Header Ads

Breaking News

8 Steps to Simplify Business Cloud Backup

Backing up your data no longer has to be the nightmare it once was. Cloud backup services have made backup a much simpler process, one that easily replaces the arcane tape backup solutions once made mandatory because they were the only game in town. Cloud backup is cheaper, simpler, and even safer than most on-premises solutions.

In the cloud model, all your IT manager needs to do is make sure is that (a) all your target devices, whether disk, PC, phone, or server are supported, and that (b) those targets all have some kind of internet connection. After that, scheduling and testing is done from a central console and each device can download the required client software over the web. You can even automate that task in several different ways. So why is backup still so often overlooked by small to midsized businesses (SMBs)?

Because even with the cloud’s new simplicity, being effectively backed up usually requires more than just signing up with a single provider. Backup needs to closely match every organization’s particular needs and that means planning and implementation are complicated, so most business managers like to avoid it. An instant candidate for the back burner.

That’s problematic, since effective data backups have more uses now than ever. Disasters aren’t just natural, like a storm that wrecks your office, they can also be a disgruntled employee hitting the “Delete” key when they shouldn’t or having your business infected by one of several kinds of nasty malware. In all these cases, having previous versions of your corporate, customer, and employee data can mean the difference between a minor delay and a major meltdown.

Additionally, backing up your data lets you get back up and running after your endpoint protection software determines there’s been a breach. And certain malware even requires a good backup to defeat. Ransomware is the best example. This type of malware holds your data hostage, usually by encrypting your data and then asking for a large wad of cash in exchange for the key you’ll need to decrypt. Sometimes ransomware just affects the device that it originally infected, but more and more, it’s become smart enough to spread across your network and hold your whole organization’s data prisoner.

Having a very current backup of everything located off-site with effective security can help make defeating ransomware easier. In fact, several data backup vendors are putting new features in their software specifically to address ransomware threats. With a combination of security software and regular backups, you’ll be able to spot threats as they occur, expel them from your network, and then revert your network back to its most recent and secure state.

To help you get your arms around building an effective backup and data safety plan, we’ve listed eight steps below that’ll help make this process easier no matter how big your organization.

Abstract art showing a file download to an external hard disk

1. Automate Your Backups

You don’t want to manually back up your data every time there’s a concern. You want to be proactive and set automatic backups to happen on a constant and recurring basis. This way, no matter when a disaster occurs, you know there’s a backup sitting there waiting for you. Conversely, manually backing up data means you’re relying on your own diligence or the diligence of an employee (someone who may get sick or leave the company). If a day, week, or month worth of backups is missed, you can be in serious trouble if a disaster strikes.

Several companies, including both data backup software vendors as well as operating system builders, like Microsoft with Windows 10, are including intelligent backup capabilities. These not only keep backups happening often but also manage the target device’s bandwidth usage intelligently, so your backup streams don’t clog your network. These measures have become so sophisticated that many businesses are able to implement near-continuous backup streams so your backups are almost available in real time. That can be important not only for disaster recovery, but also for staying in compliance with regulatory requirements, like those imposed by HIPAA or SOX.

2. Look for Integrations

While you can build an effective backup strategy using just a single cloud vendor, you’re even safer if you distribute your backup load across two or even three vendors. When you’re conducting this search, be sure you’re picking vendors that integrate with their competitors and with all the applications and cloud services you’re using to conduct business. This way, if you need to migrate bits and pieces of your data from Vendor X and bits and pieces from an app, then you’ll be able to slide the information into Vendor Z’s platform without having to write new code.

An example here might be the difference between an all-in-one backup solution from a vendor like Acronis Cyber Protect versus a combination style solution that uses backup software from one vendor that then stores your data not only in that vendor’s cloud space, but also in another public cloud, like the S3 virtual storage buckets you can get from Amazon Web Services (AWS). In this scenario, you want to make sure not only that your third-party backup vendor integrates with AWS, but also that the data you’re storing in Acronis can either access the data on AWS or use it as an alternate target.

On the cloud services side, we’re talking about any service app that stores data valuable to your business. That includes not just productivity software, like Google Workspace, but also more dedicated operations apps, such as Quicken Deluxe or Salesforce. To grab data stored in such silos, your backup provider needs to provide a dedicated connector, so make sure those are available for the apps you need.

