AJ Piscitelli, PMP
Project Manager | ERP Solutions Provider | Cloud Architect
Yep, we’re talking about backups. Though you should back up a bit. We’re supposed to be practicing social distancing!
In case you weren’t aware, today is World Backup Day. This day serves as a good reminder to check up on our backup strategy. Also, due to the social distancing requirements to slow down the spread of COVID-19, a lot of businesses are currently closed. You may be working from home, managing your IT infrastructure remotely. Now that the load on your internal network is lower and you aren’t dealing with as many day-to-day issues from your users, it’s a perfect time to regroup on your backup strategy. Below are five questions you should ask yourself to get started.
Are you backing up everything you need?
In a previous blog entry (https://www.linkedin.com/pulse/today-january-28th-data-privacy-day-aj-piscitelli-pmp/), we talked about what sensitive data is currently stored on your network. If it’s sensitive, it probably should be in your backup routines. It’s also a good time to check other areas too. Maybe you added a new virtual machine a few months ago but didn’t think to add it to the backup routine. Perhaps you’ve moved some stuff to the cloud but haven’t set up snapshot routines yet. Some employees may have been saving documentation to their local computer instead of the server, which may not be part of the backup plan.
All in all, it’s a good time to take stock of your inventory of data and make sure the important stuff is in the backup plan
Are your backups offsite?
If the factory catches on fire, and there’s no one around to see it, how secure are your backups when the server room is ablaze? Admittedly, this in of itself is a rare scenario, but we’ve seen other natural disasters that can cause major issues with your equipment. In Ohio and Pennsylvania, we’ve had some substantial rainfall the past few days that has led to localized flooding. Across the Plains and the Midwest, we’ve seen a fair number of tornadoes. I bet your servers aren’t too fond of water, whether it be from a flood or from rain after the roof gets torn off.
The key thing here is, your backups need to be offsite. This can be in the cloud or to another factory location. I don’t recommend using your (or someone else’s house) as an offsite location, because the process of moving the backups from the office to home is prone to human error.
How far back do you keep backups?
This is especially important during this shutdown period. If you only keep backups from the past two weeks, what happens if you get hit with ransomware on your network during the first week of a month-long shutdown? You may not realize your database server has been encrypted and all of the clean backups have been deleted. Keeping older backups around can be really helpful for those instances when you have to go back a bit further than yesterday. Make sure you keep some older copies for those special circumstances.
Are you checking your backups?
Have you ever tried to restore from your backups? If not, how do you know if they are good backups? If so, how long has it been? Things may have changed since you last tried to restore, and your backups may not be as good as they once were. It’s better to find out whether your backups are good or not before you need them.
Who or what has access to your backups?
A common problem I have seen over the years is the exposure of the backups themselves. Far too often, the backup file location is accessible to many, if not all, users on the network. This can lead to two dangerous scenarios:
- Backups are easily encrypted by ransomware, right when they are needed most
- Employees could destroy and/or steal the backups, leading to an exposure of sensitive data
It’s important to restrict access to your backups to only a few individuals. At FeneTech, our cloud backups are only accessible to three vetted employees. In order to access those backups, those employees must have a password and their phone (MFA) to log in. As those backups are not accessible via standard file share protocols (like SMB), the risk of an encryption ransomware attack is incredibly unlikely.
The above questions should get you started looking into your current backup routines. If you’re currently slow because of COVID-19, it’s the perfect time to start. There’s obviously a lot more to backups than what I’ve mentioned above. I’m interested to hear from you on what areas you’d like me to discuss regarding backups. Leave a comment below, so that I know what areas I should cover next.