Home / Most Popular / Fusion e-book – Understanding Data Security

Fusion e-book – Understanding Data Security

Data – A critical asset to your business!

Most business owners, managers or CEO’s take it for granted their data is being adequately

 BACKED UP !

It is a fairly common assumption that every transaction your business does electronically is safe right? Well not necessarily. Data backup and replication is a critical part of your continuity plan and it is vitally important for the survival of your business if your systems fail. The time to find out your backups are not in the shape you thought they were is not when you need them. Our experience tells us that most restore processes that are troublesome, are so because they are not properly tested or understood by management because they have not been rehearsed or tested

UNDERSTAND

Management must understand their data security for continuity and preparation.

PLAN

Have a plan in place so you are prepared if things fail or cyber crime strikes.

TEST

Test your data systems so you know they work when you need them to !

YOUR DATA SECURITY IS NOT NEGOTIABLE
FOR BUSINESS SURVIVAL

IT’S POSSIBLY THE MOST CRITICAL ASSET IN YOUR BUSINESS

UNDERSTANDING

Data backup and disaster recovery techniques are varied and diverse. Management should understand their data backup & security system and how it works because their business relies on it.

My aim is to demystify the components of your backup system. I will explain the different types of backup systems and what key people in business need to understand in order to be comfortable their data is secure. Let’s face it – can your business operate effectively if your data gets compromised. While people responsible for running a business know a data backup and security system exists, some generally have not taken to time to have a base level of understanding of this essential area of business operation.

Let’s break this down into 3 parts:

  1. Components Of Your Data security & backup System.
  2. Understanding different techniques & technology & the jargon used.
  3. Planning & Testing your system, also known as a rehearsal.

“Being Accountable ”

Electronic data is pure and simply an essential component of nearly every business today. Without system access, we just can’t function. Businesses and workplaces are a diverse place with plenty going on, so we can not just rely on our I.T. staff or contractors to oversee from a management level that all backup checks and balances are in place. Sure they do it, but it’s a management task to ensure the checks and balances are in place. The buck generally stops with the most accountable person, and that is the owner, manager or CEO. My aim is to help those at a management level to identify and understand the devices, jargon and planning in order to support and work alongside I.T. people involved in data backup and security. This will help management & I.T understand together the business requirements from a higher level.

CRISIS CAN HIT ANY ORGANISATION

A casing point as to why we must not just assume our backups work. To test them in a rehearsed environment is the “key”, Data Systems Administrator Gary Dameron from DMV explains.

“Testing is key,” Dameron said. “Testing of not only your DR [disaster recovery] solution but of your backups. Even though we’ve been doing this for a lot of years, every year we test, we find something new.”

Full Article Click Here: http://wp.me/p8g9lY-gk

BACKUP DEVICES

The first point to understanding any backup system is what are we backing up to? It will depend on the size of your organisation and what hardware should be used. To break it down a little lets look at whats being used.

“Removable Hard Drive”

A removable hard drive is one of the most common devices that people use to backup various forms of data. They are convenient, portable & robust.

With capacities equal to most server or desktop storage they are a great way to plug in, backup and store in a safe place. A note to be wary of with removable hard drives is they don’t like heat, being dropped and will fail without warning. Be on guard, while they offer convenience they are not bullet proof.

HDD

“NAS – Network Attached Storage”

A NAS for the sake of a better word is a large removable hard drive on steroids with some added function. A NAS differs from a removable hard drive that plugs into your USB port. A NAS connects directly to  your network.

This allows a NAS to be visible across all devices on your network allowing more functionality. NAS systems are used to store documents, photographs, synchronise with dropbox and most importantly a great place to perform a server backup, desktop or mobile device data to.

NAS systems are generally compatible across all devices such as Windows, Mac & Linx. A NAS system is less portable than a removable drive BUT is a much better choice to store backups on because they have the capacity to have redundancy through RAID**.  NAS Systems are very secure for backup storage as administrative shares can be setup to prevent unauthorised access to your critical areas.

