Originally published on the Barracuda Blog, March 26, 2019, by Christine Berry
Data breaches are everywhere, and no company is immune from the automated and persistent attacks from all over the world. It’s not difficult to keep up with the news on the larger incidents. A quick search of this morning’s news revealed that Citrix was hit with a possible state-sponsored attack, UCLA Health is finally settling it’s 2015 breach, and at least one company is refusing to even acknowledge that it has an active breach at the time of this writing.
Data breach vs data loss
Data breaches often dominate the headlines, but data loss can be just as devastating. The term “data loss” can be used to describe breaches, and Data Loss Prevention (DLP) technologies are designed to help admins prevent sensitive information from being sent to unauthorized parties. For example, many companies employ DLP policies that quarantine outgoing messages containing data that fits the format of an account number or other confidential records. DLP technology is an important piece of security for any company.
Data loss can also mean just what it sounds like: a loss that leaves you without the information you need to conduct business or enjoy personal files like photos, music, digital diaries, etc. If you’ve been around long enough then you’ve been through this, and you know that it can be anything from a minor nuisance to a horrible, life- or career-altering event. It all depends on your backup.
Looking back on backup
When World Backup Day (WBD) was launched in 2011, technology had already progressed through several types of data storage. One of the first types of computing storage was the punch card, the first version of which was used to tabulate the data from the 1890 census. The general consensus with punch cards and punch tapes was that it was more cost effective to increase protection of the data rather than make copies of it in case of loss.
Punch technology went through a variety of improvements until it gave way to magnetic tape in the early 1950s. Within 15-20 years, even smaller organizations started using tape to back up their computer data. As disk drives became more available and less expensive, businesses migrated away from tape for practical reasons. Home computing also started to take off, and disks made backups easy for the home user.
In 2011, the most common types of backup were
World Backup Day
Data backup procedures and technology has been made so easy that anyone can do it. So why do we still talk about World Backup Day?
Let’s start with the obvious: many companies still do not prioritize backups. They may have the technology and they may have configured it correctly several years ago, but things change. Applications are added, important data is moved, priorities are changed. Data backups have to be evaluated on a regular basis so that all the critical data is identified and protected by backup. World Backup Day is a high profile reminder to check the operation and configuration of your backups.
As part of this review, consider the 3-2-1 approach to data protection. This approach means that you keep three copies of your data (including the original) on two different storage types, with at least one copy off-site. This is just a starting point; you may find that two offsite copies (3-2-2) or two separate cloud copies (3-1-2) better suit your needs. Your goal is to eliminate any single point of failure from your backup procedures.
It’s up to you
Ultimately you get to decide what WBD means to you. You can ignore it, as many people will, or you can use it as a reminder to schedule some time to work on your backup. Maybe it’s time to upgrade to a more efficient solution? Maybe it’s time to change your backup schedule? Or maybe it’s time to have a conversation with someone about data protection. If you have all of that taken care of, it’s still a great time to test your procedures, double-check the location of data, and make sure that your backup plan is working as expected.
WBD is also a good reminder to talk to co-workers about protecting data from human error. This type of error includes things like accidentally damaging a system, using an infected USB stick, succumbing to a phishing attack, and several other scenarios that extend beyond inadvertently deleting a file.