The 9 Ugliest Data Backup and Disaster Recovery Planning Mistakes
which means there are no physical barriers to defend against an attack. These attacks are well thought out and customized to exploit the vulnerabilities of each organization. The volume of cyberattacks is increasingly growing; according to Check Point Research, there was a 50% increase in overall attacks per week on corporate networks compared to 2020.
Even if you have the best defensive measures, you will get hit sooner or later. That’s why investing in a proper disaster recovery plan is a necessity. When we become victims of cybercrime we need to be prepared to recover from the incident.
If you do not regularly back up critical data or have a documented disaster recovery plan your organization is at great risk. Therefore, you should start implementing these practices immediately! There are 9 common mistakes that you should avoid when creating a data backup and disaster recovery plan. We will discuss how you can prevent these mistakes so that you can implement a best-practice disaster recovery plan.
The 9 Mistakes
1. The scope of the backup is incomplete
It’s very common that data backups have very little to no strategic thought behind them. Evidence of these mistakes presents itself in the form of:
Important data, applications, or systems that are not included in the backup jobs.
All applications, data, and systems are backed up in the same way (There are no priorities).
The time it takes to recover stolen, lost, or damaged data is longer than expected.
Data backup is not updated. (You need to recover yesterday’s data but you’re only able to recover last month’s information).
Avoid these mistakes by classifying and prioritizing data, applications, and systems that need to be backed up. A Business Impact Analysis will identify critical sets of data while defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). This allows you to implement a backup job that supports lightning-fast restore times for critical information.
2. Data backup is not completed automatically
Making a data backup is an easy task to complete. Just click the button, and the data backup is performed immediately. However, there is a big problem presented when you do your data backups manually due to the fact that people forget to do them! Automation eliminates human error and allows you to have a successful data backup when you need it.
3. There is only one copy of the backup
What happens if your only data backup copy is lost, deleted, or becomes corrupted? Having more than 2 data backups is more reassuring than having only one recovery source!
4. Backups are not monitored
Do you check if your backups were successful? Data backups can fail, and most people forget to check if their data backups were successfully created. That’s why it’s important to monitor your data backups very closely if you are notified of a failure. There are several systems available that provide monitoring and alerting services for backups jobs.
5. Backups are not kept offsite
It’s not uncommon for businesses to store data backups in the same physical location as the systems that are being backed up. While this practice is acceptable for some types of systems, for others it is not ideal. Imagine there is a natural disaster, your servers and data backups can be severely damaged. That’s why it’s important to keep one or more data backups offsite.
6. Insufficient backup capacity
Capacity issues create sloppy and incomplete data backup jobs. Not only should your backup capacity be able to deal with your current needs, it should allow for some element of growth over time. A Capacity Planning exercise executed by a qualified technician can help you with this.
7. Lack of a documented Disaster Recovery Plan
Data backup is only successful if the information can be quickly and easily recovered. Having a data recovery procedure can help you speed up this process. A disaster recovery plan also known as “DR” should present steps to recover lost data, as well as designate who is responsible for performing these steps once a disaster presents itself.
8. There is no process to add or remove items from the backup scope
As new servers, applications, and data are added to your technological environment, it is important to make sure backup jobs are in place. Having a Data Backup Policy will provide users with the steps they need to add or delete components of the data backup. Not implementing a Data Backup Policy will result in off-dated backups as well as a slow and ineffective network.
9. Absence of training in backup testing
Backups need to be tested at least once a year. A test is the only way to verify that sensitive data can be restored if needed. Every member of the company should be educated in the restoration process, especially if they handle sensitive data or play a role in the organization’s data management.
At BTI we have more than 35 years of experience in the fields of IT, communications, and security, and we are happy to help you improve your business’s overall security. If you are looking for guidance, management, or the best custom security solutions for your business we have the expertise you need! Can we help you with anything? Contact us now or schedule a free assessment!