The business costs associated with network downtime and data loss make secure backup and recovery an economic necessity. At some point, every company is going to be faced with some type of data loss and those that are prepared have a much better chance of overcoming the loss with minimal damage. Upwards of 60% to 70% of companies begin disaster recovery plans, but don't finish because the plans seem too complex, overwhelming, or get put on the back burner. However, this is something that cannot be overlooked. Specific procedures for creating backups and a plan of action for recovery are essential to any modern business in order to secure storage.
Backups and verification
Some companies may create backups that result in "false backups," in which they think their data is secure, only to find in an emergency that the backups failed. This is especially true with tape backups, as tapes can be more easily corrupted, damaged, worn out, or employees can forget to change the tapes. In either case, it is too late and data is already lost, which can often take weeks, or even months, to be restored, if ever. It is extremely important for companies to create policies and procedures for creating regular backups and for testing their recovery environments. It is suggested that these recovery events be conducted at least once a quarter to make sure backups are running correctly and as planned.
Using preventative measures
Preventative measures help ensure that systems are safeguarded as much as possible. This includes the use of antivirus software, firewalls, and intrusion-detection software. Intrusion detection is important because it is much like an alarm system that will further protect vulnerable data from both internal and external threats. It monitors critical files for tampering and checks network traffic for "attack signatures." If it detects an anomaly, an alarm notifies the administrator for further investigation or action.
With intrusion detection, if an attack should occur, companies will have early warning and can quarantine the threat and their current backup data before damage can be done to critical systems resulting in data loss or corruption. It is also important to consider using products from the same vendor for a comprehensive solution that is easily managed.
Essential steps for a successful recovery plan
A fast recovery plan is essential in the event of data loss or systems interruption. The first step is the assessment of your environment, which includes:
- What network resources are most important?
- What is the value of those resources, monetary or otherwise?
- What possible threats do these resources face?
- hat is the likelihood of those threats being realized?
- What would be the impact of those threats on the business, employees, or customers if those threats were realized?
- Which resources do you need to bring online first?
- What is the amount of time each one of these resources can be down?
- Set an allowable downtime for each resource.
- Set a decontamination process for viruses, worms, etc.
Sensitive data can vary from organization to organization, but there are a few key types of information that every business should plan to protect, such as data related to strategic plans, business operations, and financial data. Damage to this information can result in decreased sales, reduced competitive advantage, and decreased profits for the victimized company.
Backup, retention and recovery policies also need to comply with industry standards and government regulations. Industry guides, such as the International Standards Organization (ISO) 17799, and government regulations, such as the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and the Sarbanes-Oxley Act, help provide a framework for improved corporate governance and controls. Accurately written and enforced, information security policies enable organizations to not only demonstrate their adherence to these critical regulations and standards, but also to articulate their own.
In today's unpredictable and often unstable world, companies cannot sit back and wonder if something will happen, but rather must prepare for when something does happen. While an easily put off task, creating and implementing effective security policies ensure that companies are protected as much as possible before an attack. It is equally important to integrate these security policies with regular and effective backups to have a recovery plan in place for when disaster strikes. This can be an overwhelming process, but without it, recovering from a disaster is nearly impossible. The guidelines mentioned above can serve as a solid foundation.
About the author:
Allen Rocek is Director, Professional & Education Services, at Symantec Enterprise Administration.