessible on any machine, anywhere. Always ensure that passwords are secure and it is also advised not to access your cloud storage on public computers. For confidential information, I also recommend ensuring that there are restrictions on who can access the data. This may be certain individuals within your organisation or on an invite-only basis. My recommendations for free online cloud storage are:
    I.   pCloud

    II.  Backblaze

    III. Dropbox

    IV. Google Drive
  2. Data Backup to Local or USB Disks. 

If you have enough capacity on your local disks, you can back up to them or to external USB drives. These backups are fast and convenient and you don’t need a network. The downside of local backups is that if the system is destroyed (e.g by fire or flood), your backups could also potentially be destroyed as well. Also in many cases, you need to manage these backups on a computer-by-computer basis, which makes it cumbersome for larger environments.Local and USB disk backups are best for quick backups of a small number of systems and are designed for the recovery of individual files or systems in the event of software failure.


Build it in to the process

In summary, you can think of backing up data similar to insurance. It’s something you need (to do), but hopefully, not need to call on it. If an unexpected event occurs, being able to quickly access unavailable or corrupt data can save time, money and resource which will help business operations to run smoothly without interruption. As mentioned in my previous article, a robust security program is a process, not a solution. Therefore, become proactive by building valuable data backup into your weekly, monthly or quarterly security process so that you’re ready for the unexpected.