Organizations that follow data backup best practices have a much greater probability of recovering their data than those that ignore such practices. And in an era of rampant data loss, every improvement in your odds of recovering data brings you a step closer to cyber resilience.
One survey found that three out of four (76%) responding organizations have had to deal with a sudden loss of the data they need to run their business. Worse yet, for almost half (45%) of them the loss was permanent. How can that be, when nine out of ten organizations claim to back up their databases?
The problem lies in the difference between simply backing up your data and applying data backup best practices. This post explores eight often-overlooked but nevertheless important practices that backup administrators and system administrators can follow to build out data protection and recover from an outage more quickly.
What is data backup?
As the name suggests, data backup involves creating one or more copies of existing applications and data as a safeguard, should anything befall the original. In case of outage, service disruption, malware attack or natural disaster, the copy or copies will then be available. Data backup is an integral part of disaster recovery and business continuity.
Conventional wisdom and data backup best practices dictate keeping multiple copies of your data and storing them on premises, off site or in the cloud. Choices are limited only by the amount of administrative overhead it takes to create the copies and the amount of space needed to store them.
Why is data backup important?
Most of the time, data backup does not feel important; in fact, to most IT professionals it feels like an obligation. But when the need to recover from data loss suddenly arises, there is nothing more important than data backup, and nothing more stress-relieving than having followed data backup best practices.
Data backup acts as a last line of defense against human error, natural disasters and malicious attacks. So closely intertwined are an organization’s data and its overall health that few companies manage to recover from catastrophic data loss. Although data backup best practices may not be as appealing to an IT professional as the latest technology innovations, they play a big role in business continuity nevertheless.
Key data backup best practices
The worst time to learn that your data backup process is inadequate or broken is when you need it to be flawless. The following best practices, when properly followed and regularly tested, will greatly increase the likelihood that you will be able to recover from a data disaster.
1. Apply the 3-2-1 rule
As noted above, smart IT organizations maintain multiple data backups. If one copy reduces your risk of having a single point of failure, then two copies can reduce your risk even further.
The 3-2-1 backup strategy has become the gold standard:
- Keep 3 copies of data
- Store 2 copies locally on different types of media
- Store 1 copy offsite, such as in the cloud, at a remote site or on tape
Redundancy is the essence of this strategy. In a disaster, you’ll want to be able to turn to as many potential sources for recovery as practical.
2. Encrypt backups
If you suffer a ransomware attack, one of your first impulses will be to restore from backups. But how can you be sure that the ransomware has not infected your backups as well?
One way to defend your backups from attack is by encrypting them. Even if attackers reach your backups, they will be unable to make head or tail of them without the encryption key.
Note that the traditional practice of encrypting only offsite backups assumed that it was safe to leave on-network copies unencrypted. Data backup best practices now encourage encrypting them both in transit (i.e., while copying from source to target) and at rest (where they are stored).
3. Back up Active Directory
Recovering an entire network extends to the obvious assets like applications, databases, user files and the operating system. But it is Active Directory (AD) that enables users to access objects like shares, printers, endpoints, groups and domains on the network. AD is a database of services and resources on which users rely to accomplish their tasks and which an attacker can misuse to grind your organization to a halt. The network depends on the authorization and authentication services defined by AD.
Because Active Directory attacks are not uncommon, data backup best practices dictate that you back up AD as often as you back up other assets on your network. That will enable you to recover at the granular level of a single object, attribute or domain controller, and at the high level of an entire forest.
Backing up AD is not the same thing as backing up your operating system state, however. An Active Directory backup protects the components specific to AD, such as registry elements, SYSVOL and the NTDS directory.
4. Ensure backups are immutable
In many attacks, the objective is to encrypt an existing file, modify it with malware or delete it altogether. That is true for viruses, Trojans and ransomware. For example, if an attack infects your backups with ransomware, then your lines of defense are useless; you have nothing reliably safe from which to restore your systems.
Enter immutable storage, a technology that prevents any attempts to encrypt, delete or change a given file. Immutable storage ensures that backed-up data cannot be altered or deleted by human error, ransomware or even by the person who stored it. The data persists as originally stored until the deletion date specified by your organization’s data retention policy.
