Fresh Thoughts #57: Backup and Disaster Recovery Are Very Different Things
- Newsletter
Am I the only one to notice how everything seems to be a disaster... all the time?
Backup and Disaster Recovery Are Very Different Things
In cybersecurity, we care about disasters. Or, more accurately, protecting against them. We call it availability - one of the foundational cybersecurity concepts.
For several years I worked in the computer storage industry. And I learnt a valuable lesson which many knowledgeable, technical people still don't recognise...
Backups and disaster recovery solve two entirely different problems.
Backups
What happens when you accidentally delete a file?
Or overwrite the wrong file?
Or experience ransomware encrypting all your files?
Or a fire or flood engulfs your office building?
In all these cases, you need to go back in time to get a known good copy of your business-critical files. That's where a backup comes in.
A backup is simply a copy of a file as it was at some point in the past.
On the surface - that sounds great. And it is.
But there are some secondary issues you need to consider.
Storage Space
If you're continually saving copies of your files - the amount of storage capacity you need balloons quickly.
But it's pretty simple to solve:
- Firstly, do you really need to store a full copy of your data? Many backup systems only keep the changes made to a file. This means you'll be able to get back to a known good place - without needing endless storage.
- Secondly, do you need to keep data that's 10 years old? While the idea of storing backups forever may seem appealing initially, it is likely unnecessary. I can't recall when I needed to roll back a change I made to a file 6 months ago... So, focusing on what happened last week, last month or last quarter provides the protection you need.
Keep Backups Offline and Offsite
You'll notice that security certifications don't simply refer to "backups", but rather "offline and offsite backups".
In the event of a problem - a backup has no value if it is as easy to delete or encrypt as the original file. Therefore it needs to be kept - offline from the source data.
Moreover, if your backup is stored next to your computer and both are destroyed in a fire or flood, the backup effort comes to nought.
The final essential ingredient is to know that your backups work. Writing a file to a backup device is excellent, but it has no value if it can't be read back. Worse - it will give you a false sense of security.
So the final step in all backup plans is to check that the backup process and technology are working correctly.
March 14, 20232 Minutes Read
