The resource that decided the success or failure of entire countries in the 20th century was oil. Although in the 21st century the world’s economies are still powered by oil, its position is no longer what it once was. Today, the key to winning the market game is data. At nFlo, we know that they require proper protection and we have the competencies needed to provide it.
The truth of the claim that the 21st century is the era of data is visible in the fact that it applies at every level – from the global economic system to how individual households function. We are interested in the middle of this scale, i.e., the business level. Here the growing role of data is clearly visible: enterprise IT systems are literally bursting with information whose growth seems to be infinite. Data is generated every minute a company operates. It is generated by production, logistics, and warehouse systems, it is produced by marketing, finance and accounting departments, and HR. How smoothly this data flows determines how the company functions.
Protect? Yes. But What?
General truths like those we cited above may seem like unnecessary truisms, but from our experience, the first, essential stage of any backup implementation is realizing how data affects the operation of the enterprise. Contrary to appearances, in the case of many companies, this issue is not at all obvious. There is actually nothing strange about this – the pace of digital transformation of processes is so great that understanding all the consequences of the changes taking place around is simply difficult.
As specialists in data security, we know this perfectly well and always try to provide our clients with full support in determining the needs of their organization. A careful analysis of the situation is necessary, in which the client brings their knowledge of the company’s operations, and we bring experience and expert knowledge of backup systems, their capabilities, and the principles of their operation.
For many organizations, it is sometimes also a challenge to define the situations from which the backup system should protect them. It is natural to assess threats with more spectacular effects as greater and more dangerous. Hence the fears of a very dangerous but rare attack by cybercriminals, for example using ransomware that encrypts the contents of all disks, or infrastructure failures related to natural disasters such as floods or hurricanes. Such events must be taken into account in planning, but the probability of their occurrence is much lower than the chance of events such as common human errors resulting from inattention or lack of skills, minor hardware failures affecting individual workstations, or even actions taken in bad faith by dissatisfied employees.
Combining the company’s key processes along with the data that is used and produced in them with the types of dangerous situations that may threaten them allows defining the framework of how the backup system should function.
📚 Read the complete guide: Ransomware: Ransomware - czym jest, jak się chronić, co robić po ataku
It’s Not Enough to “Do Backups”. You Have to Do Them Right.
An old saying, as old as computers and very wise, says that people are divided into those who do backups and those who will do them. One of our experts adds a very important footnote to it based on many years of experience: “There is also a third kind of people – those who do backups but don’t test the correctness of their recovery.” During conversations with clients, we became convinced that often it is not the implementation of backups itself that is the most serious challenge for an organization – it turns out to be doing it properly.
The level of awareness that an organization needs backups is already, as our experience shows, quite high. In many cases, however, it is only a point on a virtual list of “technologies that must be had.” This means that not enough attention is paid to planning purchases and implementation, performing them without deeper analysis, often on their own or by a contractor offering the lowest price. This in turn leads to implementing solutions that in the best case are not optimal for the organization, and in the worst case can be dangerous, leading to a false sense of security that vanishes the moment data from a backup becomes needed.
Having completed implementations in organizations from the financial, debt collection, and retail sectors, at nFlo we are well aware that there are no two identical cases and we approach each client individually, analyzing their needs and selecting the best solutions.
What Challenges Does Creating Backups Face?
How important the selection of appropriate solutions mentioned above is can be illustrated by the level of challenges facing the backup system of a large organization. First of all, creating a backup must cover as much data as possible and occur as frequently as possible. In an automated manner, not engaging IT personnel and insensitive to errors, frequent backups of selected, key data sets should be performed, including for example entire virtual machines, business applications, or databases. Why frequent? To reduce the amount of data that can be lost if a failure or attack occurs just before the next save point.
Frequent copying of large amounts of data has a very specific impact on the entire company’s IT infrastructure. Unfortunately, it’s a negative impact. Data for backup must be read from source machines and transmitted over the network, which means a serious load on production devices that must devote a significant fraction of their performance to this, and on the network infrastructure, effectively affecting the operation of the entire company. The latter may be less noticeable in the case of local backups, where data is transmitted only in a fast LAN network, but it can be very noticeable when increasingly popular backup to the cloud is involved, offering numerous advantages. Working with large clients, we dealt with a backup system covering over 500 physical machines and another 500 virtual machines as well as over a hundred databases in two locations – it’s easy to imagine the level of generated traffic!
But that’s not the end of the challenges. You have to realize that the amount of data contained in backups significantly exceeds the volume of protected data, because it includes at least several (and sometimes many more) points in time. The more data the client considers key and the more recovery points they want to have available, the greater the burden will be just storing the backup data.
The last, but not the smallest challenge that must be faced when planning an effective backup system is the burden on a different kind of resource: human resources. At a time when the company’s operation depends on the efficiency of its IT system, the demand for qualified specialists capable of maintaining it in top form definitely exceeds supply, making IT employees always too few and still too busy to work optimally. The backup system should not engage the time and attention of administrators, functioning in the background in the most transparent and autonomous way possible. This will not only help reduce the burden on IT staff but also avoid human errors or oversights, the consequences of which in the case of backups can be incalculable.
Good Backup Requires Good Hardware
Trying to offer partners optimal solutions that meet all challenges, we have strong support in reserve: dedicated disk devices called deduplicators. They have been designed and built specifically to relieve backup systems by achieving data reduction – and not only stored data but also transmitted data. The market-dominant Dell EMC Power Protect Data Domain solution allows simultaneous backup of up to several hundred clients, whose data is subject to rigorous reduction at the source, i.e., without the need to transmit and pre-record data before this process. Each copy made thus requires only transmitting and recording those data that have been changed – at the data block level. It’s easy to understand that this results in a drastic reduction in network load, and since everything happens using the computing power of a dedicated device, production machines that are the source of data are not additionally burdened by the deduplication process.
When using devices such as Dell EMC Power Protect Data Domain in connection with, e.g., Dell EMC NetWorker backup software, you can ensure the implementation of backups in an exclusively ideally incremental cycle. From periodically sent increments, Dell EMC Data Domain independently creates full copies – and without increasing the occupancy of its own disk space. These copies are created as instantaneous index operations. When it comes to restoring data, the administrator will therefore have access to a series of full copies – and will not have to deal with traditional restoration of the entire copy chain (i.e., a method derived from the times when tape copies dominated and the numerous limitations associated with them.)
In this way, including a dedicated device like Dell EMC Power Protect Data Domain in the company’s backup system significantly improves the backup creation process, allowing you to cope with a whole range of challenges generated by a backup meeting modern requirements. It enables coping with the load on production machines, excessive network utilization, the avalanche-growing volume of protected data, and finally the need to engage already too busy IT staff in additional duties.
It’s Worth Trusting Experience
Ensuring data security for an organization, and therefore for itself, is not easy. However, it is necessary if the company is to operate effectively and develop in today’s world. But it’s not worth being scared by the complexity of this problem and the number of related challenges. If a partner with knowledge, experience, and appropriate solutions is involved in the process of creating a backup system, success can be assured.
We know something about it.
Related Terms
Learn key terms related to this article in our cybersecurity glossary:
- Ransomware — Ransomware is a type of malicious software (malware) that blocks access to a…
- Security Operations Center (SOC) — Security Operations Center (SOC) is a central location where a team of security…
- SOC as a Service — SOC as a Service (Security Operations Center as a Service), also known as…
- Backup — Backup, also known as a backup copy or safety copy, is the process of creating…
- Network Security — Network security is a set of practices, technologies, and strategies aimed at…
Learn More
Explore related articles in our knowledge base:
- What is GDPR? A complete guide to data protection for companies operating in the European Union
- What is GDPR and What Are the Key Data Protection Principles in the European Union?
- What is RODO? A complete guide to data protection for business
- Cyber security in public administration: How to protect citizens’ data and digital services?
- Cyber security in the health sector: How to protect patient data and critical infrastructure of hospitals?
Explore Our Services
Need cybersecurity support? Check out:
- Security Audits - comprehensive security assessment
- Penetration Testing - identify vulnerabilities in your infrastructure
- SOC as a Service - 24/7 security monitoring
