In June 2020, the EU Commission’s Digital Economy and Society Index positioned Ireland as 6^th out of 28 EU countries in terms of digital progress. Within this, Ireland ranked number one for the integration of digital technology, with the report noting that Irish SMEs excel when it comes to e-commerce, the use of big data, cloud services and social media. As partner to so many of Ireland’s leading organisations, Datapac are proud to have been part of their digital transformation journeys and contributing to this advancement.

With digital transformation, however, comes the increased reliance on data as it becomes intrinsically linked to organisational success. Data integrity, completeness and availability is essential, and an effective back-up strategy is core to this. Based on our experience, we reflect on some key backup considerations for organisations going through their digital transformation journey on this World Backup Day.

The 3-2-1 rule

Disruption may come in many forms, whether that is hardware failure; accidental or malicious deletion; a natural disaster, or as a result of cybercrime. When it comes to protecting data and ensuring business continuity, there is a level of acceptance that incidents with the potential to cause disruption (despite all best efforts) can and will happen, particularly when it comes to new and advancing threats. While it is essential to ensure that controls are put in place to prevent incidents, forward-thinking organisations are also looking at their level of cyber-resilience.  Having a good backup strategy is a cornerstone to being cyber-resilient, and the 3-2-1 rule is a tried and tested approach that ensures organisations have data appropriately backed up to cover the range of scenarios that may necessitate a data restore. Essentially, by keeping three (3) copies of data, as two (2) different media types, with one (1) of them located securely offsite, organisations can select the most appropriate backup to restore from in any given circumstance.

Importance of business continuity

While backing up data is important, it is not enough on its own to ensure a baseline level of cyber-resilience. The backup strategy also needs to consider business continuity if it is to effectively prevent costly downtime. It’s all very well having a copy of your data, but how do you access it and return it to a useable productions state?

There are two things to remember when devising a business continuity plan and that is the Recovery Time Objective (RTO), which is the pre-determined duration of time within which data must be restored after a disaster or disruption to avoid unacceptable consequences, and your Recovery Point Objective (RPO); the maximum tolerable period of time in which data might be lost due to a disaster. Working out these numbers will help you understand what type of business continuity solution is best for your business. And remember to test your strategy and plan regularly, it’s a fire drill for your data!

Every Cloud Needs a Backup

A report published by Microsoft in 2020 found that companies believe 45% of employees will continue to work remotely, as the shift to work-from-home models is likely to become more permanent. Indeed, it looks probable that this trend will be further consolidated into the everyday lives of Irish workers, with government proposing to introduce a legal right to request to work from home as early as September 2021. As such, it looks certain that the increased consumption of Software-As-A Service (SAAS) such as Microsoft Office 365, a business-critical enabler of productivity, communication and collaboration, will show no sign of slowing down.

It’s a common misconception that data stored in the cloud is secure, however cloud-based services are still susceptible to data loss and organisations need to think beyond what is physically on-premise to ensure that information can be retrieved. Microsoft, for example, will not take responsibility for data lost from applications such as Office 365 due to malware or operational failures, therefore a form of Office 365 Data Protection needs to be implemented.

Equally, businesses consuming platform or infrastructure as a service (PAAS or IAAS) have a level of shared responsibility with the service provider – be that leveraging Amazon Web Services (AWS) or Azure, the data and the responsibility to back it up remains the responsibility of the business. The thing about the hypothetical cloud is, it’s often easy to forget that the cloud is just your data on someone else’s hardware in someone else’s physical data centre. To highlight the issue, it’s useful to ask the question: would 30-90 days of onsite backup have been acceptable to your business when you ran your exchange or file servers on premise, with no month-end or year-end backups? This may now be the level of protection you have for your data in a cloud service, if you have not considered a backup solution for that data.

Conclusion

Today, organisations have to navigate complex ICT environments, an increase in cloud mandates and increasing levels of regulation and compliance when it comes to data. This combined with globally uncontrollable factors, driving unprecedented change in the world of work, makes for a tricky course.

On this World Backup Day, take the time to reflect on three key questions when planning your digital transformation and charting your journey to cyber-resilience:

• Does your backup strategy meet the principle of 3-2-1?
• Have you established your baseline RPO and RTO and tested that your business continuity solution can meet those objectives?
• Have you protected your data in the cloud?

For support in answering yes to any of these questions, Datapac, as a Microsoft Gold Partner and Datto Platinum Partner, can expertly guide your business on its way. For over four decades, our team of highly-accredited engineers have been enabling our customers to protect their data. From the days of magnetic media, to the cloud-powered services of today, the solutions have certainly evolved, but one thing remains constant; and that is our passion to protect data wherever it might live.

Get in touch with our team today at info@datapac.com for further information and support.

Karen O’Connor, General Manager, ICT Services and Solutions at Datapac