Data Backup Solutions, Data Recovery and Business Continuity Planning: The Complete Guide

Most businesses depend on their IT for daily operations. More precisely, firms rely on having ready access to their business-critical data to maintain productivity. Hardware and software can be replaced fairly easily if it fails, but in many cases data recovery is impossible.

Financial data, customer data, supplier data, employee data - the amount of digital information flowing through your business is endless. What's more is that you are legally responsible for it - a topic we go into in detail in our Complete Guide to GDPR (General Data Protection Regulation).

To help you get to grips with this sometimes daunting topic we've pulled together all you need to know about data backup solutions, data recovery and business continuity planning.

Contents

1. Data Backup Solutions and Disaster Recovery Plans: What's The Difference
2. Reliability and Redundancy: The Key Elements of a Data Backup Solution
3. Avoid These 3 Threats With An Effective Data Backup Plan
4. Data Recovery Planning
5. Business Continuity Planning
6. Business Continuity: The Cost of Downtime
7. 6 Types of Incidents That Business Continuity Planning Protects Against
8. Data Encryption
9. Dark Data
10. 3 Ways To Prevent Thieves From Stealing Your Data
11. Would A Power Outage Take Your Business Offline?
12. Veeam Pro Partner - Brandon Global IT

If you already know why data backup plans are crucial to business continuity, and are looking for a partner to assist you, contact us at our closest office location.

We are an experienced data backup provider so you can trust your data is in safe hands. Contact us for success stories and references from our happy clients.

1. Data backup Solutions & Disaster Recovery Planning: What's The Difference?

There’s a dangerous misconception that a lot of business owners have about data backup. Too often, an SMB will have a data backup solution in place and the business owner will feel like they’re fully prepared to handle a data loss disaster--without looking into the data recovery capabilities of their backup solution (or the lack thereof). This kind of oversight can lead to a very costly surprise when a disaster strikes and there’s no easy way to restore the lost data.

Therefore, it’s imperative that every business owner fully understands the difference between data backup and disaster recovery, and have both solutions in place.

What’s Data Backup?

Data backup solutions come in many different forms, all with the ability to make copies of your data. Some examples include an external hard drive or an extra PC, or even the older-yet-reliable method of using magnetic tape reels can work too. While these solutions are good, more businesses are turning to a cloud-based backup solution that allows for the entire data backup process to be automated.

If you employ any of these data backup solutions, then you’re doing infinitely better than if you weren’t backing up your data in any way, shape or form. However, utilizing a data backup solution that has limited-to-no data recovery capabilities will leave you high and dry if something should ever happen to your data. For example, what if your servers crashed and you had to scramble to restore your data from your backed up tape copies? If this data restoration process proves to be cumbersome and takes longer than expected, then you just lost a whole lot of money to downtime and you’ll be kicking yourself for not having a comprehensive data backup and data recovery plan in place.

What’s Disaster Recovery?

Disaster recovery, or data recovery should be a major part of your business continuity plan. Essentially, having data recovery capabilities ensures that, in the event of a data-loss disaster, you’ll have a plan and a solution in place to recover your data with minimum downtime, allowing your business to get back on its feet as soon as possible.

When it comes to selecting a data recovery solution, you’ll want to keep in mind that, like its data backup counterpart, not all solutions are created equal. For example, some data recovery solutions take longer to implement than others, and if your solution is housed in your office, then you’ll be unable to recover your data in the face of a disaster that damages your IT infrastructure.

Therefore, when choosing a disaster recovery solution, keep these factors of disaster recovery in mind: RTO (recovery time objective) and RPO (recovery point objective).

• The recovery point objective is handled by the backup solution and controls which point you can restore data.
• The recovery time objective is the disaster recovery’s domain, and is defined as the amount of time you want to take to restore your system infrastructure.

An ideal data recovery solution hosts data off-site and in a cloud computing environment, and it automatically recovers your data in the event of a disaster. A solution like this fully leverages both RTO and RPO, and can be found in our Backup and Data Recovery solution.

