In this year 2020, starting in March, things have changed a lot in our way of working, due to the coronavirus pandemic. While it is true that we were already in a period of transition to the digital world, Covid-19 has accelerated the process towards remote work. However, preparing for disaster recovery and backups is not as good as it should be. Today in this article we are going to explain what you should review to avoid computer disasters such as data loss, whether we work locally or if we work in the cloud.
In a few months, remote work has multiplied exponentially, and companies were not prepared for it. Right now, companies that have not opted for telecommuting are making a significant effort to adapt to a new way of working.
Review business disaster recovery
Faced with this new situation, even organizations with strong data protection and disaster recovery plans need to re-examine their strategies. The coronavirus pandemic has led to important changes in the way we work, whereas before in the office we had robust security policies against different attacks such as phishing, important control over access to the intranet and different resources, now that we are working on remotely, workers connect via VPN to their own PCs, which may not be protected against possible attacks, and are a vector of intrusion into the company network.
On the other hand, most companies weren’t ready to start. In this sense, disaster recovery and backup copies caused them to be immersed in a complex and difficult to resolve situation.
The rapid shift to remote work and use of the cloud
In a short period of time, companies of all sizes opted for remote work and the use of a public, private or hybrid cloud. Initially, company laptops were entrusted to their staff when they left their office, or allowed to use employee-owned devices. The workers then connected to the corporate server through a VPN or virtual private network . However, this was a problem for IT administrators because resources were difficult to manage, provision, scale, and sometimes underperformed, because all traffic must be encrypted from source to worker computers.
Over time, companies have trusted themselves, and all the restrictions that existed have decreased, this logically is not positive for the safety of the company and the worker himself, who can be easily attacked when browsing the Internet, since We will have the different filters that we have in the company, leaving through a proxy with content filtering.
Disaster recovery when working in the cloud
Businesses are turning to the cloud using infrastructure and software service providers (SaaS and IaaS). That means that IT administration is spread over several areas:
- The corporate data center.
- The cloud (often more than one).
- Remote users.
- SaaS providers.
As for SaaS providers, they work under a shared responsibility model. They make sure your infrastructure is secure, applications are available, and data is safe in the event of a disaster. However, the responsibility for granular and long-term data protection belongs to the customer . In a 451 Research survey , nearly half of all respondents wrongly believed that data protection was the sole responsibility of SaaS providers.
In the event that we mistakenly delete a Word document that is vital for a report, and we discover it a couple of months later, it can be a serious problem. Microsoft and Google automatically delete the data from the recycle bin after 30 days. Then that information will disappear forever, although in the higher paid versions of these providers we have the possibility of expanding this virtual “trash”, but we will always have a time limit.
The solution is to protect SaaS and IaaS data. In case there is no service that takes care of it, you have to find a solution. In the contract with your cloud service provider, make data protection a part of it. However, this is not enough, we must insist that they send backup copies of our data on a regular basis. Thus, if we have a problem, disaster recovery will be easier because we have backups of our information, for this type of task NAS servers are ideal to have a hybrid infrastructure (public cloud and private cloud).
Final thoughts on data protection
A data recovery can be very complicated in highly distributed environments. The cloud seems like a suitable solution, but we must take into account a few things. The first is that cloud providers make uploading data easy and inexpensive, yet the price for recovery goes up a lot.
That cloud recovery requires specialized expertise in virtual machines (VMs), end-user access, and networking is completely different from typical installations. We do not have to wait for a security incident to happen to prepare if we want to recover as soon as possible. In that sense, we need to re-evaluate our protection strategy and plan for the recovery of all locations. In short, we need good disaster recovery management that is backed by as complete a backup as possible.
3-2-1 Backup
The 3-2-1 backup scheme is a very good starting point, it is always recommended to make a total of 3 backup copies, on 2 different media (NAS and a disconnected DAS), and that one of these copies is in another physical location (or in the cloud). In addition, another very important recommendation is that we must periodically check if the backup is being carried out correctly.
