Addressing Blind Spots in Your Backup and Recovery Strategy
Backblaze’s Kari Rivas offers insights on addressing blind spots in your backup and recovery strategy. This article originally appeared on Solutions Review’s Insight Jam, an enterprise IT community enabling the human conversation on AI.
While June’s Backup Awareness Month has come and gone, that doesn’t mean it’s time to hang up the towel. Even if you believe that your strategy is foolproof, there are many blind spots that organizations don’t always recognize when backing up their data.
For example, common mistakes such as using a sync solution rather than a traditional backup method or relying on off-site legacy storage, can result in losing crucial files and historical data (worth its weight in gold in the AI era).
According to a survey conducted by IBM, the global average cost of a data breach in 2023 was $4.45 million, a 15 percent increase over three years—which means that IT leaders can’t afford to put off building a comprehensive backup strategy. By addressing common blind spots in backup and recovery strategies, IT leaders can help ensure that their data is safe and secure year-round.
Cloud Backup vs. Cloud Sync
One of the most common mistakes organizations make when implementing a backup strategy is the misconception that a cloud sync is the same as a cloud backup. Sync services like OneDrive or Google Drive are great services for users to share images and files across multiple devices. Although these platforms typically offer services to retrieve lost data, they’re limited in how far back you can recover from, the extent of version history retained, and the controls in place to prevent deletion by a user within an organization.
Backup solutions, however, utilize backup technology that offers granular protection of data, and covers files that a cloud sync service might miss, like emails, operating system files, and more. As opposed to a sync service, backup solutions also offer features like object lock, which prevents files from being changed or deleted for a certain period of time—essential in high-compliance environments and for protection against ransomware. That doesn’t mean that backups won’t be reflective of your current environment, just that you will have finer control over recovery scenarios.
Having complete backups that support point-in-time restore options is a key tool for data recovery incidents. The best way to address this common blind spot is to ensure that your organization is following the 3-2-1 backup strategy with multiple copies of your data stored on different types of media or services.
Securing Off-Site Data
As described in the 3-2-1 backup strategy, it is best practice when implementing a backup plan to keep three copies of your data, two of these copies should be on different types of media, and one of them off-site. When it comes to the off-site storage portion of your data backup, there are a few key blind spots that might not come to mind at first glance.
When storing a copy of your data off-site, keep in mind the location of where you are storing it. In the case of a natural disaster, it is important to make sure that your organization’s data is stored in a data center far from its data production site. If the data recovery facility you are using is in the same few-mile radius as your main location, that would present a big gap in your data backup strategy.
Similarly, another blind spot is relying on off-site legacy storage like LTO tape. Not only is this strategy expensive and time-consuming, but it also means your backups are not as up-to-date. The best solution to this problem is to fulfill your off-site requirement with cloud storage solutions. This will modernize your architecture and prevent gaps in your backups.
Frequently Reviewing and Revising Disaster Recovery Strategies
Another possible error is not rehearsing your organization’s recovery strategy before it’s too late. Unfortunately, ransomware attacks can happen at any time, and even if you have the 3-2-1 strategy set in place, not regularly reviewing your strategy could have you missing potential threats when it’s game time.
The best way to find blind spots in your backup strategy is to frequently run through these possible scenarios and make sure to regularly test your backups for effectiveness. Not only will you ensure that your backups contain all the information necessary to get you back up and running, but your organization will also be able to highlight areas for improvement. That can include the types of files you’re backing up, the order in which you restore certain kinds of data, incident management communications protocols, strategic systemic redundancies that would be useful, and more.
Having a reliable backup plan could save your business, so you don’t want to have any surprises or waste time when trying to get your data back. You don’t have to wait for a worst-case scenario to occur to find out what aspects of your plan you can tweak. After running your tests and working through scenarios, talk to the employees in your business about what they think worked and what didn’t—often different departments will experience backup and restore processes in different ways, and that information can help you prioritize in crisis situations.
What’s Next?
Building a comprehensive strategy is as much about investing time and effort into planning and education as it is about investing in the right solutions and partners. Addressing these common blind spots in your plan, as well as other potential areas of improvement, will best set you up to combat any sort of data loss disaster. As a final reminder, in 2023 there were 3,205 cases of data compromise in the United States, affecting more than 353 million individuals. Don’t wait for a disaster to occur before making adjustments to your strategy; be proactive and implement a plan that can grow alongside your company.