Situation:
I recently had the opportunity to share a coffee and chat with the owner of a new client. He admitted to me that data backups had never really been a priority for him or his team - most files were shared between multiple laptops using thumb drives and there was nothing that they considered "critical".
Having supported a number of organisations with similar viewpoints over the years I offered the following counter-points.
Considerations:
Data backups are not just for "disaster" recovery.
Often, the value most appreciated from having regular, automated backups of all business data is the much maligned "I'm sure that didn't look like that yesterday" overwriting of file contents - without a backup, you will never know what content has been lost and you will spend hours looking through thumb drives, other laptops, email attachments to check what is missing.
Or, consider the case of the accidental folder drag - where did it used to live? Having a backup provides the option to rapidly recover to a known state.
Then there ARE the disaster situations:
- Recovering from a lost, damaged or dead laptop - without a recent backup is going to take HOURS - hours that could be spent with family, or on productive business activities.
- Dealing with a Ransomware attack - consider facing the choice of paying a ransom to an unknown criminal, or losing an unknown volume of data. The financial impact either way will be significantly more than the cost of a backup.
- What about the disgruntled staff member - imagine coming in on a Monday morning and finding that every file and setting on the office computer is just, well, gone. Where do you start? What have you lost? How do you recover?
Consultants PWC in conjunction with the Australian Prudential Regulation Authority (APRA), recently conducted a study that identified that businesses face significant challenges in maintaining and maturing their data and cyber resilience programs - in fact, only 28% of small and medium-sized organizations back up their data daily, which is alarming given that 60% of small businesses close within six months of a major data loss incident.
Considering that daily data backups are cheaper than a pub lunch, it does seem that Australian business owners are either unaware of the risk, or don't know the options available.
If I was You:
There are four simple tasks that you can do to mitigate your data loss risk:
- LOCATE: Identify where your business data is stored (laptop, server, thumb drive, cloud repository, etc);
- CLASSIFY: for each identified location, determine a relative data importance (use classifications such as critical to business, important to business and clients, easily re-created from other sources);
- ASSESS: Starting with your critical data, assess how long you can afford to be without data in each classification - as an extension, determine what the lost revenue impact would be for each data classification recovery period
- VALUE: Using the information from the ASSESS task, you can calculate the business value of your data.
From here, it's up to you how much you invest to mitigate risk!
What we Offer:
Professional backup solutions automatically store your backup in a secure remote location. In Microsolve's case, we use the AWS environment in Melbourne, with a failover location in Sydney.
Testing is also often overlooked - We will work with you to develop a routine "restore" test to validate that your backups are note only working, but can be restored and the restore process is understood and practiced.
