And 4 bonus tips for companies with Google Apps, Office 365, and Salesforce
In today’s business environment, data is now more secure than it has ever been. But because we rely so heavily on our software and data storage in day-to-day business procedures, any form of data disaster could send a modern business into a tail-spin. Whether the CRM corrupts in an update, an employee accidentally deletes a database table, or a hacker has ransomware’d your entire digital network there is one universal solution that can help you through these data disasters smoothly and without worry.
Disaster Recovery is the plan by which you can restore lost files, and quickly reconstruct a work environment by using saved backups of your work. Backups can cover anything from just your most important files to a complete software image of your entire network. The more comprehensive your backups are, the more completely you can recover from something like a Ransomware attack that wipes your network or having to rebuild your system from scratch after a flood.
In the past, companies handled their own backups, keeping archived files on a local server for when they are needed. But times, technology, and best practices have changed significantly since then. For a truly secure backup and recovery plan that will be there for you come hell or high water, outsourcing and cloud storage are by far your best option. Let’s take a look at four dominating reasons why businesses across the globe are choosing to outsource their backup recovery management rather than tying up internal IT resources or storing backups locally.
1) Reliable Backups Require Expert Implementation
The concept of backups is a very simple one. You keep a copy of your important files and, if anything happens to those files, you can load them right back into your system with virtually no lost time. However, for modern businesses with many terabytes of data to store, it has become much more complicated than that. Choosing the right files, making a backup copy, then compressing and safely storing that backup is a careful process that is best performed by an expert team.
Otherwise, you risk your backup files being selected incorrectly, corrupting during the massive compression process, or being stored in a way that is insecure or puts the backups at risk. If you want to make sure that a fully functional backup is taken at regular intervals and saved in an absolutely secure way, it’s best to rely on IT professionals who specialize in backup recovery plans. And other than managing your recovery plan, most companies have no need for a backup expert on their in-house IT team.
And if you want more comprehensive backups, saving entire computer and network configurations for quick whole-system recovery, this will require the work of an expert recovery team to extract and save carefully in a way that can be restored in case of an emergency.
2) Third-Party Storage is Safer than Local Backups
Where you store your backups matters a great deal if you expect them to be available after a data or system-wide disaster. Storing your backups locally is not your best option primarily because if a disaster does occur that wipes out your entire local system, the backups go as well. This is why even before the cloud, many businesses stored their backup disks in bank vaults and then in remote data centers.
Third-Party and off-site storage for your backups ensure that even in the most extreme cases, your backup files will be available. First, it keeps your backups safe from a system-wide malware attack or data corruption. If your business is attacked by ransomware that takes out every computer in the network, you will be able to safely wipe everything to factory settings and restore from your third-party backups instead of paying the ransom for your files.
The same is true in the event of a natural disaster. If something terrible happens to your building or in your region like fire, flood, or earthquakes you will be able to rebuild your company with new equipment and the backups that are safely saved in a third-party server on the cloud.
3) Backup Recovery Verification Takes Time Your IT Team Doesn’t Have
We mentioned earlier that taking large backups correctly is a skill that most core business IT teams do not possess. Not only does it take careful effort and expertise to correctly save backups of large systems, huge databases, and entire network infrastructures. To ensure that your backups are there when you need them, the recovery files must also be verified and re-checked from time to time.
Verification of files this big means accessing, scanning, and sometimes even performing a recovery-drill on a simulated environment to ensure that the backups can–in fact–function if called on to help you recover from a disaster. Taking a backup doesn’t simply require the ‘press of a button’. It is a constant process of saving, compressing, verifying, and confirming that your recovery plan is in place.
And let’s face it, your core IT team probably doesn’t have time for this kind of rigor through the process is vital to make sure your company is truly covered in case of a disaster.
4) Performing a Recovery from Backups
You need a team who is ready and able to enact the recovery plan should that ever be necessary. Especially if the disaster in question is not completely system-wide (and most data disasters aren’t), then your in-house IT team will still be occupied with their everyday duties. They are great at making sure your office computers are performing properly, helping employees use your business software, and managing internal tech support requests.
A third-party backup and recovery team, on the other hand, is ready to dedicate their entire day to enacting a complete or partial recovery from the backups they have been manicuring for this very purpose. Let your in-house IT team continue to focus on what they do best. By relying on an outsourced backup recovery team, you can be sure that your backups get the full attention and verification they deserve. And in the event of lost data due to error, disaster, or malware attack, your recovery team won’t have to split their focus to get your recovered data back where it belongs so you can return to business as usual.
5) Integrated Disaster Recovery Plan
Finally, your disaster recovery technology partner should provide a disaster recovery plan specific to the infrastructure being protected by the DR solution. The plan should include the required steps to take in the event of a disaster so the plan can be followed not only by the technicians, but also by your management team. This disaster recovery plan can then be included in your organization’s overall Business Continuity Plan. A BCP is required if you operate in the financial services industry and is a common request from IT auditors looking to validate general controls within an organization.
