Category Archives: Data Security

Seven Things to Consider When Choosing a Cloud Backup Service Provider

The best approach to fully protect your data (and restoring it after a big disaster) is by simply replicating all data to a secured data centre to an off-site location.

Cloud backup is done automatically with the help of the Internet. As a matter of fact, it is very important for every company to protect their personal or official data by using a good cloud backup service by choosing an appropriate service provider.

Seven Important Features in a good cloud backup service

With thousands of cloud backup companies offering what seems to be the same services, companies looking for these services become overwhelmed and don’t know where to start.  From a glance, they all all look the same.  But, the fact is, they are all different.  Clients need to have a service that is more efficient, reliable and cost effective. They also prefer to choose the backup service provider having efficient mechanism for the data protection and recovery from the main data centre. Clients also do not want to pay exuberant amount of money; they want a fair price.

Never choose the cloud backup service provider if he doesn’t meet the given requirements:

  1. Data Seeding Options:Data seeding reduces initial backup time and enables the user to transfer data easily. If you have a large amount of data to backup, start the backup by sending the data in an encrypted external media.
  1. Overnight Data Shuttle:You should ask if the company will be able to provide you with overnight shipment of critical data in case of network outage. This service is preferred by big organisations.
  1. Security for Storage and Transfer: You need to ensure that your data is safe with the service provider. After all, it is your data. Don’t choose a company if it is unable to offer security.
  • There are several government agencies dictating how data storage companies handle, protect and transfer data. Is the company HIPAA, Sarbanes-Oxley, Gram-Leach-Bliley and etc. compliant? Compliance to these regulations confirms the standing of the cloud backup company you are considering.
  • Ensure that all types of data transfers are fully encrypted with SSL protocols. This helps to minimise the chances of data hacking.
  • Check where the service provider stores the data. Ask what kind of procedure is in place to access the data centre. Does it have some kind of ID systems and video surveillance facilities?
  1. Geographically Dispersed Data Centres: Allows redundant copies of your data in more than one location in case of a natural disaster or a terrorist attack. Ensure that the data centres are at least 3,000 Km away from each other.
  1. Data Recovery with Different Devices:The service needs to be device agnostic. Today, everyone has laptops and other gadgets such as tablets. It is necessary to choose a backup service that allows recovering the data from different devices other than the one used to backup the data.
  1. Technical Assistance:A backup service provider must offer technical support in order to solve any issues. You should demand this feature in order to get the support you need to protect your data and perform recovery when needed.Daily Reports: This is for the information and record purposes. It is necessary to see the activities related to your data. You can easily see when and where data was transferred.

Handling Data Explosion Intelligently

Small and medium sized enterprises are experiencing a rapid increase in unstructured and structured data. SMEs are interested to find effective ways for data backup, easy access and data recovery, without investing a considerable amount of time and money. To manage data storage successfully, companies should understand the value of their data and reduce the cost that is spent for compliance risk, data loss and ineffective backup system.

Data Awareness

Most of the businesses do not have an idea of their data and when it is required to be accessed. They assume that every and all types of data need to be retained, which is an expensive and time consuming process. Thus, SMEs must classify data for better protection. Moreover, value of data type should be established to understand the impact of data (loss) on the business.

Managing structured data held in databases, record systems, and spreadsheets is quite an easier task; however managing unstructured data (social media, voice, images and emails) can cause a lot of problems. It is estimated that 80% of organisations’ data is in fact unstructured data. Consequently, such unstructured data makes it difficult to search, utilise and manage – whether it relates to recovery tasks, search, access or compliance.

Small and medium sized companies need to create an IT policy in order to understand different data sources. This is based on classifying data through business unit, to create an insight into data location, type and nature. It will help in finding the relevant sources of data in centralised and consistent way. Better backup policies could be applied based on the acquired knowledge. For instance, a company does not need to make backup of all files if data is related to music files, photos and videos. Therefore, a new policy could be introduced to delete, exclude or move such data.

