Office Document Strategies Blog

Every business person using a computer knows that it is important to back up their electronic data regularly so it can be recovered in the event of hardware or software failure.  Unfortunately not everyone does this and even those that do don't always use the best methods or tools.  Failure to put proper steps in place and then following them religiously can lead to serious consequences.

A checklist of some of the most critical things to consider:

1. Backup frequently.  Daily is a minimum but even more often could be considered if you do a lot of transactions each day.

2. List and understand what all of your critical data includes.  Things like emails are often as important as accounting data for some businesses.  Databases of key information including CRM data which holds contacts with key clients and prospects.  Other often overlooked materials are contracts, key marketing material and websites.

3. Software packages are now available which permit you to do snapshots of servers and other key hardware so that the complete configuration is available for recovery not just the data bases.  This can substantially reduce the downtime in the event of a failure by making recovery faster and easier.

4. Workstation data.  Most networks do not include regular backup of workstation data.  Unless a very rigourous filing protocol is put in place for users you can be sure that they will have important data stored on their workstations.  This should be itemized and a backup protocol put in place. 

5. Store backup safely.  Most backups used to go to tape drives.  Some users still use tape but most smaller systems now use portable hard drives since they are faster and often less costly.  Cloud backup systems allow users to move copies of their data over the web to offsite storage.

6. Offsite storage is critical.  Backing up your data to a location which remains in the same location as the primary storage is better than no backup but it is only limited in value.  In the case of a disaster; fire, water damage, break in and theft, physical damage, heating failure or other catastrophy the backup copy can be affected as well as the primary.  Removal of backup to off site is important.  At least remove a portable hard drive copy each day.

7. Use a structured cycle so you know when and what backup is what.  Knowing what is the latest available backup in the event of failure is important.

8. Keep redundant copies of older backups.  Unfortunately one to the things that causes data loss is the slow deterioration of the data due to persistent but not catastrophic errors.  This can happen with hard drives and even in RAID systems.  Being able to go back several levels of backup to find a place where the corruption was not present can save a lot of aggravation.  Not perfect but better than not having it at all.

9. If you use cloud off site backup then know where your data is going.  Understanding what jurisdiction is the location of your data is important both for legal reasons and compliance but also for your own comfort.  Most Canadian businesses want their data stored in Canadian data centres.  Some countries actually restrict data being stored outside of their borders for privacy reasons.

10. When looking at cloud backup understand the restrictions associated with data pipe sizing.  Data pipe size relates to the amount of data which can be transmitted over the connection over a given time.  With backup files being quite large for most systems the ability to recover your setup can be affected substantially by the speed of data transfer.  For many Canadian small businesses this can be a challenge due to the lack of good high speed connections cost effectively in business parks.

11. Consider a staged backup system.  With this design you do a local back up to another computer or a portable drive and then do a remote backup  to the cloud environment.  If there is only a hardware or software problem the local copy can be used for recovery without using the cloud copy.  This speeds the process.  In a complete disaster then the cloud copy is available to use even if it does take longer.

12. Document your system.  Too often backup systems are nicely designed by an operator and as long as that person is involved everything goes well.  The problem occurs when they are not available and no one else knows the procedure and makes sure the protocol is followed.

13. Test your system and do a periodic planned recovery.  Do this from a complete shut down to getting up and running.  Don't just trust software to tell you the backup worked.  Try it out regularly and document you have done so.  If it does not work now is the time to find out why not when you have the failure or disaster.

14. Put policies in place that discourage users from working around backup protocols.  Sometimes individual users may find it easier to use other methods to store or control their data, methods not part of the primary business system.  This can lead to fragmented data and important business assets being scattered around.  More sophisticated environments will not permit this but it can happen since it is so easy to find cheap or free data storage these days.

15. Understand the regulatory requirements you operate under.  Every jurisdiction has a level of privacy legislation which can impact your data storage systems.  Understand which data you hold is subject to regulation.  Understand what its vulnerability is and set the rules for how it is stored and where.  Encryption is readily available and not using it for critical regulated data is not acceptable these days.

16. Review all of your systems regularly, at least once a year.  Tools and software are always changing and the standards and costs change with them.  Often new tools can come along which can give you real gains in protection, make the process easier, and add security while even reducing your costs.  Just doing what you have always done maybe costing you more than making a change.

I'm sure there are more things that you should and could consider, but if you look at your systems with these types of checks in mind you will be better able to sleep at night knowing that your critical business information is less subject to loss and you should not be facing significant recovery costs if there is an event or a hardware failure.

How well does your backup plan rate?  What pieces are missing?  Anything more to add?

Lee K

Photo credit:  Flikr, The Commons