WORM (write once, read many) storage is one type of immutable storage and a valuable resource during recovery. A copy of your backup data stored on WORM media plays to the “2” in the 3-2-1 strategy because it cannot be modified or deleted.
5. Air-gap your backups
Immutable backups enable you to protect media that stays connected to your network. A related option is to air-gap your backup media by disconnecting it physically and logically from the network. Any removable media, from a USB drive to a magnetic tape cartridge, can be air-gapped simply by removing it and storing it where no network connection is possible. The separation between production data and backup data is important during an attack.
Air-gapping has the advantage of security through isolation; however, the corresponding disadvantages are inconvenience and latency. In the wake of an attack, when your organization is clamoring for data recovery, you will spend precious minutes and hours retrieving, moving, accessing and restoring data. Air-gapping is best regarded as just one of your backup strategies, in combination with online data backups, adding up to both secure and speedy recovery when needed.
6. Limit access to backup repositories
As the 3-2-1 strategy keeps you from putting all of your eggs into one basket, it’s a data backup best practice to avoid concentrating all backup access in one person. If an admin has access to all your backup repositories and the admin’s credentials are compromised, the attacker gains illicit access behind your last line of defense.
The prudent approach is to limit backup access, not only at the level of your backup console software but also to the physical repositories themselves. That involves distributing backup tasks between two or more admins, each of whom has separate, non-overlapping responsibilities and privileges.
An example is to designate a backup team comprising three admins. One of them is responsible for, say, creating backup jobs, another for setting and maintaining retention policies, and the third for reporting. Decentralizing the organization’s backup function would reduce exposure in case any of the admins’ credentials were stolen.
7. Back up data continuously
Continuous data protection (CDP) is the data backup best practice of backing up any changed data between two points in time and maintaining a log of the changes. The combination enables admins to restore an IT system to the later point in time. It depends on an initial, full backup and an incremental forever, rather than regularly scheduled, incremental backups at given times on given days. Incremental forever backups take place daily, or even intermittently throughout the day. Any interval that is acceptable to the organization is fine; the essence is that data protection is ongoing and continuous.
The incremental forever depends on backup software and algorithms that do not interfere with other processes or burden the network unduly. For CDP to truly pay off, the incremental backups must remain relatively small and the amount of time spent on backup must remain short. That way, the organization can meet its recovery point objectives (RPOs).
8. Regularly test backups
Perhaps the data backup best practice most often overlooked is to test your plan. In general, products notify you automatically that the backup operation has taken place, but they don’t (and can’t) test your backup automatically. The proof of the pudding lies in ensuring that you can successfully restore from backup and that your systems can access the restored data normally. All of that work is up to you and your fellow backup admins.
Consider these typical levels of testing:
Protect all your systems, applications and data.
- Remind stakeholders of the broad strokes of your plan for recovering data in case of an outage. The goal is to keep eventual recovery fresh in everyone’s mind, because there’s no predicting when the need will arise.
- Using different scenarios, walk through your plan for responding and recovering data every quarter or so.
- Moving from talking to action, make a dry run of at least one aspect of your data recovery plan. That could range from simulating a ransomware attack to ensuring randomly chosen employees can satisfactorily work remotely.
- Conduct a fire drill of your plans to respond to an outage and recover from it. Do that first for a specific group or department, then later for the entire organization.
Those techniques are especially useful anytime your organization has undergone a structural change in the IT landscape, or a business change like a merger or acquisition.
By definition, testing takes time and resources away from everyday production activities. But wouldn’t you rather know which data backup best practices you need to focus on before a crisis occurs?
Conclusion
When you develop, implement and – most of all – stick to a data backup strategy, you arm your organization with the practices to survive the most common disruptions.
Some cost is associated with all data backup best practices, whether in administrative overhead, person-hours or storage fees. Those costs are a kind of insurance premium your organization pays to minimize the risk of data loss from deliberate attacks, human-prompted accidents and unpredictable disasters. Consider them the cost of doing business in an era of never-ending threats.