It is reported that 93% of companies that experience severe data loss file for bankruptcy within one year. 50% file immediately. The financial impact data loss can cause includes downtime to recover and fines due to data protection legislation non-compliance. Along with this, you suffer a hit to your reputation, which can be just as difficult to recover from.
So, how can this be prevented?
The best way forward is backups. Whether this is for particular files or a complete system restoration, backups are business critical.
Causes of Data Loss
Data loss can be a result of something malicious, such as malware or ransomware attacks, or innocuous, like accidental deletion. Between those two points, there are a slew of other causes for data loss.
Around 70% of reported data loss is due to hardware issues. Up to 20% is due to human error, and 10% is a result of software failure. For human error, this can be anything from accidentally deleting a core folder, or even spilling coffee on a laptop.
Being aware of what can cause you to lose data is important. Taking measures to ensure ‘gone’ doesn’t mean ‘gone forever’ is crucial.
While backups are the key focus of data recovery, preventing the loss in the first place is also key.
Where you can, ensure users are trained properly in using your systems. Also, keep employees up to date on procedures, and do refreshers to make sure everyone is on the same page. Make sure they are also properly trained about confidentiality and how data can be shared.
Update permissions so certain users cannot access, change, or delete files. Check that users only have access to files relevant to their work. If a user needs access to templates, save them so that they are read-only, and a copy must be saved before it can be edited. Set up a notification so that relevant people are informed when certain files or quantities of files are deleted.
Make sure your password policy requires unique, complex passwords. You should also ensure these passwords are required to be changed frequently. Multi-factor authentication (MFA) is also a great step to take to ensure your data isn’t accessed by unauthorised persons.
Bottom Line: Backups
Even with every prevention measure in place, data loss happens. When it does, your best solution is to ensure you have an up-to-date backup available.
Replicate your data to a location separate from your network. This means your backups are stored in another location, so if you experience a cyberattack, your backups are unreachable by the attacker.
Automated scheduling should be taken advantage of whenever possible. We have all thought about backing up our data, and then taken a while to get around to doing it. By automating your backups, you remove this potential delay from the equation.
Encrypt your backups. A lot of your data will be sensitive, whether that is client and employee details or accounting information. Even if your data isn’t sensitive, per se, having your company files leaked isn’t ideal. End-to-end encryption is best, so that your files cannot be decrypted without your company’s key.
Be aware of recovery time. Having a backup is great, but it isn’t a guarantee that you can be back up and working within a few minutes. Dependant on the amount of data you have, recovery can take anywhere between a few hours and a few days. Make sure you have a recovery plan in place and have tested it for reliability. If the recovery takes too long when you test it, improve the backup and plan, maybe investigate disaster recovery (DR) specific plan.
Types of Backup – Where and How
There are various ways to back up your data. Knowing which is best depends entirely on your IT environment and how you operate your business.
If you are an SME and your users are entirely remote, cloud-based backups could be the answer for you. If your business is solely office-based and involves the use of larger files, such as CAD drawings, you would probably want to opt for local backups.
It’s not all about where you store your data either, but also how. Backups can be carried out incrementally, differentially, or fully. Again, which to go with will depend largely on how you operate. No two businesses are alike and so neither are backup plans.
Adhere to Data Privacy
When planning and carrying out your backups, you must also keep regulations in mind. Your business’s obligation to follow data privacy legislation extends to any backup you have.
It’s up to you to ensure your data will be stored in compliance with GDPR and any other relevant laws (such as HIPPA, PCI, etc.). You need to check to make sure you comply with relevant legislation for where and how your data is stored. This applies to both the original data and any backups.
EnablesIT is a strong proponent of keeping data backed up in a safe, suitable, and legally compliant way. We can help with getting backups in place, managing backups, advice around how to best back up your data, or making sure your backups are compliant with GDPR. Give us a call today!