Data Management Policy

From operational and compliance perspectives, loss of data can cause serious damages. To avoid data loss, companies need to have a particular backup system that has the capability to copy all information on given network. Data management system must establish a checklist to verify whether the recently updated or transferred data is copied or not.

To make certain that restored data is accurate, companies can test the system on trial basis by restoring data from the backup sets. Besides, all the shares and drives need to be checked regularly.

SMEs should make sure that valuable backups are saved at a distant place, outside of the company’s building, using cloud backup solution. The procedure should be as easy as backing up on storage devices, which are transported to an offsite location or using automated cloud backup solution.

Store all data in the company network, making it easier for access. In case, data is saved in a local workstation, it cannot be accessed by others, as a result, the information could be lost if the computer crashes. To avoid the loss of information, ensure that protocol is being followed to save data in the network, using a system to allow read only access to users.

To apply cost-efficient storage solution, companies should transfer less frequently used and old data to lower cost network storage. Get rid of data that is not required or needed to be accessed. Besides, users should be trained to delete unrelated to company business, personal files, especially large media files should be removed from databases, mailboxes and emails.

By removing duplicate files and selecting current file versions, up to 30% of space could be saved. Apply the best technology and appropriate backup processes to fulfill storage requirements.

Communicating Data Breaches with Employees

Data breaches happened less frequently in the past. With the increased activity in ransom-ware, data breaches are now becoming a daily occurrence.  Major corporations like Sony, Domino’s and Home Depot have been hacked. It is believed that there will be more data breaches in the coming months and years. If, as an employer, you find yourself in the unfortunate situation of a data breach, how are you going to communicate the breach to your employees?  What happens after the security breach?

Be Transparent

Employers should notify the breach to employees as soon as possible once they have all the facts about the breach.  Employees have the right to know about the breach incident directly from the employer, rather than from the rumours circulating. On the other hand, the companies are also required to make sure that workers will keep the shared information strictly confidential or at least until it is officially announced.

An Inside Job?

It is essential to ensure that employees are receiving the right information in a timely fashion. Tell them that concerned department has started investigations about the matter; without divulging too much details into the breach, so as not to alarm the culprit in case it is an inside-job.

An Outside Attack?

Share more detailed information (as they become available) about the breaches if your investigation confirms that the cause is not internal. Update them as frequently as possible.  This will ensure that the workers are not worried about their personal information. Personal information, like: address, social security numbers, birthday, salary amount, etc. could be recipes for an identity theft.

Personal Information

You need to think about Data Protection Act (DPA). In the UK, for instance, businesses must adhere to DPA. This act ensures that employers holding personal information on their workers must keep the information safe and secure. DPA is very helpful to avoid information breaches.

Businesses must report data breaches to the Information Commissioner in the UK. It also makes sense that employers inform and update their employees at the same time. If it is confirmed that employees’ personal information have been compromised, then the employer should offer support to its affected employees. Advice such as what the next steps should be and what to do if unauthorized credit card transaction is posted in their account. Detailed procedures should be described so that the victims can take immediate action whenever they face identity theft or unauthorized bank transaction.

It would be better to develop a database or provide a fully dedicated hotline so the staff can call and ask questions about the breach.

Official Press Release Statement

It is important to communicate with all employees, informing them that they are not authorized to speak to the press media about the incident at all times. Tell them that it is a standard process and everyone should obey this because the breach is related to company’s reputation and business.

Remember that data breaches are juicy stories. Reporters and bloggers love to write about them. Many true and false stories will be written. The key is to share the details with employees and release an official press release. You can win the trust of your employees by sharing timely information with them. This will give them more confidence and they will not share the details outside the company. The last thing you want is for the employees to learn about the breach from a third-party website or other traditional media.

 

Should Financial Stability of Cloud Service Providers be a Big Factor in the Selection Process?

