How to Prevent and Recover from Data Loss

Category: Security
April 13, 2018
data loss protection security

Loss of your company data can be extremely damaging, even fatal to the future of your organisation. When we talk about losing data we often think of viruses of other malicious hacking of our networks, but often data loss is due to less malevolent but equally devastating reasons, such as

  • Your hard drive dies
  • A computer, server or network fault
  • You drop your laptop
  • You spill coffee over the PC
  • Laptop is lost or stolen
  • A fire or flood in the building
  • You accidentally overwrite or delete the data
  • Someone forgot a password that cannot be recovered

These happen all the time. It’s not just bad luck it’s part of life and it will happen to you too at some stage. So if we know it’s going to happen, we need to form a plan on how to recover.

Make Backups Often

The most obvious line of protection is to make a backup. Not only you data but (maybe less frequently) all the software needed for your business to run.

Make data backups often, because the amount of information you loose will be the new data you’ve added since the last backup. If you can automate this process then you’ll probably fare better if the worst happens.

Have multiple backup devices and locations

The backup device or location probably has the same potential risks as your own storage, so backups should go to different devices and places. If you computer crashes and then you find that your USB-stick has also been corrupted then you’re in trouble.

Use at least two different backup devices, and maybe on a less frequent basis copy it to a third. Remember the longer the time between backups, the more data you will loose.

Try to keep your data in at least two physically different places. Off-site locations must be secure. Ensure for all locations that you conform to all legal requirements about the storage of user information, including local and geolocation of the data.

Don’t blindly trust Cloud Solutions

The Cloud has provided us with an easy and often inexpensive way of backing up large amounts of data. But these companies are not infallible and sometimes go out of business. You may also find that contracts have expired or changed and the storage company has deleted your data.

These Cloud companies must have, at minimum, the same security requirements as your own system. Data exchanges between you and the Cloud should be encrypted and secure.

Keep your Virus protection up-to-date

A virus may wipe or corrupt your data. The danger is that you may not realise for some time, in which case the backups may also be corrupt data. Keep all virus protection and firewalls up-to-date and rotate your backup devices so that you have a number of historical backups available.

Train Staff properly

Unfortunately, I have heard of several occasions where members of a company’s own staff have made a critical error resulting in deleted or obsoleted data records. New staff, new systems, infrequent use or just poorly trained employees can sometimes cause problems. Train them properly and provide up-to-date manuals where necessary.

Watch who you trust

To many modern organisations, data is the company product and therefore data is money. It’s valuable to you – and probably to others as well. You don’t have to give full access to all employees and contractors. Restrict access to data whenever possible. Even in-house systems should have password-only access at a minimum.

Users can do considerable, sometimes permanent, damage to data. You may know of some people whom you don’t or no longer trust. Don’t risk it. Work on a need-to-know basis.

If you are not an expert then get advice about computer and network security, including the access to and protection of data both on and off your premises. Data transmissions need to be encrypted. You may need audit paths.

Make a Disaster Recovery Plan and Test it

Make a plan of how you would recover if a disaster happened. What would you do if you turned up for work and the building was burnt to the ground? What would happen if your laptop was broken beyond repair and recovery? How would you get your data back and your business running again? It can happen.

Like the occasional fire drill, you should have a practice day of how to recover from a major catastrophe. You can test whether your backup system actually works, and find out if you have all the passwords, addresses and software to access it and get running again in a reasonable time.

It sounds – and probably is – hard work, but one day you may have to do this for real. It’s better to find out how good the system is while you still have a chance to change it.