SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Why data backups should be a part of daily operations
Mon, 17th Dec 2018
FYI, this story is more than a year old

Private, public and hybrid clouds are growing in popularity as lift and shift cloud apps are making migration easier for businesses.

Routed enterprise business development spokesperson Christian Mahncke says that while cloud computing has proven that it is a better option than in-house servers, security challenges remain a concern and businesses require a solid cyber-security strategy.

Mahncke says, “It is evident that companies are still experiencing common security challenges such as backup and Disaster Recovery (DR) failures, ISPs being hacked or Ransomware attacks. All of which is exposing the network and potentially sharing valuable personal information.

“These businesses are neglecting this important aspect within their cloud strategies, failing to include backups and DR in the overall planning.

He says that including security and a backup plan comes naturally for anyone that has migrated or developed new applications in the cloud: “It is simpler to secure data by creating a DR environment in the cloud than doing so on-premise.

Once all your applications are in the cloud, it takes care of all backup and DR requirements quickly and more cost-effectively. Cloud provides one virtual environment, as opposed to a number of disparate applications each requiring individual backup and DR needs.

The importance of looking after data, inside and outside of an organisation remains lacking, which means that DR is probably equally absent. Mahncke says that there is a need for security policies and associated regular backups. This will automatically result in ensuring that proper DR is in place, and it works.

“So often backups only get tested after a server crash or security breach, only to discover that the backups do not exist or were never taken. DR is often absent as there is a belief that a multitude of backups constitutes DR,” explains Mahncke.

He stresses that backups are not DR, nor can multiple backups amount to any kind of DR. Backups are useful for immediate access to restore a document, but do not facilitate the failover of a total environment if the infrastructure becomes compromised.

“Backup is simply a copy of data intended to be restored to the original source, while disaster recovery requires a separate production environment where the data can live. All aspects of the current environment should be considered, including physical resources, software, connectivity and security,” says Mahncke.

Data backups should be automated and part of daily operations, while DR planning is an integral part of any organisations IT strategy, and is becoming essential as security breaches and network outages become common threats.

“DR needs to address complete system failure and provide a set of security policies to govern disaster incidents. A cloud platform provides for this in the most efficient form,” says Mahncke.