How to back up company data properly
When backing up data, be sure to spread the risks.
Backing up data in businesses needs to be thoughtful. Dangers to data lurk in a number of places, and this is not something to be taken lightly, especially for businesses, all of which have expensive data on their computers that is worth protecting. Companies are also required by law to take special security precautions in many countries.
One principle that is often given too little attention is that backup media available unprotected on the network can be attacked by hackers, disloyal employees or by malware. At worst, such data can be deleted or spied upon. The following solutions are available to help.
Use different RDX disks.as backup media
You can name each disk you use "Backup" in Windows Explorer, or use the name of the day of the week for which the disk is intended. You should change these disks every morning and put them in the vault so that the disks are securely locked. Connect the disks to the server only for the time of backup so that viruses and hackers cannot access the disk. Encrypt the backup data with a secure password that contains at least 8 characters including different upper and lower case letters, as well as at least one number and one special character, so that your data cannot be spied on. Be aware: Someone could steal your hard drive with the backup on it - be it in the office or on the road. So an encrypted backup is essential - especially if you're transporting those disks on public transit.
Create a NAS backup
Use a NAS (network storage) as the destination for your backup or, alternatively, a dedicated computer on the network that serves as a backup file server. Access this volume only through a protected Samba/UNC network path, and give access permission only to the user specifically designated for backup. It is best to add a $ sign to the share name for the network disk so that this share name remains hidden on the network and is not tracked down by anyone. Do not set up network drives for the backup volume, as this makes it easier for malware and hackers to use the volume for their own purposes. Therefore, only access the shared backup folder via UNC path. This means extra protection for your data with the method of NAS backup.
To additionally store your data off-site,
mirror your data from the backup file server still to a NAS at a second location. You can set up this NAS backup to the remote NAS using VPN and a network share or using FTP access. If the data is not already encrypted, be sure to encrypt the data with a not easily crackable password at this point at the latest, otherwise the data can be intercepted and eavesdropped on during the data transfer.
Check your backup regularly
Do you still know the decryption password? Are the backup media working and can the data be restored from the backup media you re using? With a full bit-by-bit backup audit, you test whether all data could be restored from the backup without problems, or where there are still vulnerabilities, if applicable.
Create a manual,
that provides information about who is responsible for data backup in the company. In it, describe the data backup and its auditing processes. Another section in this data backup manual should describe the procedure to be followed in the event of a data loss.
About the Author Urs Langmeier, Founder and CEO of Langmeier Software GmbH
Articles relevant to the topicLangmeier Backup Version 10 is here
FAT32 or NTFS? Which format is better for backup?
How to back up your hard drive properly and not forget anything