4 Questions IT Managers Can Ask to Strengthen Data Backup and Resiliency

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise tech. In this feature, Apricorn‘s Kurt Markley offers four data backup and resilience questions to ask right now.

IT leaders face an escalating array of challenges. The landscape of evolving digital threats, coupled with the pandemic-induced surge in remote and hybrid work, has exposed organizations to an increasing number of vulnerabilities. The exponentially fast growth of generative AI applications, too, is cause for alarm, as tools like ChatGPT and Google Bard are making it easier to create and deploy ransomware attacks. 

Additionally, it’s all too common for IT leaders to lose sight of the big picture while heads down at work, which increases the risk of being slow to respond and unprepared to get back up and running in the event of a security crisis.  

So, if you’re an IT manager, what’s the best way to assess the current state of affairs and prepare for what lies ahead?

Data Backup and Resiliency Questions

Prioritize Data Backup and Resiliency 

Begin by focusing on data backups and resiliency as your first line of defense. This ensures that your organization possesses current copies of its most crucial data, safeguarding it against potential disasters. As for why this should be a top priority, look no further than the news, which regularly reports on cybersecurity breaches and ransomware attacks. No matter your business, these incidents can be devastating and affect stakeholders in the short and long term. For example, an attack on a healthcare organization would disrupt healthcare IT systems, affecting patients and staff, but would likely incur hundreds of millions in dollars of recovery costs, too.  

Still, despite the known risks and cautionary tales, recent research by Apricorn reveals a concerning statistic: 99 percent of IT decision-makers struggle to recover data when disaster strikes, even when they have a backup strategy in place. Furthermore, more than 70 percent of IT leaders have had to recover data from backups, with 26 percent unable to fully restore it. In other words, IT professionals are well-aware of the scale of these threats, yet they have not fully mastered prevention or recovery. It is high time to regain control.  

To evaluate your own organization’s preparedness, and to identify opportunities to enhance your data backup and resiliency, start by asking these four questions: 

“Are We Sticking to the 3-2-1 Rule?” 

Not all backups are created equal. The 3-2-1 rule is a simple, but vital practice: maintain three copies of your data on two different media, with one copy stored offsite, encrypted, and offline. Opt for secure storage of local backups on portable hardware-encrypted external devices. Additionally, emphasizing encryption at every location ensures maximum data control, regardless of the disaster scenario. 

“Have We Defined our Backup and Recovery Plan?” 

While IT managers understand the importance of a backup and resiliency plan, they often fall short in its clear definition, communication, and documentation. Take the time to comprehensively outline your plan, then share it with your team. Specify who should be alerted in various situations and establish a clear chain of command for times when leaders are unavailable. A well-documented, shared, and accessible plan significantly reduces risk and streamlines problem resolution, particularly in the aftermath of a DDoS or ransomware attack. 

“How Often are We Checking In?”  

Unlike some aspects of business, when it comes to cybersecurity, there’s no such thing as “one-and-done.” Even if you diligently follow the 3-2-1 rule and define your backup and resiliency plan, ongoing monitoring and improvement are essential. Develop a plan for regular reviews of your multilayered strategy. Consistently back up your data, including offsite and offline copies, and conduct rigorous testing of data recovery processes. Frequent testing prevents you from becoming a statistic and increases the likelihood of a successful restoration in the event of a breach. 

“Are We Auditing What We’re Storing?” 

Regular audits ensure the data being backed up is intact and has not been corrupted or altered. This is crucial for ensuring that, in the event of a data loss, the backup can be relied upon to be restored. Audits also help to ID what’s being stored and what is no longer needed. What is outdated or no longer relevant can be removed from the cloud or the backup, which saves on storage costs. Whether evaluating backups for testing, compliance or even capacity planning, performing audits is a proactive step to help IT leaders maintain control of their data and potentially safeguard against unforeseen events.  

Final Thoughts 

Adopting a strategic approach to data backup and resiliency empowers organizations to enhance data control, mitigate unauthorized data access, and expedite recovery in the face of data breaches, attacks, or losses. As a busy IT professional, asking these four questions is an important starting point to safeguard your organization from costly consequences down the road, and boost resiliency, earning the gratitude of your customers and company alike.