4 Bonus Tips for Protecting Cloud Data
One of the most business–friendly innovations in recent years has been the proliferation of cloud apps like Google Apps, Office 365, and Salesforce. These SaaS apps have fundamentally changed the way we do business, enabling companies to take advantage of economies of scale, reduce infrastructure costs, and expand the boundaries of a cubicle. Storing data in cloud applications is far safer than storing data on most on-premise storage systems —but “safe” does not equal “invulnerable.” In fact, one third of SaaS users report losing data in the cloud. Yes, the cloud is safe, but it’s not infallible and today’s cloud vendors lack the incentive to point out their vulnerabilities. So we’re stepping in! We will compare three of the world’s premier SaaS applications (Google Apps, Office 365, Salesforce) to highlight how they are (and aren’t) protecting your data. Get the facts straight and start backing up before it’s too late.
1. HOW IS DATA BEING PROTECTED
Google offers infrastructure high availability (HA) with erasure code and multiple replicas in multiple geographies, so data will still be accessible in incidents of hardware failure. Google does not offer native backup capabilities for Google Groups or Sites data.
The infrastructure of O365 is not unified, which means the backup capabilities for the components differ depending on the application. Backup measures include: local flash copies, encrypted, offline remote backup, and near real-time replication to a data center.
Customer data is automatically backed up to a tape library on a nightly basis. Backup tapes are cloned to an offsite facility to verify their integrity. Clones are stored in a secure, fire-resistant location at the same offsite facility.
The cloud, when left alone, is very safe. Google, Microsoft and Salesforce do a great job of ensuring the data is protected. And yet, data loss happens every day. So who’s at fault? The single leading (and unpreventable) cause of data loss in the cloud is end user error. This will always be an achilles heel of the cloud until software can discern between an intentional and unintentional command. Other common culprits? Intentional deletion by disgruntled employee, hackers and external app errors (data corruption via syncing/over-writing). When data loss occurs, it’s likely not the fault of Google, Microsoft, or Salesforce. With a cloud-to-cloud backup solution, businesses own the data from the moment a backup begins without limits around point-in-time.
2. HOW DATA IS RECOVERED
Once admin or end user deletes any data, the files stay in the Trash folder for 30 days, after which point the data is deleted permanently and only recoverable by an admin. Data is irretrievable once an admin deletes a user account.
Microsoft backs up data daily multiple times. End users may recover deleted files from the Recycle folder. Admins can restore data, such as collections, as well as deleted users.
Salesforce support can recover customer data at a specific point in time, in the case that it has been permanently deleted or corrupted. The price for this service is a minimum of $10K and it could take weeks.
If data is lost due to human error, malicious attacks, or other reasons, there are some options to restore said data, but they mainly involve relying on Google, Microsoft, and Salesforce, not to mention, potentially paying thousands of dollars. It could take a while, which isn’t helpful when the data is critical to day-to-day business operations. Also, mirror image replications means ransomware, such as CryptoLocker, can potentially access replicated Google data, which is not something anyone wants to recover.
With a cloud-to-cloud backup solution, cloud data is available whenever it’s needed.
Businesses can safely and securely restore any historical data without relying on the service provider. It means users can restore any lost or corrupted data while maintaining the integrity. So if malware strikes a system, users can restore data from a point-in-time before the data was hacked without compromise.
3. RECOVERY LIMITATIONS
Any data deleted from Trash folder requires admin assistance to recover, but only for 25 days. All or nothing restore – cannot select specific files.
Data deleted from the Recycle folder goes to the Recoverable items folder for 14 days (30 days if reconfigured) and requires admin assistance to recover.
Only 3 months of data recoverable. Deleted data goes to the Recycle Bin and is queried in an “isDeleted” API. Data deleted beyond this requires SFDC assistance. Any recoverable data must be manually imported back into Salesforce.
Recovering data through the native apps is limiting – not only in how far back you can restore data from, but in what you have control over. It may also be a long, tedious process with a lot of manual workloads. With a cloud-to-cloud backup solution, businesses are no longer limited to just a few weeks or months of data. For example, companies with a SaaS backup solution can backup all data without having to delete previous versions. So whether the data is from last week, last month, or last year, it can easily be recovered.
4. RECOVERY TIME
Up to 1 hour.
A 15-business day minimum.
The time it takes to recover data from the cloud varies app to app. For Google Apps, O365 and Salesforce, it can take anywhere from minutes to weeks to longer (if at all). With a cloud-to-cloud backup solution the data is restored directly into the app in minutes without overwriting any previous versions, making it easily identifiable as a restored item.
While cloud applications are more resistant to data loss than conventional, on-premise solutions, they are far from immune to irreparable loss of data. Today’s companies back up their on-prem data to ensure they don’t have a single point of failure for their irreplaceable information. This doesn’t stop being a great idea just because the data is now in the cloud. If you’re leveraging SaaS applications, make sure you are treating the data just as you do your on-prem data: by backing up. It’s a standard practice that needs to be implemented wherever your business data lives. After all, the more you do business in the cloud, the more you have to lose.
You don’t have to compromise between a productive in-house IT team and a rock-solid backup recovery plan. Let our team hear at Kraft Technology Group manage your advanced backup recovery plan, manicure your backups, and come to the rescue should the recovery plan ever be necessary. This way, your everyday IT needs are covered by your in-house team with our experts waiting at the wings in case you need emergency recovery services at any time. For more information about how we can provide the exact backup recovery solutions your business needs, contact us today!
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.