NAS
mancup

FURTHER EXPLAINED

This video further explains the differences between a hard drive and a NAS, plus many other uses for a NAS

Full Article Click Here: http://wp.me/p8g9lY-gs

Not sure what RAID** is, and want to know. RAID is a far more complicated technology component that this document is aimed at covering. However, if you want to know, check this out:

https://www.youtube.com/watch?v=Aa0RTgxJJy8

“USB Drives”

Surely you are not considering using a USB drive for backups, are you ? Let’s hope not. Unfortunately for some,  people do use these devices for backup, and usually at their own peril. While USB drives are quick, easy and cheap – they have a high failure rate, are easy to lose. This is a BIG PROBLEM if they are left lying around with sensitive data on them. They are generally not of large capacity. I do not rate these as a backup device, but more of a device of convenience to transport data from one place to another.

BUT, doesn’t a removable hard drive have the same issues with security/portability ?. YES, and be wary of that. However, a drive that is purely used for backups in a structured backup system offers much more than a USB drive in terms of reliability and space.

thumb

“SAN – Storage Address Network”

A SAN putting it simply is another form of storage device within a network. Essentially they perform a similar function to a NAS, using different technology. SAN’s are very rarely used in small business and are most commonly found in larger organisations that have networks that span over several sites or floors.

“Other Computers”

DANGER – While this may provide a way to  store a copy of your data for backup purposes – I can only say this method should be really thought through. There is a real danger data can be deleted, over written or sensitive information can be compromised by other users. The risk of data falling victim of cyber crime or ransomware is very high. THIS is not a serious consideration for any backup system – whatsoever !!!!

SAN VS NAS

SAN’s are very rarely used in small business and are most commonly found in larger organisations that have networks that span over several sites or floors.

Full Article Click Here: https://www.lifewire.com/san-vs-nas-818005

“Tape Drives”

Back in the 1990’s through to around 2010 tape drives were common practice in many businesses. They are reliable, by mere fact that tapes were rotated on a daily basis – but tape backup systems do require a higher level of monitoring and maintenance.  Technology such as NAS and removable hard drives have superseded the tape drive. However the tape drive was a notable trusted robust device that housed common practice workplace backup routines for years. Today it is not common to see tape drives in servers, as they are slow, have low capacity and prone to dust.

Tapes require a more rigorous monitoring & backup routine to manage.

If you still run a tape drive, check and maintain it properly.  It should be still reliable.  I would however suggest you do look at a NAS, and an image based backup software program. (Backup images will be covered later in this ebook).

tape

“Cloud Backup”

From the old to the new. With the rapid growth of cloud technology a very easy and convenient way to store backup data is in the cloud. It is extremely secure, and a very reliable addition to any backup plan. (You did notice I said addition didn’t you ?)

What is very exciting about most cloud backup services is the technology they use. Backup providers keep many versions of the same file  for safe keeping. This covers nearly every type of woopsy possible. Cloud backups give added protection against things like ransomware, accidental overwriting of files or mass deletion. This technology allows you to get the file, or group of files from a known point in time and restore them very quickly and easily. Its also a way of keeping multiple versions of files for archive or ready for you to restore. While I do not recommend this as a mainline backup system, in my view its an essential addition to any backup plan.

cloud

backups – WHICH SERVICE IS BEST – BUSINESS NETWORK SOLUTIONS

What Are People Using to backup their data at Work? Well, the 3 main data backup and security platforms I see most MSP’s use are Shadow Protect, Veam or Datto. They all have their strengths, however, if I was to choose, I would select Datto. Why ? Here are a few points:

  • Backup Your Servers in up to 5 minute increments. Almost in real time.
  • Provide you with full server, or granular restore.
  • Provide you with Ransomware awareness.
  • Provide a failover system so if your server\s fail – datto will enable site production for your staff to keep working and your customers to transact with you.
  • Back your data up to the cloud. Then eliminates the worry of you taking data offsite.
  • Offer virtual cloud redundancy. If the worst disaster was to occur and your office was burnt or flooded, you can run your essential services from the cloud until you can get your site enabled to trade.

Check out the 45-second video where Datto use comedy to showcase their product.

Disasters Happen Right - You Need Datto

backups – WHICH SERVICE IS BEST – HOME OFFICE OR CONSUMER

What Are People Using to backup their data at home ? Well, the 2 main data backup and security platforms I see most MSP’s use are Carminite, Crashplan Or Backblaze. They all have their strengths, however, if I was to choose, I would select Crashplan. Why ? Here are a few points:

  • Unlimited Backup Space.
  • Data Encryption.
  • Reasonably Priced.
  • Easy to use.

