Data loss is catastrophic, but thanks to today’s cutting-edge software systems, data can be protected more securely than ever before, and even if the worst scenario occurs, in many cases data can be fully recovered.
Here are five tips for protecting your data, as well as for recovering data in case of loss due to human error, cyber hacking or natural disasters.
1. Use the 3-2-1 Rule of Storage
Where and how you store your data is pivotal to its safety. As a rule of thumb, many companies adhere to the 3-2-1 rule of data storage: Make three copies of the data, store it on two different types of media, and make sure that one of them is stored offsite. The importance of storing data offsite will be explained later, but this basic stratagem ensures that your data stays protected at all times.
2. Have a Plan B for Recovery
Security experts recommend always having a Plan B in readiness to minimize damage and data loss. This means updating your backup data regularly so that you can convert to it immediately. You need to be able to roll back quickly to your backup data at a recent safe point, and that safe point should be within a couple of days of your data loss incident. After you convert to your backup data, then you can restore your local /server apps and reload the rest of your current files once they’re clean.
If your files do become infected, you’ll need to take the following steps:
• Using professional IT help and/or removal tools, remove the virus and scrub your system clean. It’s also important to check your prior backups to make sure they weren’t infected as well.
• Find the last point where your files were clean and uncorrupted. If it’s feasible, do a system restart to that point.
• Convert to your most recent backup files. From this point, you can restore all apps and reload current data.
• When identifying and cleaning up corrupted files, make sure you include all servers, plus cloud and virtual platforms.
• Perform random recovery checks on a regular basis.
3. Replicate and Store Your Data at an Offsite Location
It’s not enough to simply back up your data. With so much cybercrime and potential environmental threats, it’s crucial to replicate and store your data at a secondary location away from your business. Data backup won’t protect you if there’s a site-wide failure in your company — or even in your community. Be sure to choose a secure remote site with storage vaults that are impervious to natural disasters such as floods and fire.
4. Educate Your Employees
You can never assume that your employees are on the same page as you are when it comes to network security. Staff members can be tricked into infecting your entire system merely by clicking on the “wrong” coupon for that day’s lunch delivery or by sneaking a peek at Facebook and “liking” a malicious page. Train your staff to avoid clickbait, to delete attachments from unknown sources and to recognize red flags for malicious websites and harmful links. Ask cyber-security experts to deliver training seminars with realistic examples of how easy it is to infect an entire network.
5. Identify Your High-Value Data Assets
It’s important to separate your high-value data assets and sensitive client files from the everyday files that are commonly used by all employees. Using data classification tools, you can isolate these sensitive files so that only certain users have access to them. It’s also wise to encrypt these files and store them in separate backup locations.
With a good, well-tested backup/recovery plan, strong storage strategies and employee education, you can rest assured that you’ve done everything possible to protect sensitive data from natural and man-made catastrophes — so that you’ll be ready to handle whatever comes your way.
Source: SANS ISC SecNewsFeed @ January 31, 2017 at 04:12PM