3. Create Multiple Copies in Multiple Regions

It’s important to create copies of your data in multiple regions, especially if you operate across more than one locale. For example, if your New York-based company has offices in the United Kingdom and Spain, then you should probably have multiple copies of your data stored not just in New York, but also in the UK and Spain. This process can safeguard not just against location-based disasters, but also file-level problems. A smart architecture in this example stores all files internationally, so if New York and Spain can’t access your company data, then the UK will still have access and be able to share it with the other locations.

Where you need to be careful here is redundancy and compliance. You need to make sure that any redundant data copies are completely separate, which is more difficult to do if you’re only using one vendor. A single vendor might store your data twice in the same data center, which wouldn’t do you much good if that data center went down. You also want vendors who not only store data in different regions, but also understand if those regions have different data regulations as well as how to make sure you’re in compliance with those laws before you find out the hard way, like by being fined.

For small businesses, the same logic applies. Although you might only have one location, you can still save multiple versions of your backups, and you can still diversify where and how the data is saved. Most data backup apps have settings that let you automate backups to multiple locations, so it’s often just a matter of point-and-click. And if you don’t want to save it to yet another cloud service, you can still get much the same effect by saving an extra copy to a local, on-premises resource, like a network attached storage (NAS) device.

Abstract art depicting secure cloud storage

4. Check Out the Public Cloud

Most backup vendors will push you or even require that you store your primary backups in their clouds. However, many of them don’t actually have their own clouds; instead they lease them from larger public cloud vendors, like AWS or the Google Cloud Platform. That’s an important consideration, since you’ll want to know where those leased data centers are. You’ll also want to know which such clouds your backup vendor is using in case you want to use the same public cloud provider to store a redundant backup copy. Again, if you wind up storing redundant copies in the same physical place, they’re not as effective or even entirely useless, in the event of a disaster.

Talk to your backup provider about how you can go about using their backup service to store backups in other clouds. Sometimes this is easy if the backup service already has a connector for the target cloud. If not, you may have to roll your own, but for that the backup vendor will need to have an application programming interface (API) available. You might even consider foregoing a dedicated backup vendor and checking out the backup capabilities offered by many of the larger public cloud vendors.

With public cloud infrastructure, all you need to worry about is managing the dashboards that vendors like Microsoft and Amazon provide. They’ll deal with the local administration, hardware problems, and data recovery issues your IT staff would have to manage if an issue were to occur on-premises. If you choose to go with a hybrid or private cloud, then you’ll end up managing your dashboard as well as certain aspects of the cloud and local infrastructure. All this is definitely going to be more complex than purchasing a dedicated backup service subscription, so sit down with your IT staff and make sure it’s the right way to go.

5. Engage Services That Focus on Data Safety

The cloud has become a fantastic aid to companies looking to quickly and easily implement a reliable backup strategy. Prices are low, standards are open not proprietary, on-site hardware requirements are also low or even nonexistent, and your data can be accessed or fully restored from practically anywhere. But there’s one weakness that cloud backup services have that even a venerable old tape drive doesn’t suffer from: They’re in the cloud.

The cloud’s primary data safety weakness is similar to putting your money in a bank instead of burying it in the backyard. To find it there, bad guys need to know you’ve got it, that you buried it, and where you buried it. The bank is a far easier target because the black hats know there’s money in there, all they need to do is get to it. It’s the same for backup services. Hackers know there’s a wide variety of potentially valuable data on a backup vendor’s servers. Fortunately for banks, they have alarms, big steel safes, and other security measures to keep your money much safer than a couple of feet of dirt behind your house. Make sure your online backup service does, too.

For backup services, that includes a service level agreement (SLA) that details what security measures are being used and how they’re enforced. The key feature you’re looking for is encryption, encryption, and just for variety’s sake, a little more encryption. First, data at rest (meaning the data that’s been backup up and is now sitting on the service’s cloud servers waiting for you to restore it) definitely needs to be encrypted. Preferably in such a way that the even the backup vendor’s IT pros managing the service can’t read it. But that’s just the start.

You also want to your data encrypted while it’s in transit. That means whenever you do a backup and those agents you’ve installed on all your endpoints start sending data to the cloud, that data needs to be encrypted for the entirety of the journey, usually via Secure Sockets Layer (SSL). Some services, even today, skip this step because it’s easier on their back-ends to simply transmit data without the encryption. Make sure you’re not signed in with one of those.

