Five sure-fire strategies for curbing data disaster

By Marina Brook, Head of Sales Asia-Pacific, StorageCraft

Disaster recovery planning is something organisations don't fully appreciate until disaster actually strikes. Any organisation that underestimates the importance of preparation may find it has some mighty big holes in its data protection strategy when disaster finally hits.

By then, it may be too late. Look no further than the MyBizHomePage fiasco for proof.

Once upon a time valued at $100 million, MyBizHomePage was a promising internet start-up that offered a platform designed to help small businesses manage their financial data online. Internal turmoil prompted a rather dramatic twist of fate.

The company suffered a massive data security breach, a targeted attack orchestrated by former executives. Backups containing critical data were destroyed in the breach, creating monumental challenges on the recovery end. Despite attempts at a rebound,  MyBizHomePage was left with no choice but to file bankruptcy and close its doors for good.

Be it a natural disaster or man-made mishap, it shouldn't take a close call to realise that one catastrophe could turn a business's whole world upside down. Here are five proven tactics to help safeguard data through fire, flood or cyber attack.

1. Expect the unexpected

Data protection is as much about protecting information from the unknown as it is about shielding against anticipated threats. Even if the mix of encryption, antivirus software and physical security does its job of keeping the bad guys out, it becomes less effective as the disaster landscape expands.

We need to back up important data and have a reliable means of restoring it if stuff hits the fan. Disaster recovery should be the focal point of any data protection strategy. It's the key to ensuring business continuity in the face of security threats, hardware failure, natural catastrophes and human error.

2. Know what's important

IT took the time to back it up, so of course they want to protect company data from harm. With that said, protecting every single file can become cost prohibitive when figuring the cost of data storage and storage management into the equation. The costs are why it pays to take a more selective approach to data protection.
An example would be organising data assets by the mission-critical data required to operate on a day-to-day basis-followed by the data that staff might be able to live without for a couple of days, and so forth. Through priority, it is possible to streamline both the recovery and retention aspects of a data protection plan.

3. Realistic retention

Some firms may still be sitting data collected some 10, maybe even 15 years ago. Does it hold the same value it did way back then? Mandated regulations are a obviously a big factor, but the relevance of data changes over time, and knowing how to manage its life cycle is crucial.

As the process moves along, management will decide what gets backed up immediately and what requires longer-term storage, and determine where exactly to stash it all. Identifying the data that needs to be actively managed can help IT to spend wisely in the storage department as well as enable the best possible security measures.

4. Designate a safe haven

Where an organisation's data is stored  is just as important as what is kept and how long management decides to keep it around.  Having a secondary site to recover from and shift operations to is highly recommended, but if the offsite facility is situated a few miles down the road, it can be just as vulnerable as the primary data centre. In order to maximise data protection, a backup site should be located beyond the reach of natural disasters that could affect the main facility, yet it should provide easy access to execute recovery operations.

5. Keep testing!

The only thing more frustrating than enduring a disaster is a failed attempt at recovery. Testing is the final piece of the data protection puzzle. Through a combination of simulated attacks and recovery drills, IT will make sure that data is truly protected and can be recovered after a ransomware infection, system failure or natural disaster.

Commit to extensively testing the DR plan at least twice a year to uncover any weaknesses or problems that may arise when it really needs to be executed. Better find flaws during a test-because when disaster strikes, there will be to no room for error.

Join the newsletter!

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data securitydata privacydata breachstoragecraftcyber security

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Marina Brook

Latest Videos

More videos

Blog Posts