Backup as a data security strategy
World Backup Day
The 31st of March is celebrated as World Backup Day. This is a good opportunity to look at the safety of your company’s data, especially since every year thousands of computer users lose the content of their hard drives.
In 2014, the EMC1 surveyed corporations on data protection against loss. According to their findings, 32% of enterprises had experienced data loss over the past 12 months, and the average loss for a company was 2.33 TB of data. This amount could be considered equivalent to 24 million e-mails, and the estimated cost of data loss is US$ 1.02 million. The total cost of losing all data amounted to US$ 754 billion.
Major factors indicated by respondents that caused data unavailability were as follows:
- Hardware failure – 53%
- Power loss – 39%
- Software error – 38%
- Data damage - 29%
- Human error – 26%
- Safety incidents – 23%
- Backup system inefficiency – 22%
- Physical break-in – 14%
- Service/Provider failure – 12%
- Natural disaster – 10%
- Sabotage - 9%
We are able to limit each of the aforementioned elements, but it is impossible to eliminate them. Therefore, to minimise the negative impact of these factors, a backup system that has been indicated by 41% of surveyed persons as a main component of the data backup strategy is applied. Nowadays, this system needs to meet the dynamically changing conditions in the IT world and to be adjusted to the following circumstances:
1. On-going growth of data quantities
The quantity of data in specific companies continues to grow, and the backup windows shrink at the same time. In theory, hardware might be scaled all the time, and its throughput may also be increased continuously, but this is followed by growing maintenance and management costs. Therefore, apart from developments in storage technology, the de-duplication technology that makes it possible to reduce the quantity of data stored in the system continues to develop dynamically. Backup data are easy to de-duplicate, which results in the ratio of data stored to data in systems exceeding 1:9. Unfortunately, de-duplication has its disadvantages. First of all, its more intensive use of calculation resources may result in saturation of the managing server. The use of de-duplication may significantly increase the time for making copies, but it may mainly have a negative impact on the data recovery rate, which accounts for a critical parameter in an emergency situation.
2. Data dispersion
In many companies, business systems often exist in a hybrid infrastructure. Some services are started up in a conventional way on dedicated physical servers, and some in a virtual infrastructure or in a private cloud. Others may, in turn, be available at an external provider's in the form of the SaaS, IaaS or PaaS models. Subsequent systems may be located in regional offices, or smaller organisational units dispersed all over the country, continent or all over the world. This is topped up by users, who often store important business data on their mobile devices, such as tablets, smartphones or laptops.
Ensuring reliable and fast protection of a new system – something that is particularly difficult in the cloud and on mobile devices – accounts for a major challenge for the managing department. It is the backup system that is required to have automation of the connection process arising from the data protection procedure adopted in the organization. Providing application protection in environments beyond the direct control ensured by outsourced providers or, to a lesser extent, in regional locations or branches, is a development of this challenge.
There is no solution that can ensure the effective protection of each of these systems and backup is no exception. Enterprises need to make a choice: the application of two or more products, which increases the TCO of an investment, or to come to terms with deficient support in one or more groups of systems. This is not an easy choice and must be preceded by a profit and loss analysis and a frequent coming to terms with the loss of control over the security of part of the infrastructure by in-house IT department.
When a backup system secures the data of several systems and a considerable number of users, there is a need to specify which of these data are most significant for the organization in order to cover them with special protection. The growing number of data and systems secured by a backup system makes it necessary to specify clearly which applications and data are most important and, therefore, have the highest priority when generating and re-generating. The production of such a model considerably reduces the costs of building and maintenance of infrastructure, but first of all it reduces the time of data retrieval and minimizes their losses. Such an approach requires having a transparent hierarchy of business services, an efficient IT management model in place, advanced expertise and experience in planning and maintenance.
As you can see, there are major challenges in designing and managing a reliable, effective and secure backup system. They require professional expertise, awareness of the solutions available on the market and relevant experience. Any decision on the selection of a proper solution, as well as the backup service model, needs to be thoroughly thought-out. Such a service might be, in particular, purchased from a third party company offering a complete solution in a professional and easily adaptable manner.
The Comarch Data Center has been developing its skills in the planning, implementation and management of products necessary for an efficiently operating backup structure for many years now. We cooperate with system producers who are market leaders, such as Symantec (their products secure data in the CDC centres in Cracow, Dresden, Chicago and Columbus), IBM (maintained in CDC in Warsaw) and HP (administered by ICT engineers in the ARiMR project). Backup also requires a failure-free hardware platform. Comarch Data Center ensures an efficient and readily accessible environment for the implementation of a backup strategy individually tailored to our clients' requirements.
You are welcome to contact our consultant: Milosz.Brzozowski@comarch.pl
More about Comarch Security Services: