The protection of a business’s most valuable asset – information as data, should rank high on every organisation’s priority list.
Big corporations have their data security properly in order. They have high-spec SANs with fast disk arrays, have multi-tier backup and disaster recovery systems in place - and the smartest are using the cloud as an additional layer of security.
However, many small to mid-sized businesses and similar organisations aren’t so wealthy or so well prepared and limited funding and staffing can pose challenges for IT managers who want to provide comprehensive and fail-proof services to their users. Few organisations are aware of the rapid growth of data storage and far too many lack proper policies, systems or employees with enough understanding, experience and time to do the job properly. Their people struggle with out-of-date, inadequate or unsuitable equipment and can’t be certain their solutions will work when it becomes necessary to restore the data. Consequently the business is at risk.
What are the obstacles to effective data security? • Lack of awareness and understanding in the business of the importance of data security
• Users demanding high levels of availability restricting the time window for copying data • Businesses going for long intervals between taking data copies • Identification and retrieval of archived data • Reliance on only one type of media resulting in a problem if it fails
It’s smaller organisations that are most susceptible to data loss either through being inadequately protected against malicious viruses and ransomware, security breaches or just plain user error. A catastrophic data problem can put them out of business faster than any other issue. In the case of data loss most will revert to a backup copy only to find they cannot recover the data.
Why would this be the case? • Age and deterioration of media • Obsolete equipment and methods • Lack of testing and verification of data security and recovery process • Undetected data copy failures
When a data restore is necessary, your users will not be patient as they will want you to recover high-priority data quickly to ensure critical operations are up and running quickly. This is especially true for Exchange and the core business applications. Even when a copy seems to complete properly, it may well have failed. According to industry surveys in the average data centre backups only succeed around 85% of the time. In the average remote office it drops to 75%. Unfortunately, many failures aren’t discovered until the data needs to be restored.
Data Storage Policies Many organisations allow their users to store data on their local PC hard drives. This data is then highly vulnerable to data-loss as it is excluded from any backup process operating solely on the business server. Businesses need to implement and police strict data storage policies whereby all business data is located on server drives and so can be secured.
3-2-1 Backup Strategy The 3-2-1 strategy is a long proven IT practice: • Have at least 3 copies of your data at all times. • Make sure these copies are stored on at least 2 different types of media. • Keep at least 1 copy offsite – the “Air Gap” essential for protection against Ransomware. It works because the likelihood of three separate sets of data stored on multiple media in differing locations being damaged simultaneously is extraordinarily low.
Today’s requirement for data security There’s a clear need for an efficient, easy to use data security and backup solution that satisfies enterprises and small businesses alike, one that takes advantage of the current available technology without imposing a heavy cost burden.
The Solution is in the Cloud As business continuity experts, at MIS Hosting we believe the right way to secure your data is disk-to-disk-to-cloud (D2D2C). For this, you copy your primary data to an independent set of disk drives either in a second server or a relatively inexpensive Network Attached Storage (NAS) device. From there, a second process copies the data into the Cloud and so achieving the 3-2-1 data security strategy.
At MIS Hosting, we use sophisticated software which compresses the data and where appropriate, will only copy data that has changed. This means the copy process is both fast and secure. MIS Hosting take the solution one stage further as once we have replicated your data in our Private Cloud, we then take a copy which is sent offsite – so achieving a Ransomware-proof copy isolated by an “Air Gap” and effectively giving you 4 copies of the data.
A major advantage of this approach is you don’t have to buy and manage the actual infrastructure outside of your own premises as that’s done for you by MIS Hosting as the Managed Service provider (MSP).
Retention Policies All organisations need to consider how many copies of their data to keep and for how long. The old “Grandfather-Father-Son” strategy is no longer adequate for today’s needs. You should consider a minimum of 14 days, or better a 30 day or 90 day retention cycle and perhaps archive copies at month-end dates. Naturally this requires a good deal of storage space but this need not be in the on-premises server but on inexpensive Cloud storage. Most MSPs will charge you for each gigabyte or terabyte stored so you will be able to balance retention policy against the cost.
Restoring Data The majority of the time requests for the restoration of data will be for the most recent version and this can be simply retrieved from the local NAS drive which will have that most recent copy of the data readily available. If this data has been compromised or there is a need for an older version then the MSP will be able to provide this from the archive.
Conclusion Historically the problem with providing a comprehensive data security service within a business is that there are too many constituent parts which need to be purchased, configured, integrated, managed and upgraded. Since data security doesn’t generate revenue like an e-commerce site or customer relationship management solution, making a business case for it has long been a challenge.
However in today’s commercial environment with multiple risks to data and the business, comprehensive, secure, reliable data security strategy is now business-critical. Developing the most appropriate strategy and policy in partnership with an experienced supplier is an absolute priority.
About MIS Hosting
We provide Private Cloud facilities at a world-class data centre or Public Cloud with Microsoft Azure. For further information on how MIS Hosting might work for your business, please contact us and we would be happy to discuss your needs. Phone 0845 330 4026 or Email: firstname.lastname@example.org