Check out the included Video which compares the platforms. Use an offsite backup to protect that data and treasured family videos or photographs for ever.

Learn All About Cloud Backups - And Compare Them.

“Cloud Drives-ARE NOT BACKUPS !!”

We have all heard of Dropbox, Google Drive, Onedrive and the other endless offers out there. These services are great right ? YES, but not as a backup service. There is a very good reason I say this because these services are a synchronisation service to the cloud, or a productivity tool that allows you to work within the cloud. Google docs & sheets are a great example of this.

The reason they should not be backups is because most of these services SYNCHRONISE with multiple devices, or allow you to directly work in the cloud on your files. There lies the problem. Let’s say your computer gets attacked by ransomware, or you accidentally delete multiple files. There is a potential that action will replicate to your cloud and in turn all of your devices. Suddenly, a mistake is made on one device and it replicates out. While some of these services offer versioning, it is not as robust

CD2

“Summary”

Every Business or company needs a business continuity plan. This ebook is designed to focus on any business that has a small number of technology staff or has their I.T. needs addressed by an I.T. company or contractor. Typically a large business or corporation have a team of I.T. specialists and they invest heavily in their skill upkeep, their infrastructure and their data backup and security. Unfortunately, small business as a rule does not.

Micro, Small & Medium business need to treat data security, business continuity and backup procedures very seriously. Your livelihood depends on it. That being the case, I would like to offer an opinion on a robust solution that I have recommended to many clients over a long period of time as appreciation for downloading my ebook. This method is tried, tested and has been used to rescue businesses from issues in the past.

We will discuss backup software in the next section, but for the purpose of outlining my ideas on hardware, I will make reference to software.

JARGON

There are many different words & phrases that get thrown about when we talk about backups, data file systems and data security. Let’s check a few of these interesting words out.

j2

“Granular Files”

We all know about PDF’s, .doc, .xls, .jpg etc etc etc. These letters after a file name are called file extensions. They give us a clue on what types of files they are. A file could be a PDF (Portable Document Format), XLS (Excel File) or a JPG (A picture). These files can be copied, deleted and changed very easily. They are also the most susceptible to accidental deletion, overwrite and ransomware. Files such as these are all singular files that live on a hard drive and contain the relevant information and are used in every business every day.

When we refer to granular files when discussing backup’s we are talking about the ability to backup files in their most simple format within a folder or group of folders. Basically to backup single files at granular level.

The reason they should not be backups is because most of these services SYNCHRONISE with multiple devices, or allow you to directly work in the cloud on your files. There lies the problem. Let’s say your computer gets attacked by ransomware, or you accidentally delete multiple files. There is a potential that action will replicate to your cloud and in turn all of your devices. Suddenly, a mistake is made on one device and it replicates out. While some of these services offer versioning, it is not as robust

download (2)
j1

“Image Files”

Image files are far more complicated than a granular file. Software application such as Ghost, Shadow Protect & many many others replicate a complete hard drive image of the source drive you ask it to. Although they contain all the granular files on your hard drive within the file (backup set), they also contain system files, configuration files, database files and every piece of information contained on your hard drive.

The clear advantage of an image file is that we use it to restore data in 2 ways. We can mount the file through the software application. This is a fancy name for another drive letter appearing in explorer where you can copy the granular data you require from the mounted drive (image file) to your target drive. More importantly they can be used to fully restore a drive back to its last known working configuration.

This is extremely handy if you have a server or computer that has a failing drive or corrupt operating system. You simply install a new drive, or raid array and restore your image. The last great function of some image files is that they can be virtually run. This allows you to boot the image file from another computer. Virtualisation is discussed further down this ebook. To explain it simply we can boot the server contained in the image file on another computer as a temporary measure in a disaster recovery situation. Image files are simply marvellous. An image file is an exact replica in its entirety of a server drive, and is backed up to another device that has the smarts to deliver data security in different ways.

Image files should be backed up to a NAS and offsite copies of image files made to a removable hard drive. The only IF with an image file is it can only be used, accessed and mounted by the program that created it. In most cases the popular backup image software that has industry acceptance is Shadow Protect by Storagecraft. https://www.storagecraft.com/au/products/shadowprotect

fi1

“Full Image Backups”

Full backup images are a routine where the entire drives on a system is backed up to an image. Depending on the size of the drive, a full backup generally takes a long time to complete and should be done after hours so it doesn’t cause performance issues on your server. The advantage of full backups are that the image contains a full data set for a full restore.

word-image
fi2

“Incremental”

Incremental backups are a process where we have a base image created at a point in time. A base image is a full image backup and the starting point of your incremental backup set. Small additions of data which are changes to data made since the last backup are added to the incremental backup set.