The advantage of BDR is that it’s designed to take multiple backups throughout the workday, and deliver them to your company’s network via the cloud. With BDR, data recovery is automated, and your BDR device can even perform as a temporary server, should you face a major disaster that takes down your in-house server units. It’s the best way to guarantee your business doesn’t skip a beat should anything happen.

2. Redundancy and Reliability: The Key Elements of a Data Backup Solution

Redundancy

It is a fact that redundancy is not always welcome in business. Almost anywhere you find redundancy in your workplace, you also find miscommunication, incompetence, and the lack of coordination that routinely gives business owners and executives gray hair. One aspect of your business that goes against this trend is how you store and disseminate data. Redundancy in tech-speak is not just a good thing, it’s something that can flat-out save your business.

If you’re you’re doing business without a proper backup and recovery plan, it’s like buying a house on the banks of a river and not getting flood insurance. It simply doesn’t make any sense. If you rely on your data, and most businesses today have some data they simply can’t get back if it was lost, then the best recourse is to institute a comprehensive data backup and disaster recovery (BDR) solution immediately.

Reliability

For business owners and executives that have been using tape or some other manual type of backup for their backup and recovery needs: it’s a step in the right direction. In business continuity circles there are two variables that have to be understood in order to successfully protect your business from substantial data loss. They are:

1. Recovery point objective (RPO): basically what data has to be restored in order to get operations back up and running

2. Recovery time objective (RTO): the amount of time that you have to restore your data before downtime begins to ruin the business’s ability to meet its financial requirements

Although it has to be said that tape is an inefficient backup medium for most businesses, it’s better than nothing. With Brandon Global IT's backup solution, however, business continuity is an easier process.

Our backup solution is automated, with no manual upkeep, tape swapping, or tedious maintenance just to make sure the backup actually happens. Having access to a reliable and secure interface boosts any organization’s ability to protect all their data and restore it faster than with any other type of backup medium. Like we mentioned earlier, restoration times are critical.

As a trusted data backup provider, an added benefit is our backup platform’s ability to act as your server in the event that your central computing infrastructure has been rendered useless; whether from simple hardware failure, human error, malware, or an act of God.

Many people rely on your business. It’s time to protect it and them with a secure and reliable Backup and Data Recovery solution.

3. Avoid These 3 Threats With An Effective Data Backup Plan

It can be difficult to truly determine the long-term consequences of a data breach or an IT disaster. The most effective approach is to be prepared, even for unseen problems or unexpected downtime. We’ll discuss some of the most likely culprits of data loss, and what you can do to protect your business from them.

Natural Disasters
Have you considered your business’s vulnerability to disasters like floods, fires or weather damage? These can all affect, or even destroy, your business’s data infrastructure. Without data backup, your business could lose not just its office, but also the data that’s needed to keep your business running. In particular, hardware failures can be predicted and avoided to dodge costly downtime.

User Error
Nobody is perfect, and even the most model employee will make mistakes. The problem, however, isn’t understanding this, but knowing that these errors can cause trouble for your business. They might accidentally hand over important credentials to someone masquerading as IT support, or store a file where it’s not supposed to go. User error is often a problem that leads to data loss.

Security Breaches
Hackers generally break into systems to do one of two things: 1) Cause trouble, or 2) Steal data. You’ll find that data breaches will almost always lead to either some damage being done to critical files, or the complete and total theft of your data. It’s important that you’re ready for both.

4. Data Recovery Planning

Not all companies are prepared to deal with the costs associated with downtime. Any situation in which your organisation cannot access important information or can’t operate with efficiency is something which needs to be prepared for; otherwise, you risk more than you know. We want to help protect your business when it needs it most.

Downtime is capable of causing long-term or irreparable damage to your IT budget, so preparing for downtime isn’t enough. What you need to do is expect downtime and accept that it will inevitably happen to your business. In our work as a data backup provider, we see just how frequently downtime can occur if a business doesn't have optimal data backups in place.

1. User Error

It’s not beyond the realm of possibility for employees to make mistakes. It can be something as simple as an employee moving the wrong file to the wrong location, or it can be as complicated as users mistakenly having access to data they’re not supposed to see, only to have it stolen by a scammer.

