Why using multiple layers of backup is a necessity

Published: 11 April 2024

It’s important to backup. People delete files, corruption of data occurs and worst of all – ransomware attacks are on the rise; all examples of times whereby your backups are worth their weight in gold. Backups are something that we all take for granted, in the same way that we expect WIFI in a coffee shop now, we also expect any data that we have/input in to also be backed up securely for us. We don’t know where, how or who does it – it is just an assumption that this is happening.  

This is a fair assumption, after all, we’ve all long talked about the issues around data and it’s potential for being lost, stolen or corrupted. Most IT teams for years have been completing multiple levels of backup, these may be stored in the same place or in a slightly different location, but still within the same overall network. Items such as Ransomware and insurance requirements are now driving a considerable shift in this. 

The necessity for this is driven by the rise in threats of predominantly ransomware and the fact that gangs actively target destroying backups, but also it is widely adopted as best practice just in case something happens to your sole copy of backups. We often think of backups as our absolute last line of defence, if you’ve not got those then it makes for a dark day. 

A modern strategy is based upon using multiple storage types in multiple locations. Immediately this sounds expensive, however the good news is that many backup services are largely commodity based and do not require complex setups or equipment purchasing.  

An example Backup Strategy

As an example, a common strategy that we would implement for a customer is localised backup as the first recovery point, this may be onsite if the equipment is there or in a backup repository in the same datacentre/cloud location if stored there. This provides the quickest recovery time should you need it, but equally the highest risk profile. Secondly these backups will be synced to another location that is completely detached and offline, so if something terrible happens to the online network in the primary location; these secondary backups are not reachable. We further secure this using a feature known as immutability, effectively preventing deletion of data by accident or malicious intent until a set expiry has occurred. 

Understanding the importance of your data, how you would recover it and how long it would take are the most important steps you can take today. Once you have this, planning a suitable strategy and testing can easily be achieved.   

Want to learn more?

Read More

The limitations to Edge Defence and Anti-Virus Software

3 June 2024

Edge Defence and Anti-Virus Software: Why you need more in your cyber armour to protect your business in 2024.

MFA: why you need additional Cyber Security defence  

14 March 2024

MFA (Multi Factor Authentication) is a great tool for adding an extra cyber protection, however it's not enough on its own.

Is an annual penetration test really necessary?

13 March 2024

Do you need an annual Penetration Test? Our CTO Simon Barnes discusses everything from what is insurance mandated and the risks involved.