Weekly, the incremental files (files containing the changes only) are consolidated into the base image. As incremental files are created they form a part of the “incremental chain”. A downfall of incremental backups are that if one file in the chain gets deleted or corrupted, your backup set is only usable from the point the chain was broken – backward. Incremental’s are generally run several times through the day and are a separate routine to a FULL backup. This is quiet common where a business needs critical data backed up within hours of their trading status.

IT’S QUIET COMMON TO HAVE BOTH

When considering a backup solution and process it’s very important to have a full backup run at least once a week and incremental backups run several times a day. This is to ensure if your incremental chain gets compromised in any way – you can rely on a full image backup to rescue the day.

Incremental’s also can be handy to use for finding deleted granular files. Incremental backups store the data from the date the base image was created. So any files deleted at some point will be available to restore on an incremental backup if you can find the date it was deleted

“Summary On Backups”

Granular backups as your only backup process is very risky and do not comply to any standard. They SHOULD NOT be your only form of backup.  A major problem with granular backups are if you have a full system failure, your server or critical desktop must be rebuilt first. This can take hours/days. Then the granular data must be restored manually. An image backup restores the whole lot in one go, operating system included.

For your server or critical desktops holding valuable data you should be running a full image backup to a NAS on them weekly. In addition, a separate backup routine should incrementally backup our data at least daily or twice daily back to your NAS. Always configure your software to consolidate your files. An image manager tool must be used to ensure the integrity of your chain.

Your IT staff or contractor needs to monitor, check and test the integrity of your full backups, incremental backups and check your NAS is not nearing capacity. ALWAYS make an offsite copy of your NAS backups to a removable drive. This will protect against FIRE, FLOOD, failure or THEFT of your NAS. This is critically important.

DO NOT fall for the trap by thinking storing offsite backups on removable drives in your company safe will do!!!! IT WILL NOT !!!!. Safe’s are fireproof, but they are not heat proof. Radiant heat from any fire will destroy your offsite drives. Remember they are mechanical devices and don’t like heat.

In addition to your image backups, incorporate a cloud backup for your granular data. Its another layer to your data security and it is a very efficient way to store changes to files through versioning.

FO1

“Failover Replication”

Failover replication is a very different technique to data security and backups. Extremely intelligent software applications such as Veeam has made this possible. Veeam gives the customer peace of mind that if one server does go offline, it can be failed over to the standby server. Veeam constantly replicates the primary server to a secondary server while they are both online. When failure occurs, or maybe just the need to conduct maintenance on the primary server, online service can be pushed over to the secondary server within minutes. This is called failover and has the ability to swing a business function over to a secondary server to keep you all working. A somewhat more complicated routine, however for system critical businesses such as accountants and professional houses this should be a strong consideration.

FO2
ab2

“Bare Metal Environment”

What does a bare metal or virtual environment mean ?.

The environment relates to how the operating system is hosted by your hardware.

A bare metal environment is a term we use for a single operating system that is installed onto a hardware platform. The operating system, for example Windows Server or Windows 10 natively lives on that machine and has exclusive access to the hardware environment. In a bare metal environment, only one core operating system exists on the hardware platform. While this offers reliability, virtualisation is becoming more industry standard due to its flexibility and adaptability.

word-image
ab1

“Virtual Environment”

A virtual environment adds a base layer between the hardware and the operating system.

This allows for many servers or desktops (known as instances) to be installed on a single hardware platform. Several key advantages to a virtual environment exist. Firstly, the virtual software, such as vmware manages the hardware configurations, drivers and compatibilities.

This has a big advantage over bare metal environments because the operating system does not get upset about hardware layers and drivers. The virtual software handles it all.

This makes it from an I.T. perspective easy to manage. Lets say you have 2 server hardware platforms for example. You could load balance by moving a whole server instance from one hardware host to another quickly and easily. Virtualisation has many advantages when it comes to managing business continuity.  Instances can be very easily created, and servers restored into them.

