9 Crazy Myths about Corporate Data Backup
In May, we stumbled across a great article at ZDNet titled, “Ransomware is now so awful it’s actually making us take security seriously.” The upshot was this: ransomware’s destruction comes with a silver lining. It’s so bad that it’s finally forcing organizations to invest more in their corporate data backup systems.
But then WannaCry happened, and thousands of companies were caught with their patches down. (Their O/Ses weren’t up to date, and their data recovery systems weren’t so good either, assuming they had systems implemented at all.)
Then Petya happened, and thousands more were hit again.
Apparently, for many organizations, ransomware just wasn’t awful enough yet. And you can bet that thousands more still aren’t taking it seriously, even now.
Why aren’t businesses more concerned about data protection?
The reasons are complex.
Many companies are facing shrinking IT budgets at a time when their systems are more vulnerable than ever. Other companies may believe their existing backup systems are fine, when in fact they’re horribly outdated.
And for other companies, the reason essentially boils down to this: the stakeholders don’t believe a major disaster will happen to them. Even those that do understand the risks may not be willing to make the infrastructure upgrades recommended by their IT managers – at least “not this year” – because they believe they’ll always have other, last-resort options for recovering their data after a loss.
That’s simply not true. If you’re not properly backing up your data, and you experience a major data loss, then that data is probably gone for good.
This is just one of many common myths that some decision-makers have about corporate data backup. Today, we look at several more of these myths, which are stopping companies from making the infrastructure upgrades they desperately need.
The myths range in seriousness from “understandable” to “WHAT ARE YOU THINKING?!” but there’s one thing they all have in common: they’re falsehoods that leave many companies vulnerable.
Most Common Corporate Data Backup Myths
Myth #1: We can survive a data disaster.
Actually, probably not—especially if you don’t have an adequate disaster recovery plan. The data-protection experts at Datto say that a whopping 94% of businesses fail after a disaster when they don’t have a business continuity plan (BCP).
Even among those that do have a BCP, the numbers don’t look so good. A 2010 report by Gartner showed that 43 percent of companies who experienced a major data loss were immediately put out of business. Roughly half of the companies that initially survived also failed within the next two years.
Myth #2: Anti-malware will protect our data.
Really? Even if your servers are flooded? Even if your whole building burns down? What if files—or whole directories—get accidentally deleted?
Your anti-malware/virus software is absolutely a critical first line of defense against certain types of cyberattacks. But it certainly won’t save you in all disaster situations. Even ransomware can quietly infect your systems and lock up your data without ever being detected by your anti-malware software. A wide range of other threats make it essential to back up your data, regardless of your other cybersecurity measures.
Myth #3: Humans don’t make mistakes.
Tell that to the IT person who’s constantly recovering files for the employee who keeps deleting important spreadsheets, customer records and Word docs. Tell it to the hospital that just lost all its patient data in a ransomware attack because someone in Payroll clicked on a phishing email.
The point is: even the best of us make costly mistakes. Accidents happen. According to Datto, the majority of downtime incidents are caused by human error.
So the question becomes: how much time and resources are you willing to give up when those accidents inevitably happen to you? If you’re using an outdated BCDR system, each of those seemingly small mistakes is probably costing the company a ton of money. And it’s only a matter of time before a giant mistake causes destruction you can’t recover from.
Myth #4: We’ve got backups. We can always recover.
Backups are only the first half of the BCDR process. Just because you have them doesn’t mean the files will be recoverable or available within a reasonable time. How do you know the recovery won’t fail? Traditional backup methods, like tape, are notorious for high failure rates.
Even if you can recover everything, how long will it take? Have you evaluated your RTO recently, or tested it to make sure it’s accurate? A full recovery could take a lot longer than you anticipated if you’re not using the right technologies. And since research shows that each hour of system downtime costs the average small business $8,581 per hour, underestimating your recovery time is a recipe for disaster.
Myth #5: It’s in the cloud, it’s fine.
Cloud backups may indeed be a smart measure, but it all depends on the systems and services you’re using. How do you know your cloud backups haven’t been infected with the same malware that took down your on-site servers? How often are files being sent to the cloud? How long will recovery take? What happens if your cloud provider went offline?
These are all questions you need to ask when backing up to the cloud. Not all cloud storage options are the same. On the contrary, some are far better than others. Consider leveraging a hybrid backup approach that lets you backup both locally and in the cloud for greater protection, and be able to virtualize the backups from anywhere.
Myth #6: Our server room is impenetrable.
Believe it or not, some folks actually believe this. Perhaps they’ve installed special fire-suppressing systems or put some extra padlocks on the server-room door—who knows? But whatever the reasoning, this mindset is incredibly shortsighted!
First of all, the physical safeguards around your infrastructure will do nothing in a cyberattack or when an employee accidentally crashes your business-critical applications.
Second, all devices fail eventually. They all have a lifespan. This is why you need to back up to multiple sources—so that when one file storage device goes down, you can still access the data somewhere else.
Third, how do you really know the server room is so safe? Consider for a moment that the U.S. has experienced an average of 336 natural disasters per year since 2010, and research shows that these occurrences are increasing and intensifying due to climate change. Just because you haven’t experienced devastation already doesn’t mean you won’t.
Myth #7: Corporate data backup is too expensive.
BCDR is an investment, like any other technology implementation. And when you run the numbers, it becomes clear that safeguarding your data with today’s best business continuity solutions costs far less than not having a solution at all.
All it takes is one disruptive event to cripple a business. When you factor in forfeited revenue, lost data, disrupted processes, damaged equipment, legal/compliance liabilities, damaged client relationships, damaged company reputation, wasted resources—the costs skyrocket in all directions. By preventing even just one such event, your corporate data backup system virtually pays for itself.
Myth #8: The business is too small to need it.
Okay, if you catch fish for a living and sell it at a market stand, maybe you don’t need BCDR. But if your business involves data at all—any files that have value or importance and would create a disruption if you suddenly lost them—then you need to be taking data backup seriously.
Sure, if you’re a small business, there’s no need to invest in a sprawling enterprise BCDR solution. However, with the right implementation, you can get enterprise-grade protection at a price that’s affordable for small businesses.
Whatever you do, don’t assume you’re too small to feel the impact of a major data loss.
Myth #9: The business is too big to fail.
This is the flipside to myth #8. Medium to large corporations—especially those that are experiencing fast growth—often fail to address their data risks simply because nobody has time to think about them. They’re too busy dealing with the “day to day,” not the potential risks of “tomorrow.” And when a company is growing rapidly in all directions, everyone assumes that dependable data backups are already happening, when in fact they’re not.
This illustrates the importance of not only implementing the backup technology itself, but also thinking proactively about business continuity as part of an ongoing continuity strategy. In other words, you can’t just install a backup appliance and call it a day. You need a plan.
To truly prevent and mitigate the destruction of an unanticipated disaster, you need to work on your continuity planning on a regular basis. That means designating a recovery team, reevaluating your business continuity plan, defining your continuity objectives, performing risk/impact assessments, finding system weaknesses and continually identifying the best backup technologies for your business’s needs.
Learn more about your corporate data backup options
So, which technologies offer the best protection for your company? Let our business-continuity experts help you evaluate your options. Request a free demo or consultation by contacting us today at (646) 395-1170, or by email at success@invenioIT.com.