It’s not all hackers and thieves out there — human errors, natural disasters, and hardware failure are all potential sources of data loss. Here are some things to think about when planning your company’s data backup strategy.
Data security is an issue that all organizations must take seriously. But data security is not just about protecting data from hackers and thieves. It is also about protecting against human error, inevitable hardware failures, and natural disasters that will, at some point, lead to data loss. Keeping comprehensive and secure backups is the only way to prevent those types of mistake and disasters from causing catastrophic damage to your business. This is why it is so important to make your backup strategy part of your overall security strategy.
For backups, there should ideally be three copies of all data at minimum, unless the business can get by without the data. Moreover, if the backups reside on the same system or are housed in the same building, then that doesn’t really count as a backup.
Backups as security
For backups, encryption should be used everywhere possible. Encryption is necessary for protecting backups of sensitive data. Just as it is important to keep data stored and transmitted on the mainframe encrypted, so too should backups be encrypted. Encrypting backups of customer’s credit card data is required for companies that need to stay PCI compliant. Not only is it a best practice, it is also a necessary step to follow the laws surrounding data security — making data encryption software for your backups a vital part of your strategy.
Speed up backups
Backups are about more than just storing extra copies of customer or business data. They are also about making sure that data is recoverable quickly. Backups are what make it possible to recover from data loss due to an employee making an error that deletes or overwrites important data, from hardware failures, or from natural disasters that take out or disrupt production servers.
Some companies don’t have a good backup strategy in place. One of the biggest reasons cited for not keeping offsite backups is the cost of storage and bandwidth. Compressing backups can help with this. Compressed backups can transfer to offsite backup facilities faster and use less bandwidth than uncompressed versions of the same data. Compression saves on the cost of backing up data and systems. Therefore, a good backup strategy requires good compression software.
Securing backups
Data backed up on portable devices like tape drives can contain many gigabits or even terabytes of data. The data on these devices should be encrypted, and the hardware itself should be well protected: kept in locked rooms and only made accessible to individuals who need to use it. To keep backups secure, organizations also ought to keep strict control over who has access to the decryption keys. Data theft from those inside the company also poses a threat to the security of backed up data.
It is also so important to keep secure backups of the encryption keys that unlock archived and current production data. Encryption is wonderful for keeping hackers from being able to steal and use data, but you want to make sure that authorized people are still able to see their data. One of the most important servers to back up is the one that hosts the encryption keys. Verifying that data is secured will provide much peace of mind. Good backups are like keeping a hidden key in the wheel well of your car. Even if your main key gets lost or broken, you can still start the car and get where you need to go. For backups, this means you will still be able to access critical data even when the original encryption keys are lost or become inaccessible.
Testing backups
All the backups, and backups of backups, and multiple copies of backups in the world are useless if they cannot effectively be restored. Authorized members staff member should be able to access keys to rebuild databases from encrypted backups in case of a disaster. And they should periodically test their ability to do so. Finding out after a hardware failure or accidental deletion of production data that backups are corrupted and cannot be restored would be a catastrophic disaster for a business. Better to discover faulty backups before they are needed.
Backing up data needs to be a central part of the security strategy for any business operating a mainframe. Contact us to learn more about implementing a comprehensive data security strategy, or browse our complete line of data security and compression software for business.