2. Hacking Attacks

If your infrastructure were to be breached and infected by viruses or ransomware, there’s a good chance that you’ll lose data. This can happen due to data destruction or theft, and you can’t ignore the possibility of ransomware encrypting your infrastructure, either.

3. Natural Disasters

Regardless of where your office is located, chances are that it’s vulnerable to some variant of natural disaster. Floods, fires, storms, and many more, are all examples of disasters that can lead to downtime.

4. Hardware Failure

Technology certainly isn’t built to last forever, and you shouldn’t expect it to. Even the hardiest of servers will eventually fall to the whims of time. The best you can do is take measures to be ready for such an event, as hardware failures can happen at inopportune times and lead to significant data loss.

The Solution

In order to combat the threat of network downtime, having a robust Data Recovery plan is practically a necessity. This is a part of a thorough Business Continuity plan that’s designed to get your organisation up and running following a crippling disaster. This includes having reliable data backup, as well as a way to rapidly recover its contents. Data backup and data recovery might be all you have left to fall back on in the event of a disaster.

If you’re considering tape backup, know that you could potentially lose out on an entire day’s worth of work, as tape is more vulnerable to user error and isn’t nearly as dynamic as the alternatives. BDR (Backup and Disaster Recovery) can almost instantaneously restore your data, and since you restore from the cloud rather than a physical tape, you can avoid the majority of downtime.

5. Business Continuity Planning

What would you do if your business were suddenly struck by something which threatened its very existence? Do you have a plan to make sure that your business survives well past the expiration date assigned by natural disasters, hardware failure, user error, or hacking attacks? One of the most important parts of running a business is managing risk, and implementing a business continuity plan is a great way to focus on the preservation of your organisation.

How To Handle Emergencies

Something that business continuity professionals might forget about in terms of preservation is the safety of its workers. You can begin to prepare for hazardous situations by posting safety equipment in a visible location within your office. Furthermore, you should practice escape maneuvers whenever the opportunity presents itself. Hold a company meeting and be sure to talk about emergency procedures with the whole staff.

Keep The Worst In Mind

The best way to know if your business can handle a disaster is to ask yourself what you would do if your physical office were (hypothetically) destroyed. How would you recover your data if it were reduced to a smoldering pile of ashes, or if your server sinks to the bottom of a river?You need to account for all possible events; not just the ones that are most likely to happen.

Beyond physical damage, you need to consider the ramifications of data loss. There’s a very real possibility that your organization could go out of business by no longer having access to the data it needs. Most businesses that cannot effectively restore their data will go out of business within a year. Therefore, it’s imperative that you have preventative solutions in place.
Take this example: off-site backup is crucial if you hope to keep your data secure in the event of a disaster. The reason is--the more locations that your data is stored at, the lower the chance that all copies of it will be destroyed.

The ideal solution is to store your data backups in the cloud. This way, you can deploy your data from anywhere in a moment’s notice, even if your in-house infrastructure is completely destroyed. As long as you have a device to restore the data to, you can get back in business with minimal data loss and downtime.

Keeping Your Backups Maintained

Once you know what type of backup and restoration you’re going with, it’s time to make sure that your system is being properly maintained. This involves keeping a close watch on your backups through monitoring, as well as maintaining your backup solutions to ensure that they are taking effective snapshots that will help your business in a pinch. Running drills will help to ensure that you know how to handle situations that require immediate attention.

Of course, keeping watch for potential improvements is another great way to help your backup solution be as beneficial as possible. Your backup solution shouldn’t just be able to take adequate backups--what you need is a powerful solution like a Backup and Disaster Recovery (BDR) solution. BDR can automatically take backups as often as every fifteen minutes, and restore your data directly to the BDR device in a pinch, effectively eliminating downtime and ensuring the longevity of your business.

6. Business Continuity: The Cost of Downtime

The impact of downtime in business can sometimes be overlooked. If the power in your office fails tonight, and all of your systems and servers go offline, how quickly can you recover? And perhaps more importantly, at what cost?
 
It can be difficult to pinpoint the exact damage that would occur should any unplanned downtime arise – especially when you consider non-tangible costs like damage to your brand and reputation. As a data backup provider we have developed the following formula to help you to assign commercial value to these risks. 

