What’s your backup plan?
This was recently brought home by the following story:
A disgruntled ex-employee, months later, gained access to her previous employer’s Dropbox files and deleted them all, permanently.
She was caught, arrested, and sentenced.
Unfortunately, it didn’t change the fact that her previous employer had to close up shop and is no longer in business. And many consider her sentence, 18-months community service with 80-hours of unpaid work, inadequate for the damage she caused. Many people lost their job, and a promising, budding small business is no more. And a backup could have prevented it.
What’s your backup plan?
Many people and small businesses are under the mistaken impression that a cloud service, especially one that stores their documents, is their “backup”.
It isn’t!
And even if the cloud provider claims they can be trusted to be your backup, you can’t completely trust them.
They can be the most well-meaning organisation, and you can have a strong service level agreement that promises that they are your trusted backup vendor, and you can still be at risk of losing everything.
Here are five reasons why your backup is in danger
Cloud provider ceasing to exist. Yes, cloud providers go out of business, and some get cyber compromised. For example, a large Australian cloud provider, Distribute.IT went out of business when their network got hacked, and their backups were deleted. It was so devastating that it destroyed their business and placed over 3,000 other companies at jeopardy. I should know I was one of the small businesses at that time.
Ransomware. Today, ransomware gangs break into organisations and do everything they can to disable or corrupt backups before going on to steal and encrypt the victim’s most important data.
Normal service interruptions. As a concept, there’s a lot to like about the cloud. Drop those bulky servers and get yourself a big, white hard drive in the sky. Someone else handles the upkeep and lets you put your data where you want it. The cloud has been sold as this magical thing that just works and is totally reliable. However, we have seen some of the major cloud providers fall flat with outages.
Microsoft Azure (3rd of March, 2020) – 6 hours
Microsoft Azure (24th of March) – 2 days
Google Cloud Platform (8th of April) – 1.5 hours
IBM Cloud (9th of June)
Microsoft Office 365 outage (29th of September) – 6 hours
You don’t know where your data is. Modern businesses must be agile, flexible and innovative. But that doesn’t mean that your valuable information is scattered around. There is a simple saying – “if you don’t know where your data is, then how can you properly place the right measures to protect it?”
Government or legal enforcement. Because of the regional variations in data privacy and the legal burdens on law enforcement and intelligence organisations in accessing data, businesses and their users could have an unpleasant surprise if data isn’t where it’s supposed to be. Indeed, some nations are implementing laws that insist that organisations housed their data within its borders to ensure that it doesn’t fall under the jurisdiction (and snooping) of competitor nations.
What’s your backup plan?
If you want to ensure your business viability and resiliency of your data, follow the 3-2-1 rule.
That is three backup copies. Two of which are on different media and one if offsite.
Importantly, test your backup. You don’t want to get in the situation that when your business has been cyber compromised, and you want to restore your data and realise that the backup never worked.
This advice applies to any data, but make sure if you use a cloud storage provider like Microsoft OneDrive, Dropbox, iTunes, etc., that you have the data regularly backed up to another location. There are a lot of people who wish they did.