Data exist in many shapes, sizes, and also differ in their importance. In most cases, however, data is of existential importance for the operation of a company.
Oliver Cronk, Chief Architect, EMEA at Tanium
World Backup Day is therefore an initiative that should be taken seriously, because I see many cases where backups are not carried out effectively or not at all. In my experience, about 80 percent of companies have either not backed up their data at all or not regularly enough. This is worrying, because if these companies are affected by a data breach, it can have enormous consequences. Backups are often the last line of defense against cyberattacks. If you are unable to restore your systems, backups are an important lifeline.
The main reason that backup programs are neglected is the cost. Regular, comprehensive backups require financial and human resources, and sometimes IT teams choose to focus these resources on other areas. One of the crucial tasks that require this investment is to find out where the most important data is stored and to make sure that it is always included in the backups. It is also important that the backed up data is regularly tested to see if it is easily accessible. I rarely see these tests being done, so this is definitely an area that needs improvement.
Another reason that backups are overlooked is the misconception that this is a pure data center problem, but it must also be treated as part of a comprehensive security strategy. Every company should take an initiative to improve and maintain cyber hygiene, and in my opinion, data backup should be part of this initiative. The vast majority of data breaches I experience start with a preventable incident that could be prevented by improved cyber hygiene. Even if a network is still affected, a good level of cyber hygiene can help to minimize the impact. For example, if a ransomware attack encrypts a company’s data, it is in a much better position if the data has been secured.
My advice is to use World Backup Day as an opportunity to ask yourself important questions, such as: In the event of a security breach, are all your important data backed up and have you checked that they are easily accessible? Is data backup part of our cyber hygiene and security strategy? If the IT teams understand the importance of these areas and take responsibility for them, they can prevent the company’s reputation from being seriously damaged and a large sum of money from being lost.