Last week was World Backup Day. It is on March 31st every year so that you don’t lose your data and become an April’s Fool the next day.
Amidst the growing awareness of the importance of backup, no thanks to the ever growing destructive nature of ransomware, it is important to look into other aspects of data protection – both a data backup/recovery and a data security – point of view as well.
3-2-1 Rule, A-B-C and Air Gaps
I highlighted the basic 3-2-1 rule before. This must always be paired with a set of practised processes and policies to cultivate all stakeholders (aka the people) in the organization to understand the importance of protecting the data and ensuring data recoverability.
The A-B-C is to look at the production dataset and decide if the data should be stored in the Tier 1 storage. In most cases, the data becomes less active and these datasets may be good candidates to be archived. Once archived, the production dataset is smaller and data backup operations become lighter, faster and have positive causation as well.
Air gaps have returned to prominence since the heightened threats on data in recent years. The threats have pushed organizations to consider doing data offsite and offline with air gaps. Cost considerations and speed of recovery can be of concerns, and logical air gaps are also gaining style as an acceptable extra layer of data. protection.
Backup is not total Data Protection cyberdefence
If we view data protection more holistically and comprehensively, backup (and recovery) is not the total data protection solution. We must ignore the fancy rhetorics of the technology marketers that backup is the solution to ensure data protection because there is much more than that.
The well respected NIST (National Institute of Standards and Technology) Cybersecurity Framework places Recovery (along with backup) as the last pillar of its framework.
It is important to recognize that in this framework, there are 5 functional areas or pillars. They are:
- Identify
- Protect
- Detect
- Respond
- Recovery
Looking deeper, we must consider 3 phases of cybersecurity defense and they are
- Before the threat – Identify and Protect [ Prevention ]
- During the threat – Detect and Respond [ Cure ]
- After the threat – Recovery [ Recuperation ]
As you can see, backup and recovery is in the last phase, which is after the threat has happened. This means that organizations must also look at the other pillars as well, and not to rely on backup and recovery as the “total” data protection solution.
Backup please!
Backup and recovery remains of one of the cyber resilience practices and cybersecurity defense against data loss and cybercrime. Cybercrime is big business. Cybersecurity Ventures predict that in 2025, cybercrime costs could reach USD$10.5 trillion annually. So instead of being a victim, this blog advises all organizations, large or tiny, to do the right thing and Backup Please! Instill the discipline to protect your organization’s data.
And make sure there are copies of the backups as well. An immutable one, I hope. That’s the new 3-2-1-1 rule. Godspeed.