Finally, encrypt data on your endpoints while it’s on-premises, too, not just when it’s backed up to the cloud. Whether those endpoints are using Microsoft Windows or Apple’s macOS, encryption is now a built-in option, so make use of it. Test it with your backup service so you know the data can go from hard disk to cloud and back to hard disk and still be fully usable by your employees. Worst case, your data will get encrypted twice, once on the users’ hard disks and once with the backup service, but that can only keep it safer and shouldn’t impact backup or restore times adversely.

Secure cloud concept art

6. Don’t Ignore Other Data Security Measures

Encrypting your data is just a great place to start when it comes to data safety. It might seem strange to worry about data security so much as part of backup, since backups are a big part of that equation, but in the cloud service model, we’re talking about storing your company’s most valuable information on someone else’s infrastructure. So you need to know what’s happening to that data after you’ve backed it up.

That means you want to make sure that whatever vendor you’re using, either for software or storage, understands and is fully compliant with any regulatory requirements that affect your business. HIPAA and GDPR are two obvious examples, but there are literally dozens more depending on your industry. Sit down with your legal staff, list your various requirements, and then query potential backup vendors and find out how they address these asks before purchasing. Amazon is an example of excellence here with a site devoted to nothing but detailing all its compliance capabilities.

Finally, for those storing data on public infrastructure, you also want to confirm your vendor’s data privacy capabilities. In public infrastructures, data from multiple customers is stored on the same hardware in what’s termed “multi-tenant” architectures. That means your data is squashed in with terabytes of data from other customers, but to you it seems as though everything is dedicated to your company. That’s as it should be, but make sure the vendor supports data privacy features, meaning strong access controls and the ability for you, the customer, to control where data is stored in their data centers and (very important) exactly who has access to it.

7. Check Out Analytics and Collaboration

Although backup and recovery was once thought of as a process used to rectify data loss after a disaster, today’s software lets these systems provide more complex and proactive services. For example, if your company is asked to provide data to legal authorities, then you can use a data backup and business analytics tools to pinpoint the exact data that’s needed. Then you can present the information while your company is up and running, rather than shutting down your entire business and handing over your physical servers, laptops, and smartphones while an investigation occurs.

Another feature that’s fast becoming popular due to the pandemic are the collaboration features a cloud backup service can offer. These revolve primarily around file-access collaboration. Unlike a tape drive where you could generally only perform a full restore of the entirety of what was stored on that tape, a cloud service provider can give you access not just to individual files, but also to snapshots of that file over time.

So, for example, if your sales staff has been working on an important pitch document for several weeks, that document has likely been backup up several times. Some vendors will keep all the versions of that document, not just the most recent one. So if something got dropped from an early version and suddenly your VP of Sales decides she wants it, she can simply log into the backup service, navigate to the appropriate folder, and choose from 10, 20, sometimes more versions of the file starting with when it was first created. That kind of file sharing is a quick-and-dirty collaboration strategy, but one that’s quickly becoming important for companies whose workers have suddenly left the office and are now working from dozens of home locations.

When checking out these capabilities, see how far the vendor goes. A basic backup vendor will likely only offer file-level access and versioning. But a more sophisticated storage and file sharing vendor, like Dropbox Business, will have more to offer, like document conversion and inline editing across multiple users.

8. Give It a Whirl

Finally, make sure to test your backups regularly. Set-and-forget is a trap into which many SMBs fall when it comes to backup. Most backup apps are almost completely automated so it’s easy to forget they’re working, especially when most of that work is probably happening after hours. However, it’s very important to take 30 minutes every now and then and make sure that (a) the data you need to have backed up is actually being saved, and (b), just as important, that you can actually recover that data within the time frame you’re expecting.

Just because your backup logs indicate a backup was performed on X date at Y time, doesn’t necessarily mean everything is fine. Transmission to the cloud might have been spotty or broken or perhaps the files you saved somehow became corrupted. That’s not something you want to discover the day you actually need to access your backup files. So, just take a few minutes and restore a few files from your most recent backup every now and then so you know for certain everything’s working.

Most hardcore IT professionals will counsel a monthly or even weekly test of your backup process, but that’s coming from folks who work in IT. If you have an IT staffer in your company, then by all means, testing monthly is probably your best balance between data safety and IT workload overkill. But, if you’re a small business owner without IT staff onboard, then you can play a little looser with your backup testing schedule, though once a quarter should be your minimum.

Source Link

No comments