With cyber attacks on the rise, it is essential for your business to be prepared in the event of a disaster. Most businesses have offsite backups that they can use in the event of a disaster or attack, but how reliable is your backup? Have you tested it to make sure that it can restore your information in a timely manner and get you up and running again quickly? Routine and regular backup testing can alert you to possible failures so that you can take appropriate action. In order to have little to no impact on your business operations and financials, a comprehensive and quick restoration is important to making sure you are prepared in the event of a disaster.
In 2017, Cockrell Hill Police Department out of Texas announced that fell victim to a ransomware attack resulting in the loss of 8 years of data. This data loss included evidence pertaining to ongoing investigations. This data was unrecoverable.
In 2016, Marin Healthcare District in California reported a ransomware attack, which resulted in the loss of data from 5,000 patients. The staff were also unable to access patient data for more than a week. Back to paper charts!
While these are some extreme examples of data loss, most disasters only account for 10% of downtime. Believe it or not, 58% of downtime incidents are the result of human error according to Oracle User Group. The top causes of downtime are human error, security, hardware and/or software failures, interoperablity and migration issues, followed by disasters. Downtime is extremely expensive to organizations so developing a successful backup plan is essential.
The Data Network Group published an article with alarming statistics that prove how meaningful a reliable backup can be in the event of a disaster.
- 60% of companies who experience data loss shut down within 6 months of the event.
- 140,000 hard drives fail in the United States each week.
- On average, small companies lose over $100,000 for each ransomware incident due to downtime.
- Data loss has risen 400% since 2012.
- 68% of small to medium-sized businesses do not have a disaster recovery plan.
- 58% of businesses do not have a backup plan for data loss.
With these statistics, your best bet is to invest into developing a successful backup plan for your business. After all, you don't want to fall victim to becoming one of the aforementioned statistics. Two out of three companies attacked by ransomware pay the ransom in addition to the loss in revenue due to downtime. While this encourages cybercriminals to continue attacking other businesses, it can also lead to another attack on your business. The attacker recognizes you as a source of income and can target you again. This is even more reason to ensure you are prepared with a proper backup to avoid paying the ransom as well as any loss in revenue.
With the proliferation of mobile phones, tablets, and laptops, the attack surface has grown commensurately. A disgruntled employee and corporate espionage also pose as security threats to organizations. Viruses, ransomware, malware, bots, trojans, phishing scams, attacks on firewalls should all be factored into a disaster recovery plan. Of course, backup testing is an essential component to any disaster recovery plan.
Strategies for Successful Backups
There are several strategies you should focus on to ensure a backup will be successful.
- A backup test should cover all bases. If the backup only restores part of your data, it is not useful in the event of a true disaster. You should test restoring full systems to a virtual machine, including applications, databases and individual files.
- Fully automate your backups. By automating your backups as much as possible, you will save yourself a lot of time and headache. While this often entails a lot of work on the front-end, it will save you time and money in the long-run when a true disaster occurs.
- Routine and redundant backups. Backups should be tested in a regular cycle, whether monthly or quarterly. A backup should also be run after any significant changes or additions have been made to an application. It is similar to saving a Word document…you don't want to lose all your hard work, so make sure you do routine backups.
- Test for backup accuracy and recoverability. You must run and restore your backups to ensure they are able to be restored. You want to look to ensure that the backup is complete and accurate.
- Keep a copy in a secure location. Lastly, you don't want to have a backup, but find it is destroyed in a natural disaster, hardware loss or any other unforeseeable emergencies and cannot be retrieved.
Automated Backup Testing
Regularly downloading a backup and performing a full restore to a virtual server sounds difficult, but in reality it can be done by automating processes. A professional technician can set-up a backup to run in regular intervals and restore by automating processes. This automated process can then e-mail a report with query results to determine if the backup is accurate and recoverable. Since these reports can be detailed and difficult to decipher, it is often best to consult a professional like Blue Ridge Technology. They can assist you with setting up an automated backup and show you how to perform backup testing.
Recovery Time Objective (RTO)
The retrieval and restoration of backup in the event of a disaster should be completed in a reasonable timeframe for business expectations. Backup testing should provide your business with the maximum amount of time your business should expect to be down in the event of a disaster. The goal is to avoid a break in business continuity. Recent surveys suggest 4 hours is the norm for for this type of event depending on the severity level. Again this is where a comprehensive and reliable backup comes into play. By consulting a professional to develop a disaster recovery plan, you can make sure you are prepared for a disaster.
With so many threats to organizations, having a plan in the event of a security threat can give you peace of mind. Make sure your business is protected in the event of a disaster by contacting Blue Ridge Technology today. We are committed to providing unparalleled IT service to businesses in WNC. Our managed services have been protecting and securing small to medium-sized businesses for the last 10 years. We look forward to sharing our knowledge with you.