If all your company did was copy data onto a CD, this would technically function as a backup to some degree. But would that backup be easy or efficient to recover? And would that form of storage be considered the safest and most secure?
Security best practices for some industries like medical, financial, or legal may call for backups that are hard to restore but are more protected from disaster or hacking. To better ensure a balance of ease of access and recoverability with security and compliance needs, consider the following:
How frequently should you back up your data?
The answer here depends on how often you alter data and how fresh your data needs to be at any given moment.
Critical data that is accessed multiple times a day should be backed up daily. Data that isn’t touched as often can generally afford to be backed up less frequently, whether on a weekly, monthly, or even quarterly basis.
When the data in question is related to compliance, it usually needs to be backed to a few secure locations once. After that, it should be safe for years to come.
Do certain types of data need to be backed up more frequently than others?
Data and files that are accessed frequently should be backed up often. Documents that contain critical information, particularly when related to compliance, should be backed up regularly even if not used daily.
How many backups should you keep and for how long?
This depends on a number of factors. How valuable is the backed-up data? What’s the risk of loss vs. the cost of extra storage space? How soon would you need to be able to access the data?
The answers to these questions will vary for every organization due to each one's unique needs and preferences. In most cases, the best practice is to have two backups, one kept onsite and another stored in the cloud.
How long should you keep backups?...forever! We don’t mean keeping every version of a backup you make, but always be making backups and keeping them stored. The more relevant question when it comes to storage is what length of version history to keep.
In general, maintaining a rolling 90-day version history provides a balance between the protection of recoverability and the costs of creating and maintaining backup data. This period can be shorter or longer depending on particular business needs.
Where will your backups be stored?
The standard for backup storage is to have both onsite and offsite storage locations; local network storage and a cloud-based system. Utilizing cloud-to-cloud redundancy is also an option, but only done in a handful of specific cases when added protection of redundancy is needed.
How quickly will the data need to be recovered to prevent disruption?
This depends on what exactly needs to be recovered. Generally, the more data that needs to be recovered, the longer the recovery process will take.
Recovery times aren’t always in your control. It’s important that your organization focus its efforts on setting up a data recovery process to maximize speed and efficiency. This can involve anything from centralizing data organization to ensuring ease of access with external backups.
Who will manage the backup? How automated can your process be?
The backup process should be 100% automated to save time and ensure completion so that the backup isn’t missed or forgotten about. The process might be overseen by an IT Manager, a member of your IT staff, or your managed service provider (MSP).
Which data is most critical?
It’s difficult to determine which pieces of data are more critical than others. Your organization should create rules that explain what counts as critical data within your business.
A way to accomplish this is to ask, "if I were to lose this today, how necessary would it be that I immediately recover it?" Asking these questions should lead your team to determine not only what kinds of data matter more but how frequently they should be backed up and the number of copies to have.
How are your backups going to be secured?
All important backup files should have strong encryption. Keep in mind that this may add to the computational load and slow down the backup process.
The location of the data and how it is stored should be considered for security. Backups that are stored on properly managed external systems create additional protection against natural disasters or theft of hardware that might occur at your office.
To keep your stored data safe, remember to give your backups strong passwords. Multi-factor authentication (MFA) should also be enabled for even greater security.
If your organization lacks the resources to handle critical IT projects or simply needs additional resources to augment your existing team, consider our Managed IT services.