The Bransom Blog

Have you got a formal Backup Strategy?

Have you got a formal Backup Strategy?

We all like to think that our computers are secure, won’t break down or catch a virus, but the truth is a failure can hit you when you’re least expecting it.

A recent survey suggests that over half of us either know someone, or have ourselves lost data through hardware failure or virus attack. Even worse, over 20% of us never back up our data!

Alarmingly, many businesses still do not have a good disaster recovery plan in place, and backups are one of the most important parts of this, along with anti-virus software and routine maintenance.

Industry best practice has always suggested a 3-2-1 approach to backups is a good place to start : 3 copies of the data, 2 local (one the data in use and one a backup) and 1 offsite.

One copy, the data in use, resides on the computer. The second on removable hardware such as a portable USB drive or network storage (NAS).

The third is kept offsite, for example on a drive kept elsewhere or in a safe.

Don’t rely on a single backup device as that can also fail or be infected by a virus. For the second local copy, using rotational devices is also good practice – have say 2 USB drives and use a different one each time you backup.

The third copy should be on a different medium, such as a different type of removable drive or a cloud-based storage system such as Dropbox or GoogleDrive, and this would be an offsite solution. Some of these cloud-based systems keep copies of deleted files for a while too and can actually sync the backup data as soon as it’s created. Some providers offer a full backup solution too.

It doesn’t mean necessarily backing up to all 3 at the same time, but changing the backup device each day means you will potentially lose only one day’s data, far better than losing everything!

While this 3-2-1 strategy isn’t a perfect system, it is a great basis for the majority of people or businesses.

This is essentially a minimum backup strategy, but today there are suggestions that a 3-2-2 strategy is better as technology and threats have changed so much since the 3-2-1 model was conceived.

This means there are 4 data copies, 2 on-site and 2 off-site.

One of the main reasons for this is Ransomware, where your data can be infected and encrypted and your local backups are deleted or infected by the ransomware.

The 3rd and 4th copies then are ‘rotated’ between two devices, or more likely cloud systems, meaning that you should have at least one clean copy somewhere.

Backup periods and Archives

You’ll probably organise your backups on a periodic basis – that is, you’ll save and archive data on a monthly or annual basis (so you can keep an archive of a whole tax year for example). You are required (in the UK) to keep your data for seven years.

You may also be tempted to delete data during a period to save disk space, increase computer speed and also reduce the size of your backup files.

If you do, make sure you have archive backups which contain that data before you delete it – you never know when you’ll be asked to show something from a previous year.

Disk space is not expensive anymore, so there are no excuses. Be organised, be safe and protect your business.

Whichever method you choose, it will be better than no backups.