Last year, Gartner predicted that we’ll get to a tipping point in the early 2018 when conventional data centres will not fulfil the requirements of “digital business”. They have also predicted that a long-term price conflict among the main cloud service providers such as Amazon AWS, Google and Microsoft Azure. It seems that companies are willing to lose money to secure a slice of the market share.

Taking the Plunge:

Businesses of all sizes are shifting to the cloud, however, it is not a mega-migration move. A steady and stable, incremental replacement of traditional data centre-based apps, along with cloud-based infrastructure and cloud-based communications to operate those applications that are not included as a part of service.

The speed of this change depends on on the potential for expense savings in the cloud, and on the “last mile”, which is the effort needed to make that move. However, risk is another big factor because data loss could happen when moving to the cloud with a not well planned migration.

Cloud Risks:

In the past, there was a few apprehension about the reliability of cloud infrastructure. In my opinion, cloud has gained excellent level of trust.  Financial stability of a cloud service provider has become a big factor.  In recent reports, behemoth Amazon reported loss from cloud services due to “aggressive investments”. Amazon’s deep pockets can absorb such losses, and it will not go out of business any time soon.  However, it can not continue to loss forever, and might increase the service fees dramatically.

Cloud Backup:

Remember, cloud backup is not just backing up your data in the cloud, but it is about protection of data that is already present in the cloud. It also means that the original data can be pulled back to the local data centre.

Avoiding Data Theft:

Cloud backup services help you avoid data theft. Companies are more serious in the matter of data protection. They need a storage and storage processes that ensure no data loss. Companies can use data archiving services as another way to store valuable information, preventing theft.  Data is archived permanently. Archiving frees up real-time storage space.  As such, companies can guarantee the accuracy of the information and archived data ensures a reliable long-term storage option.

Choosing Service Provider:

Companies must check the cloud service providers before choosing them. Customers face problems when their service providers change the backup options.  Such companies should be avoided.

Data Recovery Issues:

Recovery of the original files from storage service is very important. Users are also concerned about the health of files when these are recovered from the backup services. The backup facility should allow the customers to retrieve the original files without any damage. Different types of cloud backup services can be used to prevent data loss during storage and recovery process.

3 reasons why your business should adopt DRaaS

Disaster Recovery as a Service (DRaaS) solutions make essential safeguarding of applications and data both more accessible and effective for small and large businesses alike.

Whether it be a natural disaster, human error, cyber-attack or hardware failure, an interruption to IT services can be catastrophic for businesses. To deal with the challenges associated with storing and potentially recovering large volumes of mission-critical data, organisations have a compelling option in DRaaS.

DRaaS is a cloud-based solution that provides near instant replication of your servers. In the case of downtime, whether scheduled or unscheduled, DRaaS enables you to failover to a copy of your infrastructure and failback to your original infrastructure when it’s ready, maintaining business continuity.

Whilst high-budget enterprises have typically had Disaster Recovery (DR) infrastructures in place for some time, the emergence of DRaaS yields several advantages that make the same capabilities possible for all businesses.

1. Disaster Recovery as a Service Reduces Costs

It’s simply not viable for many businesses to purchase, configure and manage a secondary site to failover to in case of disruption. It requires a huge upfront expenditure on hardware, plus unpredictable data centre operating costs.

DRaaS solutions are much more affordable. There are no upfront costs, but simply a monthly, manageable bill for leasing resources. Ongoing costs, such as those for electricity usage and maintenance, are the responsibility of the vendor.

You also only pay for what you use – a benefit that typifies the cloud – and there’s no need for overprovisioning, as would be required with a traditional DR infrastructure.

2. DRaaS Provides Access to Enterprise-Grade Protection

New technologies are revolutionising DR, and the speed and efficiency that can be achieved in data protection. For instance, advancements in virtualisation software have made Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) of just minutes and seconds affordable.

For organisations that choose to operate their own DR infrastructures, adopting new, advanced DR software poses both logistical and financial challenges.

Leading DRaaS solutions will include the latest software as standard, enabling the same simplified data replication, rapid RTOs and RPOs and comprehensive data protection that enterprises have access to.

