Top Ten Ways to Protect Your Small Business Data
by Bridget.Giacinto, on Oct 27, 2015 10:54:58 AM
As a small business owner, data protection and recovery should be at the top of your list of priorities. With limited to no IT personnel in-house to help, tasks like data backup, retention and disaster recovery often do not receive the attention they need. Yet in the same breath, it’s important to recognize that data is the backbone of your small business and without it, your business could cease to exist. So what can you do to protect your small business data, given these distinct predicaments?
1. Ask for Help with Your Backups
Whether you work directly with a backup software company or seek out the help of a software reseller, system integrator, Managed Service Provider (MSP) or an IT service provider, get the help you need. You cannot be expected to be an expert at everything. Why not leverage the knowledge, experience and expertise of experts in their field. Backup is too important to leave to chance. It’s ok to ask for help. Some backup vendors even offer setup assistance; helping you to install, configure and schedule your backup job, so you don’t have to wonder if you set up everything correctly.
Find out what type of support is offered, so you know what to expect when you call for help. Is the support provided by in-house employees, a local call-center or an offshore call center? When you are in need of dire assistance, this makes a HUGE difference. Knowing that you can call and speak to someone who is knowledgeable about the product they are supporting, rather than just offering up scripted responses is paramount.
2. Choose a Backup Solution that Fits Your Needs
Whether you make the decision yourself, or go with the recommendations of a knowledgeable reseller, you will need to find a backup solution that fits the needs of your specific business and the applications you run (SQL, Exchange, Hyper-V, VMware). Here are the top backup software questions to ask when researching backup solutions.
3. Select a Backup Storage Device
There are a lot of options when it comes to backup storage devices. Without research or the help of experts, it can feel like a daunting task to choose what option is best for your business (Tape, NAS, Removable Hard Drives, Cloud, or Optical Media). SearchSMBStorage contributor Brian Posey shares the pros and cons of the different small business backup storage options on TechTarget.
4. Define How Much Data Loss is Acceptable
As a small business owner, you need to know what data is most important to your business. Not all data is created equal, so you should know which types of data, if lost, would have the largest impact on your business. This is usually done by creating a business impact analysis, although the most important walk away is to define which systems and data points will have the greatest impact on your business, and how much loss tolerance you have for the different types of data that you have. This will help you to determine your recovery point objective (RPO), or put differently, how old you are comfortable with your data being once the data is restored. Read our article on disaster recovery planning for small businesses for more information on this.
5. Determine How Long You can Survive without Your Data
At an estimated impact of $15,000 per day, a disruption in technology resources and data access can add up quickly. While the actual cost will differ for each company, it’s important to determine how long your business will be able to continue to operate without access to specific systems and types of data. I would recommend separating your data into different buckets in terms of your recovery time objective (RTO). By knowing how quickly you need to be able to recover the different buckets of your data will help you to create the right backup strategy for your business.
6. Define Your Backup Strategy
There are a lot of choices when it comes to developing a backup strategy, but by doing the work outlined in the steps above, you will be more equipped with the information you need to create a backup strategy that is right for your small business. Here are a few things to consider:
- Backup Frequency
How often do you want to back up your data? This may differ by the type of data you are looking to protect and how critical it is to your business. How long your business can survive without the data will dictate the backup frequency needed (i.e., Hourly, Daily, Weekly, Monthly).
- Types of Backup
There are several different types of backup, so you will need to know what methods or combinations of methods are right for your business (i.e., File Backup vs. Image Backup, Full vs. Incremental vs. Differential).
- Backup Storage Destination
How quickly you need to recover the different buckets of data in the event of a disaster will affect which backup storage destinations you choose for what type of data (i.e., Local, Offsite, Cloud Backup).
- Backup Storage Devices
Even if you decide to backup to the cloud or to an offsite location for redundancy, data that is business-critical should also be stored locally for quick recovery. There are a lot of backup storage options to choose from, all with pros and cons, so you will need to determine what will work best for your business.
- Security Requirements
Does your small business require specific types of data to be encrypted? If so, you will need to make sure that these backups are set up with the proper encryption levels. If you need to comply with regulations like HIPAA, and you are looking at doing offsite backup, you will need to ensure that you find a solution that offers end-to-end encryption, meaning that it encrypts your data during transmission and in storage.
- Data Retention
Does your business have specific requirements in terms of how long you will need to keep specific types of data? If so, you will need to make sure your backup retention is setup appropriately to comply with these business, legal or compliance requirements.
7. Set Up Your File Backups
Now that you have picked a backup software vendor and determined your backup strategy, it is time to put that strategy in motion. If you selected a vendor or reseller that offers help with backup configurations, you should be able to discuss your requirements with them and lean on their expertise to setup your backup properly. If not, most vendors offer tutorials or videos to walk you through the backup process.
8. Set Up a Disaster Recovery Image Backup
While file backups protect your data, image backups protect your entire system, allowing you to do a complete system restore, including your operating system, applications, settings, bookmarks, and files just as they were before disaster stuck and that virus you were so careful to avoid encrypted your entire system. If your server is permanently wiped out and you need to do a bare metal restore, having an image backup will save the day.
9. Protect Your Business from Natural Disasters
While we would all like to think it won’t happen to us, earthquakes, tornadoes, hurricanes, lightning strikes, floods, and other natural disasters happen and not being prepared is a recipe for disaster. While local backups are great for fast recovery, they do not protect you in the case of a natural disaster that wipes out your entire building, servers included.
Having a secondary backup offsite or online that can be accessed remotely will help you to recover in the case of a natural disaster. Some small business opt to use NAS to NAS replication for backup redundancy. For small businesses on a budget, this offers an affordable way to have a secondary backup at an offsite location. Cloud backup is another great option for a secondary backup. The primary disadvantage with cloud backup is the time required to recover large files over the internet from the cloud.
10. TEST, TEST, TEST Your Backups
Your backup is only as good as your ability to recover from it. This is why it is so important to test your backups to make sure that you can recover your files from your backups. Technical contributor, Nathan Fouarge at NovaStor said this about testing your backups, “Think of it like a smoke alarm; you are supposed to test your smoke alarms when you change your clock for daylight savings time. Making sure that you are alerted that the building is burning down needs to be at the very least as important as knowing that if the building did burn down that you could restore your data.”