Data recovery – what’s your plan?

Data is the lifeblood flowing through the arteries of any organisation. Imagine trying to deliver your online learning without access to course content. Without data, your operations will quickly fall over. While data loss is regrettable, data recovery and data recovery planning is the key to maintaining business continuity. 

This blog series looks at data loss , data recovery and everything in between.  In this first post, we explore incidents that can affect your data, how important backups are and the five considerations to help determine your backup plan.

 

Data loss causes

Information assets are valuable and fragile.  In a digital context there are many external and internal factors that can adversely impact their availability, confidentiality and integrity. Forward planning  to determine how to handle incidents that degrade these attributes is an imperative, as timely recovery can be the difference between a minor disruption and a catastrophe. 

The problem that all organisations face is that there’s many categories of threats that can affect your data. To make matters worse, it’s not always possible to predict which ones are more important than others. Here’s some of the potential incidents that can compromise your data: 

• Systems problems, such as disc failures and network malfunctions
• Damage caused by water, fire, dust build up and power fluctuations
• Information theft, such as a stolen laptop, smartphone, USB drive, or printed document
• Accidental deletion, which may be an individual’s data or large team datasets
• Cyber attacks where cyber criminals destroy data during a breach
• Viruses and malware render data inaccessible, such as after a ransomware attack
• Natural disasters such as storms and fires can lead to catastrophic data loss

For these reasons, it pays dividends to spend the time on data recovery planning: how you recover from data loss incidents, with a broad solution that caters for smaller scale events, such as loss of individual files, as well as major events such as the catastrophic failures caused by natural disasters.

Best practice for data backups and recovery 

Everyone that uses a computer system or smartphone is familiar with the concept of backups. Uploading your photographs to cloud storage, for example, is a form of backup that mitigates the risks of loss or destruction of your smartphone device. If the worst happens and you replace the device, your photographs are automatically synchronised with the new system and you precious memories are intact.

When we bring our business solutions for backup and recovery into focus, the process is not quite as simple as recovering your personal photos. 

Essential Eight 

The ability to perform regular backups and recover your data is one of the Australian Government’s most advocated security controls. 

The Australian Cyber Security Centre’s Essential Eight, for example, encourages all organisations to adopt these eight prioritised mitigation strategies that protect against a significant proportion of targeted cyber attacks. 

Recover data and system availability

To achieve the Essential Eight’s highest level of Backups Implementation maturity, your organisation must be fully backing up all important company data, software and configuration settings for your critical systems.  You also need to be retaining that data in a coordinated and resilient manner. 

To provide the assurance that your data is recoverable, you should schedule regular testing of the recovery process.  This ensures that the overall solution remains dependable  and ‘ready’ in the event of a disaster. 

Organisations that take their data recovery seriously, will usually have a digital preservation policy.  This is included in a broader business continuity plan, where they provide ongoing assurance that they can maintain long-term integrity and availability of all critical business data. 

Backup planning – 5 key considerations

It’s best to start your backup planning by defining the requirements for your data preservation.  This involves determining the criticality of specific categories of data and assigning a value to it based on the consequences of losing access to it. 

Identify and prioritise critical data

Once you understand which data is critical and which data you can continue to work without, you can start  to determine processes to protect it. In some cases, you’ll need offsite data backups, so in the event that your office building is rendered uninhabitable by flood, fire or even through the pandemic, you still have access to your backup. 

Decide where to store your backup

The process for removal of data from your organisation’s premises will likely be implemented using technology, such as uploading the data to your cloud storage provider.  For those of you with smaller operations, it may be as simple as taking a backup offsite yourself at the end of each day and storing it in a fireproof safe in your home. This is why the process comes first, as you need to plan the outcome then look for the best way to achieve it, rather than jumping straight to a solution.

Calculate how much data can you afford to lose

Once you know what is critical, you can determine how often you need to back data up. If you can afford to lose a week’s worth of data, then running a full back up once a week is fine. However, if the data is so critical you need every change to be recoverable, then you will need to commit every change to your backup solution too.

How quickly do you need to access your backup? 

Some of your solutions may be slow to fully recover, while others will be fast. The speed of recovery can often directly relate to the cost of the solution.  You may decide that if you can get all your data back, the speed is not so important. 

Data retention period

How far back do you need to go to recover your data? For some, being able to recover the last full backup will be good enough, for others it may be a case of being able to recover files or datasets from 12 months ago, or even a few years prior e.g. law firms and organisations with regulatory compliance requirements may need to recover data from up to seven years ago, or more.  

How you choose to store your data has cost implications. It’s a balance of cost , usability and long-term compatibility with modern technology solutions as they evolve.

Mitigating cyber attacks

Cyber attacks can cause serious problems for your business, especially where data is either stolen or held to ransom. Business continuity can be almost impossible, you only need to look at examples such as the Toll Group ransomware attacks to see how this can play out. 

The danger of ransomware attacks

Ransomware is particularly concerning, as attackers can wait for a long time before they notify you of their position.  In some cases, this means an organisation’s backup solutions end up overwriting good backups with tarnished data, making recovery impossible. When this happens, the attacker has the upper hand. 

In the scenario where you store many weeks’ worth of backups, you may have a better chance of recovering your data. However this comes at a financial cost, as you will pay more for your storage space. 

Education sector ransomware attacks

Ransomware attacks can happen to any organisation.  While Health Service Providers and Financial Institutions are two of the top industries reported to be impacted by data breaches, the Education sector has not been left unscathed. Ransomware attacks on the NSW Department of Education  and the REvil ransomware attack on Kaseya that hit schools in New Zealand have given us real insights into the disruption that can be caused. 

Review your data recovery plan

Backups are one of the most useful and effective cyber security controls in data recovery – ask any system administrator. Regardless of what tools you are using (here are some recommendations from the Open Source Community), planning your solution and ensuring you undertake regular testing to make sure it works is key to maintaining your cyber resilience.