Total Cost of Downtime = 
(Lost Revenue per hour + Lost Productivity per hour)x(Length of Downtime in hours)
+ (Cost to Recover)
+ (Cost of Intangibles)

Avoiding Downtime

A business continuity plan will help to prevent this cost, yet a study done by The Diffusion Group estimates that only 60% of businesses have a backup plan in place! This puts 40% of small-to-medium sized businesses unprotected and at risk.

There are many different backup solutions on the market to protect your digital information. It is good to have a backup plan in place, but like machine oil, not every oil works for every machine. Using external hard drives, tape-drives, or USB thumb drives, are solutions we've seen used, but they aren't very good solutions for a real business continuity model.

We have found that when it comes to data protection, the Backup Disaster Recovery (BDR) solution to be the most reliable and secure solution on the market. BDR continuously backups your data off site, this eliminates the threats from fire, flood, theft, and whatever else is hurled your way. If a disaster does strike, big or small, BDR can act as your network and keep your operations in working order.
 
By understanding the true cost of downtime in your organisation, you can make the right choices when investing in your business continuity solution.

7. 6 Types of Incidents That Business Continuity Planning Protects Against

There’s no way to predict the future, and Murphy’s Law tells us that anything that can go wrong will go wrong.  If you don’t have a well-thought out recovery plan, your company’s data is teetering on the edge of a cliff without a safety net. In our experience as a data recovery company, here are some of the scenarios where BDR proves to be most helpful:

1. User Error

We all make mistakes, like accidentally clicking a malicious link, dropping our computers, misplacing a mobile device or deleting something we intended to save. User error was cited as the leading cause of data loss in a 2015 Databarracks survey. Backup plays an important role in ensuring these mistakes don’t turn into serious problems.

2. Hardware Failure

Different hard drives, servers, desktops and other devices have varying life expectancies and refresh cycles, but hardware often fails. Whether it’s due to normal wear and tear, defects, or the unexplainable, businesses need to be prepared. BDR can help ensure that entire datasets are replicated and accessible should something suddenly stop working.                                       

3. File Corruption & Software Failure

Software will also occasionally fail. Files and data can become corrupted and things may be deleted without warning. In addition to providing complete restores for entire machines, BDR allows for data recovery.

4. Natural Disasters and Extreme Weather

According to Climate Change Preparedness and the Small Business Sector, small businesses lose an average of $3,000 per day after closing due to a major storm. With the regularity of these events in certain locations and resulting power outages, small leaks and other less severe issues creating costly downtime, BDR is a no-brainer.

5. Insider Threats

If a disgruntled employee were to intentionally encrypt, delete, steal or corrupt sensitive information, having that data backed up ensures that it can be recovered and restored. This isn’t to say that BDR can necessarily prevent such behaviour, but it helps to mitigate damage.

6. Cybercrime

Viruses, malware and cybercrime – especially ransomware – are an increasingly- dangerous threat today. The Ponemon Institute’s 2015 Cost of Cyber Crime Report claims that businesses saw an average of 160 successful cyber-attacks per week. BDR can help you save money when attacked.

8. Data Encryption

Data might be the most important aspect of your organization, but how well do you protect it throughout your network? Every organization has data like personally identifiable information and financial credentials stashed away somewhere on the network, so security isn’t something that you can ignore. One of the best ways you can safeguard your data is through the use of encryption.

Encryption is a solid way of keeping hackers from using data that they’ve stolen from you to their benefit. While other security solutions like firewalls and spam blockers try to limit the number of threats that make their way onto your network, encryption focuses on being a last-ditch effort to save your data from being used against you. Encryption jumbles your data, making it difficult--if not impossible--for hackers to use. Therefore, encryption works best when combined with other security measures.

Here are three of the ways in which encryption benefits any business prioritizing data security.

Encryption Maximizes Security
Encryption is a priority for a business that wants to keep security at the max. Taking risks is simply unacceptable, and encryption has a chance to make any attempts made by a hacker a moot point. Data encryption works by scrambling your data, only unlocking it when it’s exposed to a specific security key. Hackers prefer going after data that’s easy to access, so encrypted data is sure to be an asset for your organization.