If a hardware platform completely or partially fails, a virtual machine instance can be moved or restored onto any box running the virtual software.

ab3

“My preferred environment”

My industry experience spans over 25 years. I have seen many changes from businesses that had the first MS DOS systems running simple word processors through to server large server racks running multiple virtual instances serving offices all over the globe. Advances in technology over the last decade or two have been enormous.

ab4

Cloud computing has brought an new revolution to business for efficiency, mobility and speed. Technology is now mainstream and critical to business function, so much so that a business cannot operate without technology. Putting investment into your technology is just good business practice and common sense.

Equally, as essential in today’s world is securing your data. Adapting your business technology plans to cater for the devices and technology that secure your data, and make it easy to restore services if they fail is a high priority. To understand this from a management perspective is critical for any manager, director, owner or CEO. Your environment is important and should be adaptable, easy and secure.

Any business with server based applications or critical desktops should consider virtualization, full and incremental image backups to a NAS

Plan, Rehearse and Check

You have an environment suitable to your needs, you are backing up to a NAS and replicating your data offsite. Sweet ! All is good.

nnt

“Now is not the time”

Its heartbreaking to see a business suffer catastrophic hardware failure, ransomware attacks of mass deletion of data and realise that their data security processes failed at some point. I have actually witnessed discussions between management and I.T. revealing backup logs worked, backup files existed but for some reason, the process fully or partially failed when a restore was started.

The time to find out your data backup and security process has failed fully or partially is NOT when you need them.

bc1

“Business Continuity Plan”

Business continuity means exactly what it reads. Can this business continue to operate if it were subject to system failure, and what is the plan to get back into production? Recent statistics have revealed that up to 60% of businesses will fail within 6 months if they are victim to cyber attack. Check out this article http://wp.me/p8g9lY-8x which explains why ” 60% of small companies that suffer a cyber attack are out of business within six months.”

A business continuity plan is a document that identifies your risk, outlines your business infrastructure, describes your backup process and has a tested rehearsal method. It outlines what needs to be done and by who to get you going again. There is comfort in the sheer fact your systems are measured and tested.

nntt

“Test, Rehearse, Measure”

  • Test your backups regularly. Mount your images and test your chains. Partially restore files and test them. Do this from both your NAS and offsite backups as they are literally your last line of defence if things go wrong. Download a versioned file from your cloud backup from 3 months+ ago to test its integrity.
  • Restore your images onto a lab server or test virtual environment. Even if you run a bare metal environment, try restoring that image into a virtual environment because one day when you need to restore – your only option may be a virtual host. Boot all servers, access data and test the process. This rehearsal will tell you what you need to know in a real life situation.

The first question your staff or customers will ask when you have systems offline is “HOW LONG”.  I guarantee it.

  • Measure the time it takes for tested partial system recovery, and full system restore. This gives you a quantified answer and expectation for everyone around you what to expect. Anxiety relating to the process can be reduced as people know what the time delay may be.
eaker

“Work with your I.T. staff or contractor”

I.T. staff, contractors and personnel are very talented people to do what they do. They have complicated tasks to deal with and spend most of their day problem solving in a reactive capacity.

Thats the nature of their job. Quiet often I have seen ideas, needed improvements or upgrades get “shelved” due to budgetary constraint or resources diverted elsewhere by management.

This has the potential to land excess stress and dependance at the feet of your I.T. people when things go wrong. Management should take a pro active approach to their I.T. capacity to ensure adequate training is provided, and they listen to concerns or requirements they have. What could be more important to any business than your system access, and the people that look after it.

winner

“Once is not enough”

Review your hardware and backup plan. Have the discussion with your I.T. staff and management. Things change rapidly in the technology space and a once off test, rehearse, measure and meeting with your IT staff is not enough. Management need to understand the terminology, hardware, jargon and process clearly in order to reduce your business risk and mitigate as much as possible the likelihood of a failure event.

“THANK YOU”

I appreciate the time you have taken to read this ebook. In my experience I have seen many small business operators, directors and managers understand a backup system exists and just assume it all works according to plan. Many I.T professionals work tirelessly to maintain systems and keep them functioning. They oversee that the company data is secure and adequately backed up. The gap I have seen between managers and the I.T. guys is understanding and priority, especially when it comes to expenditure and the constant upkeep of critical systems. If this ebook has made that understanding a little clearer and more attention gets focused on I.T. needs and backups – it has done its job.