4 Good Reasons You Must Backup Your Data
Data loss can leave an enterprise empty-handed, but also have them staring at potential hefty fines and a serious loss of goodwill. The cybersecurity landscape in 2018 was rife with incidents that ranged from ransomware attacks to data breaches. Several of these affected what many considered trusted organizations and resulted in focused scrutiny on the level of data privacy they afforded. 2019 hasn’t been very different from major market players continuing to make headlines and light up the regulatory radar like it were Christmas!
One of the best defenses against cyber-attacks like ransomware is to have a secure backup of all your data. While accidental data loss in itself is a great motivator to start backing up, there are also other factors that make backups a no-brainer. While we can go on about the many different reasons to consider a strong backup strategy, we’ll give you the four most common and important reasons that would make you jump on the backup bandwagon. In our experience, besides accidental data loss (i.e. spilling coffee, disks gone bad, lost laptops, etc.) we’ve seen most businesses list one or more of the following reasons as the rationale for why they care so much about their backups. Let’s take a closer look at each of them…
- Regulatory Compliance:
Many businesses function in highly regulated verticals like banking, financial services or healthcare. Even companies outside these verticals if doing business internationally need to stay compliant with regulations like Sarbanes-Oxley (SOX). The accountability that these regulations impose, drives businesses to put together processes in place to preserve and secure their data assets.
GDPR, the sweeping new data privacy regulation brought into effect last year by the EU is now in force and applies to all companies collecting and processing personal data of EU subjects. The GDPR requires data breaches to be reported within 72 hours of discovery. Google and Facebook were hit with lawsuits to the tune of $8.8B the very day GDPR came into effect, and since then Honda, Flybe and a host of others have already been impacted. GDPR is a regulation with considerable teeth, and failure to comply has already led many organizations to cough up huge sums in penalties.
Since the time GDPR came into effect, a wide-spread awareness around privacy has led many countries across the world to draft laws with the principles underlying GDPR as the basis
Having backups of data is one of the most essential steps to gain compliance and GDPR expects that businesses should have “A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of data processing”.
Ransomware is a form of malware that has existed for well over a decade but has taken on a visibly destructive form over the last couple of years. It operates by encrypting ﬁles on the infected computer and then demanding a bitcoin ransom in return for the decryption key.
On average, ransomware costs companies $75 billion each year worldwide and the frequency of attacks is increasing. The malware underground sells RaaS (Ransomware as a Service) software to enable malware authors to easily create ransomware variants and turn them loose on unsuspecting businesses. In just the last month, two Florida cities were attacked – Riviera Beach paid $600,000 in ransom and Lake City almost $500,000 to get their data back. Loss of data via ransomware can also disqualify a business from compliance causing other regulatory fines to mount. Is it now commonly acknowledged that the best defense against ransomware is to have a secure backup – so the business cannot be held hostage by the attacker. Best practices dictate that you place your backed-up data in a geographically separated location (possibly a cloud destination) and ensure it is securely authenticated – preventing ransomware from spreading to it.
- Insider Threats
One more driver for backup is insider threats. This could be a malicious employee trying to get back at their employer, or a disgruntled worker trying to cause damage before they leave the organization. A common occurrence is a deliberate deletion of valuable data from company assets before the assets are returned.
Automatically scheduled backups that work silently and reliably are the best way to protect against such an eventuality, and we’ve spoken with several customers who implement backup strategies for this reason alone.
- Disk encryption
One more interesting driver for backups is using full disk encryption tools. Many enterprises fear that the encryption software may deny data access to the enterprise or a knowledge worker should they forget their decryption password or simply if the encryption software should malfunction.
This could result in a serious and irreparable loss of valuable data. Having a redundant copy of the latest data in a secure location is a good hedge against this kind of occurrence.
Are there other interesting reasons that you see businesses implement backup? We’d love to know. Please write to us at email@example.com.
A free webinar that focuses on demystifying common misconceptions around SaaS and data protection.