Encryption Augments Compliance
While encryption isn’t officially required by compliance laws like HIPAA, it certainly protects your interests by having it. Compliance laws generally only need your organization to implement preventative solutions like firewalls and antiviruses, but encryption is still of the utmost importance. Encryption is mainly useful for making sure that any breaches don’t result in compromised data, as hackers likely won’t be able to decrypt your data anyway.

Encryption is, More or Less, Expected
It’s understandable that you want encryption for your own data, but if you are a service-type business that provides products to clients, they are going to expect that you’ll take good care of their data, as well. For example, if you use a service like PayPal or Amazon, you expect them to use encryption to keep your payment information safe and secure. You can safely assume that your own clients will want to believe their data is safe in your hands. If their information is stolen and it’s your fault, they won’t take kindly to it, and you will lose points with them in the long run.

If you are looking for a data recovery company and encryption specialist, look no further than Brandon - your trusted IT partner. 

9. Dark Data

Your business requires specific data to keep operations moving on a daily basis. However, for all of the data that you use, there’s information that you have stored away that never sees the light of day. This “dark data,” could be putting your business at risk, especially if auditing your current data storage usage isn’t a top priority. If you don’t keep track of your dark data, you could be facing much larger problems than unnecessary storage costs.

Defining Dark Data

Dark data is known as the data that a business stores, but doesn’t have any practical use for. As you might expect, dark data accrues naturally over time. It’s a normal part of doing business. Certain information loses its value, and despite this, it still gets stored away because it might present some value somewhere down the road. This data might be stored in hopes of it having a future use, but it’s likely that businesses aren’t handling it with the same caution required of your mission-critical data.

For example, consider the personal data of a former employee and how you would store this information. You might be required to store these records for a certain amount of time. By the time you need to get rid of this data, chances are you’ll forget it even exists. After all, what’s it really costing you to keep this data lying around?

This stance on dark data can be harmful and dangerous to your business. What if the data were to be stolen from your system, or mishandled and exposed to external threats? If you’re not protecting your business’s assets, you will be held responsible should anything unfortunate befall this data.

Why It’s A Problem

Even if it seems counterproductive to store so much data, you’d be surprised by how many organizations will keep dark data sitting around for far longer than it needs to be. You’re still paying to store this data, and you’re still responsible for ensuring its continued safety. This is why you should consider dark data a problem; either you’ve taken precautions, or you haven’t. Chances are that you’ll need to revisit how you approach dark data.

How To Approach Dark Data

If your business isn’t handling dark data properly, here are some possible solutions that can alleviate the common issues associated with it:

Implement Proper Security Measures

You always want to protect the data you store, even if it’s information that you rarely access (like dark data). This includes data that is stored on your in-house network and data which is stored off-site or in the cloud. Another way you can optimize security is by limiting who has access to your dark data, which can limit its exposure to potentially threatening situations.

Create Data Retention Policies

The reason that dark data is a problem is that businesses don’t have measures put into place to help them keep track of what they’re storing. By implementing a proper data retention policy, you can better understand the information you’re storing, and why. These policies should be designed to help your business save on storage costs and to eliminate possible security risks.

Brandon Global IT understands the problems that you might face when attempting to protect and store sensitive information. If you’re having trouble protecting and accessing dark data for any particular reason, our trusted technicians can help you keep your data away from prying eyes. Even if this information isn’t something you use every day, it should still be protected to the best of your ability.

10. 3 Ways To Prevent Thieves From Stealing Your Data

While it’s certainly a bummer to have your smartphone stolen, it’s even worse if the thief accesses your data. To help prevent this nightmare scenario, security professionals have developed some clever solutions.

1. Enter The Wrong Password And Have A “Theftie” Taken

Having smartphones equipped with front-facing cameras has led to the cultural phenomenon known as the selfie. For thieves that steal a smartphone and enter the wrong lock screen password, a device equipped with a “theftie” security app will take a less-than-flattering picture of the thief in action, and then upload the picture to the device’s cloud storage account or email inbox.

