We hear all sorts of horror stories of data backups going wrong, or not happening at all. In either case, this can cause major operational and reputational headaches for businesses of all kinds, large and small.
In this article we share our ten top tips for ensuring your backups match your business needs and preferences, are fit for purpose, comply with regulations and work efficiently. Even if you think you’re all good when it comes to protecting data and being prepared if things go wrong, it’s a comprehensive checklist that will either put your mind at rest or encourage you to shore up your defences!
1. Know who is responsible for the backup
Depending on the size and nature of your business, and the types of backup you employ to safeguard your data, this could be just one or several people. It could be the employee who swaps USB drives daily (and knows where the other one is at all times), to the in-house team that looks after your physical and cloud-based backups, to the outsourced experts that advise on, implement and manage the security of your data. Whichever, they need to be ‘on it’, and on-hand at a moment’s notice to deal with any issues.
2. Have a data backup policy and process
Again, regardless of size, your business should have a data backup policy and process. Anyone whose information you hold can ask about (or ask to see) your data backup policy, and might not be too impressed if you don’t have one – for example, as part of an audit. It is also becoming increasingly common for insurance providers to ask for proof an offsite backup is in place for cyber insurance to be valid.
You should also have a clearly defined process for how that back up happens, how backed up data can be accessed, and how to restore business-critical data from servers or the cloud if any hardware or software fails.
3. Have space for contingency
It’s surprisingly common for businesses to be dangerously near capacity with their hardware backup space, especially if they are using disk to disk or tape backup. Check regularly, or set up alerts to make sure you’ve the space to cope with periods when you might create more data, and as your business diversifies and grows. Or consider a data-retention policy that automatically deletes certain types of data after a set period.
If you choose a cloud backup provider, ensure they can scale and grow as your data does.
4. Check backup software for updates… regularly
The last thing you want is to have an all-singing, all-dancing backup system in place, only for it not to perform as expected because you haven’t installed the updates. Updates are crucial here, as some can even include the latest protection from viruses, malware, and other threats that could compromise your data.
5. Have a Disaster Recovery Plan
Every business should have a Disaster Recovery Plan – a documented set of procedures for restoring all business-critical systems as well as the data they create, process and store. Disaster Recovery entails a full replication of the systems and software your business relies on to function normally, and therefore goes beyond backup. After all, restored data isn’t much use without software.
Top tip: ensure that the disaster recovery plan is documented, printed out and kept out of the office!
6. Educate staff on the importance of backups and data security
Pretty much anyone that uses online IT creates and/or manages data in some shape or form. So it makes sense that everyone in your business should be aware of how crucial data security and backup is to business continuity. Simple, informed changes in behaviour can protect against potentially damaging data loss. A common example of this is a user unwittingly opening an infected email attachment, releasing ransomware onto a network.
7. Optimise the regularity of data backups
By this we mean set up backup intervals that best suit the data your business creates, uses and takes responsibility for. For example, if your business continuously creates, processes or updates data, consider a higher frequency of backups to protect continuity should anything go amiss. This should all be part of a comprehensive data backup plan, which should evolve alongside any changes to your business.
8. Test the data in your backup
Another shockingly common faux pas is to simply assume that backed up data is ‘good’. Are your external drives or off-site servers taking good care of your business-critical data? Is the cloud fully secure? When was the last time you checked these things with a dummy restore? You could be depending on a setup that’s not fit for purpose. A backup is only a backup if you can restore from it successfully.
9. Know what data is part of the backup
With GDPR now in full swing, and eyes increasingly on data use and security, even the more basic data backup plan needs to specify what kind of data is being backed up, where, and how securely. Check which data regulations apply to the data you create, how you back it up and how to remove data if required.
10. Have a data retention policy
This is your ‘protocol’ for retaining customer data that’s crucial to how you provide a product or service to them, and as such, it must comply with strict regulations. For UK and EU businesses, a data retention policy is a key part of GDPR compliance. The kind of data you hold – and how long for – depends on the kind of business you run, and the data it relies on to function normally.
So there we have it – ten top tips for effective data backup planning, to help you ensure your data, your business and your reputation remain intact.
Backup Vault provides fully automated, hassle-free, UK-based backup services to organisations all over the world – from small business to global brands, to public-sector clients and large corporate enterprises.