Why BACKUP Is NOT Protecting your Data

Backup has always been the practice of preventing data loss due to many unexpected circumstances and disasters such as hard disk failure, system corruptions, fire/flood.  It has become a status quo most people believe that having a backup of their data means that their data is safe.  However, many are unaware that how they backup the data and how they store their backup determine the safety of the data.

What do I mean by that?  Well, let me break it down for you.  Most of SMEs or audit & accounting firms in Malaysia that we have encountered are using external hard drive as the main storage medium for backup.   As shown in our survey below, 83% of the SMEs are using external hard disk as one of their backup methods.  

Chart 1.  All backup methods practiced by the 100 Malaysian SMEs Surveyed

58% of them use only one external hard drive to backup all their critical business data.  Obviously, they believe the external hard drive is sufficient to protect their data.

Chart 2. The Malaysian SMEs who are using only one backup method

These 58% of SMEs are putting their business at great risk.  Why?  Although they may recover the data from the external hard drive in the event of server hard disk failure or system corruption, the external hard drive cannot escape from a disaster such as fire, flood, or even break-in which has happened to many over the years.

To make matters worse, in this highly digital and connected world today, malware has found its breeding platform.  In one of the case studies that we encountered is a management office which was using external hard drive as its only backup medium.  While they were performing the best practice in backup with external hard disk – unplugging or disconnecting it after a backup and keep it at a safe place – , what they are unable to prevent is the attack of ransomware.

Ransomware encrypts your data and extort money from you

Nobody was aware that their server was infected by ransomware when the administrator was performing the routine backup of the server’s data to the external hard drive.  When the ransomware locked down their system with the display of the ransom note, only the administrator realized they have been attacked.

While reformatting and getting the system to run again was not too difficult, the real disaster began when the administrator was trying to restore the data back into the system, and found out that all the data in the external hard disk had been encrypted.  The hidden ransomware was working quietly at the background encrypting all the data in the external hard drive when the admin plugged it into the server for backup.

One year of data was lost because of the ransomware attack.  The downtime the office suffered, as well as the cost and resources to rebuild the data has significantly affected the revenue and the reputation of the business.

Those SMEs who are using multiple backup medium are having the best practice of backup in mind, which is the 3-2-1, meaning every business ought to have 3 backup copies, 2 copies reside in the office premises, or onsite, but in 2 different storage mediums (2 external hard drives or 1 external hard drive and 1 NAS), while one copy should always be outside of the premises, or offsite.

A typical SME with best practice of backup normally has its backup copy on an external hard drive or 2, and another copy in a Network Attached Storage (NAS) or another PC or server, and finally a remote copy in the cloud storage. 

However, does that mean their data is protected?

Well, their data is definitely much safer than just having one single backup copy, but their data is still not truly protected.  Here is why – the external hard drive, NAS, and the Cloud Storage are considered as Online Backup System, which requires the storage medium to be connected to the PC or server in order for the backup to be performed.  Being ‘Online’ means these backup storage mediums are exposed to the risk of being infected or encrypted. 

The only and safest way to protect your data is to keep all your backup Offline.  The simplest way is to backup up to a new external hard drive or new tape and store it at a safe place, and never use again until you need to restore data from it.  In order to keep it truly offline, you will have to use a new external hard drive or new tape which may not be practical unless you have unlimited of them, but storing and management of drives and tapes are also another cost, let alone the human factor in doing all these manual backups.

Hence DoubleShield is designed to take all the cost of new external hard drives and the human factors out of the equation, and automate the offline backup for your critical business data at as low as RM 1 a day.

While Offline backup is one of the main features of DoubleShield, do check out other features of DoubleShield too.

Leave a Reply

Your email address will not be published. Required fields are marked *