Depending on which theftie app you go with, some pictures will even include a map of where the picture was taken. Newer versions of iPhone come with the theftie security feature. If your smartphone doesn’t have this feature, then you can download it easily enough from any app store.

2. Use The Wrong Gestures And Get Locked Out

One security technique currently under development is the ability to identify unauthorized users by how they interact with the phone. Researchers at Ben-Gurion University of the Negev have successfully used the technique in trial runs to lock out unauthorized users in as little as 13.8 seconds (which isn’t enough time for a thief to access sensitive files).

The idea behind this clever security feature is that every user interacts with their own phone in a unique way. To determine if the user is authentic or not, the technique takes into consideration a variety of factors, such as the pressure, frequency, and speed of touch for the application used, how much electricity is used, and the previous 30 seconds of recent history. Seeing how a thief would be unfamiliar with the layout of a stolen phone, they would navigate the device in ways that are uncharacteristic of the phone’s owner and subsequently be locked out. On average, researchers have found that it takes 35 touches for the feature to lock out a thief.

3. Remotely Wipe Your Device’s Data

This last mobile security solution should only be turned to if you’re absolutely sure that your phone is stolen. When activated, this procedure will remotely wipe all of the personal data on the device, essentially leaving it with only the data that was on the device when it was brand new.

For mobile devices connected to your company, the best way to remotely wipe a missing device is through your mobile device manager. If you don’t have this solution, or if you don’t know how to use your MDM tool to remotely wipe your device, then reach out to IT security professionals for help. Also, depending on your phone’s service provider, you may be able to have your provider remotely wipe the stolen device by simply calling them and confirming your identity.

Considering how valuable your data is and how devastating it would be if it ended up in the wrong hands, it’s easy to see how being proactive about backing up your device’s data to the cloud will end up saving you a lot of trouble, should your device become lost or stolen.

11. Would a Power Outage Take Your Business Offline?

What would happen if you were in the middle of typing a report or performing some task, and the office suddenly lost power? Too many would find themselves staring blankly at an equally blank screen as their infrastructure suddenly ceased operations. However, there is a device that can help save you from the worst effects of sudden power loss.

Simply put, there should not be any device that is used for business purposes that is not connected to an Uninterrupted Power Supply (UPS) with a battery backup failsafe. In this case, any device really means any device--your servers should have this preventative measure put in place around them as well. Their purpose is two-fold.

First, a UPS is intended to protect your devices against the sudden surges and dips that an electrical system can experience for any number of reasons. These fluctuations in power can gradually damage a device, especially the more sensitive, high-end ones like servers or specialized desktops. Naturally, it only makes things worse if the device in question is to suddenly lose power completely--not to mention the fact that anything you had accomplished since you had last saved is almost certainly lost.

A UPS helps to prevent these issues in the event that your office ever has a surge or dip in its power supply, or totally loses power without warning.

The first task of a Uninterrupted Power Supply is fairly self-evident: it is intended to supply your devices with an uninterrupted source of power. To do so, the UPS will regulate how much power continues into the attached device, preventing the damaging effects of sudden power fluctuations. Its second function is to serve as a backup power source in the case that power is no longer being supplied from its usual source.

This energy reserve is what makes the UPS a company's saving grace in a sudden power loss incident. Rather than the entire business suddenly and unexpectedly shutting down, the UPS allows the most critical pieces of IT infrastructure to be shut down safely, and all progress up to that point saved.

A UPS can be used to keep any of your technologies up and running for a time after power has been lost, mostly so that you can prevent your solutions from suffering much damage. This is especially important to have protecting your servers, which usually need a little longer than other devices to shut down safely, without putting the data stored on them (which is all of it) at risk.

Sudden power loss is a potentially disaster-level event that can influence any business, regardless of where they are. As such, you need to be sure that you have the means in place to mitigate the damage before your office goes dark. Remember, you will need to be sure that you have the right UPS devices to protect and provide for the different components of your infrastructure. A desktop with multiple monitors will have different requirements than a server will, so you need to be sure that you have what you will need to properly power down your business before you risk losing important data.

12. Veeam Pro Partner

As a Veeam Pro Partner you can trust that Brandon Global IT have you covered when it comes to data backup and data recovery.