How businesses must adopt greater strategic back-up flexibility
The fast-changing regulatory and political landscape, not to mention the rising sophistication of cyber criminals, puts massive pressure on corporate data governance.
The forthcoming General Data Protection Regulation (GDPR) will see more stringent rules around the handling of data in the European Union, even for UK business trading in Europe after Brexit – which will put strain on every aspect of international trade and business practice.
Enterprises must be completely informed regarding data management if they are not to be caught out during the next months and years. Indeed, if they cannot properly order their data, in live and back-up systems, they face uncertain futures.
Much of the advice on how to back-up business data is familiar: back-up your data, make sure it’s off-site, and always test your ability to recover it. The problem is that telling a business to back-up it’s data is as obvious as saying water is essential to life. The question is not about backing-up anymore, but about what should be backed-up, how & why. In fact, the concept of backing up data needs a re-think. IT need to think more in terms of archiving legacy information, more than just how to get their data back in case of an outage.
Especially now, with the shifting geopolitical landscape, companies need to look again at back-up, to ensure their processes are responsive, as well as secure. As part of this, they should consider tape archiving as an essential means to reduce the cost of back-up, improve availability and assure their data is secure. Here are five reasons tape archiving can bring your business newfound agility.
- COST – COMBINE TAPE ARCHIVES AND ONLINE BACK-UPS
The cloud is elastic. It’s like your waistband at Christmas – it will take whatever you can cram in. But it comes at a cost. In the cloud, that’s a financial cost – just like the cost of your water and electricity, you pay for what you use.
Unlike paper files, which can be seen and touched, digital storage is intangible. And yet it has weight. Without really comprehending it, we are drowning in data – cramming in more and more in case we may one day need it and paying for our inability to organise it.
The biggest problem IT departments face with cloud storage is run-away spend. On top of usage fees, even the cheaper cloud platforms have exit charges, which penalise you for pulling data out. So, if you want data back at short notice, it could be expensive and you may well incur penalty charges.
By archiving data, instead of backing it up, we can release it from the online storage process, and reduce costs. By putting it on tape, an old technology that has found its feet again for data archiving, we can slash costs further as it is cost-effective and can be stored securely.
- AVAILABILITY – ADOPT TAPE ARCHIVES FOR RAPID RE-STORES AND PORTABILITY
Those things you can’t live without – which either generate or collect money – should be protected continuously. If your systems are knocked out, then that service and its data should be available to you again, as quickly as possible with minimum data loss.
This type of protection is achieved by protecting data and services using software that can run backups in real time without taking systems down to do it. However, this type of protection is expensive and simply protecting everything in this way doesn’t make sense.
Selective archiving of historical data on tapes can remove as much as 70% of data from the back-up process, and therefore expedite recovery and minimise downtime.
As a footnote, tape-based archives are also more portable than digital transfers for very large data cargoes. For such large amounts, physical transportation beats the internet, every time – 100TB of data will cross the Atlantic quicker transported on tape than on an internet feed.
- SECURITY – TAKE DATA OFFLINE, AND OUT OF THE LINE OF FIRE
Around 70% of data is hardly ever accessed, or altered. Taking such a tranche of static data away from a live IT network – to archive as immutable, read-only copies, in triplicate, which cannot be changed – will protect it from nefarious outside influences, such as ransomware.
Ransomware encrypts, locks, and holds data hostage. Disk based backups are not infallible. There are instances where the virus has found the backup files on a disk based target and deleted them leaving the customer totally powerless to roll back. These victims thinking they were safe due to backups find themselves with no recourse but to pay.
Why? Some disk back-ups are vulnerable because they are connected to the network. By contrast, tapes sit on shelves, and don’t move. The data they store cannot be altered and cannot be attacked.
- COMPATIBILITY – ENSURE A BACKWARDS PATH FOR LEGACY TECH
The march of technology is relentless and the tendency in IT is to always look forwards. While technological progress is to be welcomed – indeed, pursued and grasped – it can create a fog behind us, which obscures our backwards-path.
It is paramount we keep this path clear. Backwards compatibility should be built into a progressive strategy – not so we can retrace our steps, but so we can retrace and identify the key points that brought us this far. Technologies come in and out of fashion, and can be retro-fitted for new purposes.
For many, tape has been written off as old technology. But it’s found a perfect use in the digital era. At some point, somewhere in the business, something is going to happen and will require data to be retrieved from tape. Businesses need to be prepared. They need a compatibility plan to ensure their archived data can be accessed quickly and easily, whether they host, outsource, or share some kind of museum facility to restore data from legacy kit.
- REGULATION – INTRO NEW STRATEGIES FOR NEW DATA PROTECTION
‘We’ve always done it this way’ – those are the most expensive words in IT. As the GDPR, which comes in to force in March next year will prove. If organisations don’t change the way they backup and archive data, they will find the new rules overwhelmingly complex.
Take the EU’s ‘right to be forgotten’, for example. The typical grandfather-father-son rotation scheme means a lot of back-ups – four weekly copies, 12 monthly copies, and seven yearly copies. If your customer evokes their right to be ‘forgotten’, then you need to remove every trace of their personal data from every corner of your systems, including your live systems and legacy backups.
Companies need to re-examine how they archive their data, if they are to avoid the potentially business-breaking consequences of legislation post GDPR. It’s a case of adapt or die. The old attitude – ‘we’ve always done it this way’ – simply has to change.
And as a brief, final and crucial, aside, the GDPR will affect UK-based companies regardless of the UK’s impending exit from the EU – it comes into force beforehand, and impacts any firm handling the data of EU citizens. So, UK firms must get their houses in order and they need to start now.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.