3. DRaaS Refocuses Your Business Strategy

DR can be a burden that bogs down your IT department. It can involve extensively managing a secondary site, performing regular, intricate failover tests and reviewing recovery capabilities to meet compliance requirements. This distracts IT from core strategy and responsibilities that develop your business.

More than the sum of its parts

DRaaS solutions provide access to new technologies, technologies that can automatically test and invoke your DR infrastructure, enabling your internal team to focus and prioritise tasks that are central to your long-term business strategy. As data security becomes an increasingly important responsibility for organisations of all sizes, DRaaS offers affordable, yet complete protection.

A DRaaS solution, as an alternative to configuring and managing your own DR infrastructure, is a formidable option for any business looking to exploit the efficiencies and innovation of the cloud.

To find out more about DRaaS from BTL click here or download our data sheet

 

Why Do Businesses Fail to Adopt Disaster Recovery as a Service?

With a Disaster Recovery as a Service (DRaaS) solution, small and large businesses alike can access comprehensive protection against downtime of mission-critical applications, which was previously only achievable for enterprises with significant IT budgets.

However, many organisations still overlook DRaaS solutions based on perceptions that are not necessarily accurate.

In this blog post we look at four common reasons why businesses opt against investing in DRaaS solutions.

 ‘We can’t afford Disaster Recovery’

Full Disaster Recovery (DR) is traditionally seen as a luxury reserved for big-budget enterprises. After all, configuring a secondary site for rapid failover involves considerable hardware and data centre investment.

By outsourcing your DR to a vendor with a cloud-based DRaaS solution, you eliminate these upfront investments and the need to overprovision. Advancements in cloud-based technologies enable DRaaS customers to run virtual infrastructures on any hardware, so there’s no need to maintain and replace specific hardware.

This makes comprehensive DR for all of your applications achievable with a limited budget.

‘We can’t afford rapid RPOs and RTOs’

Traditionally you needed deep pockets to achieve business continuity with DR solutions. Rapid Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) – i.e. the maximum period where data may be lost and the target time for the resumption of services – required extremely frequent snapshot replication of your applications and an always-on hot site with the required supporting infrastructure.

DRaaS vendors have adopted emerging, cost-effective virtualisation technologies that minimise RPOs and RTOs to just seconds and minutes. For instance, new DR software uses asynchronous replication at the hypervisor level, resulting in quicker, cheaper and more flexible failover.

Furthermore, DRaaS enables you to rely on the infrastructure of a vendor to gain rapid restore times. This will typically consist of a high-speed, fibre network connecting its data centres and stringent SLAs.

‘We don’t have the resources to manage Disaster Recovery’

Some organisations have a dedicated team to manage DR, but obviously this is out of the question for many.

A major advantage of DRaaS is that it outsources the replication, failover and failback processes, so you don’t need specialist resources and expertise. Some vendors have automated one-click systems to easily test and invoke an entire DR infrastructure, and then failback to the original infrastructure. This makes business continuity achievable with minimal human intervention.

 ‘We do not prioritise Disaster Recovery’

Planning for something that has not happened before or is seen as highly unlikely may prevent you from prioritising DR above other business processes and activities. However, the potential damage that downtime can cause to your businesses finances and reputation is so great that DR must be a top priority.

This is reflected by research that found that 70% of organisations that suffer from a severe IT disaster go out of business within a year.

By utilising a DRaaS solution, you can fully safeguard your organisation from lengthy data loss and lost revenue from downtime, without taking your IT department’s focus and budget away from other responsibilities.

It’s vital to examine your DR plan and processes, and consider the range of options that are available to your business. DRaaS is an attractive, yet often misunderstood option that offers exceptional efficiency and reliability in preventing costly downtime.

ClouDRaaS from BTL offers reliable and rapid response Disaster Recovery in the cloud.

To find out more click here or download our data sheet.

 

 

 

 

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal