Data loss - a real threat to a company
There are two main threats related to company data. It can either be disclosed or lost. Data disclosure is a separate, broad topic - in this article, we will focus exclusively on data loss.
Data loss does not mean only physical deletion. An equally serious problem can be lack of access to data or corruption that makes it unreadable.
In practice, this means a situation where a company is unable to use its documents, systems, or work history.
Where data loss comes from
Data loss can have many causes. Some result from hardware failures, others from human error, random events, or malware attacks.
Hardware failure
In the morning, you turn on a computer or server and instead of the operating system, you see a disk error message. The system does not boot, and the data is unavailable. Hard drives and other data storage media are mechanical and electronic devices that wear out and fail.
User error
An employee organizes document folders and deletes files that seem unnecessary. Only after a few hours does it turn out that an important document or even the entire project directory structure was among them. In many companies, accidental user actions are one of the most common causes of data loss.
Malware attack
You come to work in the morning and try to open a document. Instead of its content, you see a message saying that the files have been encrypted and that a ransom must be paid to regain access. This is a typical ransomware attack scenario that blocks access to data across the entire company.
Random events
At night, a water system failure or a fire occurs in the building. IT equipment is damaged or completely destroyed. If the data was stored only in that location, the company may lose access to it with no possibility of recovery.
System issues
The operating system performs an update or a file system error occurs. After rebooting, some documents are corrupted or cannot be opened. The data is still physically on the disk, but the system cannot read it correctly.
Loss of access to data
There are also situations where data exists, but the organization has no access to it. This may result from loss of administrative accounts, loss of encryption keys, or authentication system errors.
Data loss in the cloud
Cloud data is stored on physical machines administered by people. These are also exposed to many threats. Every serious provider protects against data loss, but cases of data loss still occur. The cloud does not guarantee data security.
Basic rule: backup
The most effective way to protect against data loss is to perform regular backups. This should happen cyclically, preferably in an automated and monitored way. As a result, the process becomes as independent from the human factor as possible.
The backup frequency depends on business needs. For some companies, one backup per day is enough, accepting the loss of one workday of data. In other cases, backups are performed much more frequently - even every several minutes.
What it looked like in the past
Just over a dozen years ago, the classic backup method was saving data to magnetic tapes. The administrator created a backup and then put the tape into a "cabinet."
Although this solution gave a sense of security, in practice it often proved insufficient. Tapes were usually stored in the same location as the servers, so a fire or flooding destroyed both the data and the backups.
Additionally, it happened that during data restore attempts, the tape was damaged, and the data recovery process itself was very time-consuming.
Modern backup approach
Modern backup systems use several independent mechanisms at the same time.
At Helpwise IT, we apply the 3-2-1 rule:
3 data copies
2 different storage media
1 copy stored outside the primary location
This approach significantly increases data security.
Diagram of the 3-2-1 backup rule
3
3
copies
of data
-
2
2
various
carriers
-
1
1
location
offsite
Source
Local copy
Backup
Replika
ZFS
Azure
Cloud
Backup: 03:00
Copied: 847 GB
Retention: 30 days
A secure backup is based on three data copies, two different media, and one copy stored outside the primary location.
Data snapshots
The first protection element is so-called data snapshots created very frequently, for example every 15 minutes. They are created on a local server and allow data to be restored to an earlier state almost immediately.
In typical situations - such as accidental file deletion or document corruption - data can be recovered within a few minutes, with a loss of no more than several minutes of work.
Second copy in another location
The second element is a data copy stored on a separate server. It is often located in a different geographic location.
This protects data from hardware failure, fire, or flooding, as well as from ransomware encryption.
To reduce the risk of backup encryption, the backup server should not be directly accessible from the corporate network. Instead, it pulls data from the source system by itself.
Third copy in the cloud
The third element is a copy stored in the cloud. This is an additional security layer that protects data in the event of a major failure or disaster affecting the entire local infrastructure.
Services of this type are often cost-optimized - data storage is inexpensive, while data restoration can be more expensive. In practice, however, this is acceptable because such a copy is used only in emergency scenarios.
Why backup is so important
There is no single solution that will secure a company in every situation. Only a set of complementary mechanisms - local copies, separate infrastructure, and cloud copies - provides real data security.
Backup is needed only at one moment - when something has already gone wrong.