8 Data Protection Best Practices for Data Backup Day, and Every Day
Originally created when a journalist had his digital livelihood ruined by a cyber-attacker in 2012, World Backup Day has gained commercial significance as organizations manage ever-larger data volumes and face a higher risk of data breaches.
Why Data Protection Matters
Once considered mundane administrative tasks, data backups have become mission-critical to companies. This is due to several factors:
- Increased data. The amount of global data created, consumed, and stored will increase from 79 zettabytes in 2021 to 97 zettabytes by the end of 2022, according to Statista.
- Costly data breaches. Research from Ponemon Institute shows that the average cost of a data breach has risen to $4.24 million.
- More remote users. Today’s work-from-home culture has increased IT risk, since administrators can’t restore users’ devices quickly in the event of critical data loss.
- Emerging mandates. Global data privacy regulations continue to expand rapidly, resulting in companies becoming laser-focused on data breach prevention.
How to Protect Your Data
With the increased importance of data protection to organizations of all sizes, here are eight best practices you can institute right now to maximize your company’s data protection.
Reduce Content Sprawl
A simple—and relatively inexpensive—way to improve data protection is to reduce content sprawl. To start, reduce the amount of redundant, obsolete, and trivial (ROT) data that your organization manages. This dramatically improves user productivity, because users have to spend less time searching for the files they need.
To put the magnitude of content sprawl into perspective, Egnyte’s Data Governance Trends Report found that the average organization deploys a whopping 14 file repositories, and a Splunk report found that up to 55% of stored data can be considered redundant, obsolete, trivial or dark (“dark data” refers to stale or unused data). So, for every 20 files that an organization stores in its various repositories, only nine of those files can be considered current.
By reducing content sprawl, you not only improve the user experience, you also dramatically reduce the organization's potential cyber-attack surface.
Restrict Users’ Access to Information
With so many employees changing positions as a consequence of The Great Resignation, it has become even more important to restrict users’ access to data. As a general rule, limit access to only the files the user needs to do their job. For example, employees in your marketing department should have access to their individual payroll information, but those employees shouldn’t have access to payroll information for the company as a whole.
That example might sound far-fetched, until we consider that in most data repositories, individual users can give colleagues and business partners access to sensitive folders and files. As someone with a very common name, I’ve frequently been added to repositories that I shouldn’t have been added to, simply because there was another user at the organization with the same name.
For your reference, here’s a real-world example of “need to know” access control guidelines, from the University of California, Berkeley.
Comprehensively Inventory Your Data Repositories
As the adage goes, you can’t protect data that you can’t see. To improve visibility, conduct a comprehensive review and inventory of your current data repository infrastructure. This will help identify potential shadow IT implementations.
In this case, you’ll need to combine traditional technological approaches like IT audits and network scanning with in-person outreach. Rather than advocating a “my way or the highway” approach, you’ll need to engage with stakeholders in business units to identify what data repositories they’re using, and how the repositories can be secured more effectively. Outreach will also give you important insight into the shortcomings of company-sanctioned data repositories, so you can make them more effective.
Restrict File Sharing in Content Collaboration Services
Content collaboration services like Microsoft Teams and Slack have revolutionized the way that we share content with colleagues and business partners. But, such solutions can lead to content sprawl and unsafe content-sharing practices if they aren’t managed effectively.
Educate users about the need to share links to files instead of file attachments when collaborating. And when you offboard a particular user, remove their access to any content collaboration solutions immediately—such solutions pose significant IT risk and provide an attractive target to potential cyber-attackers.
To put that advice into perspective, a recent study by Microsoft found that up to 10% of Active Directory users can be considered inactive, based on end users’ login timestamps. For a company with 200 end users, that means up to 20 of your Active Directory accounts could be accessed by cyber-attackers or former employees!
By restricting file sharing in these services, you’ll reduce your file storage clutter and improve your security posture.
Incorporate Data Backup into Your Incident Response Plan
Data backup procedures need to be memorialized in your company’s incident response plan. Although that recommendation might sound like common knowledge, a study that appeared on ContinuityCentral.com found that an unbelievable 58% of data backups fail, leaving those companies’ data unprotected.
To prevent such situations, your data backup, encryption, and business continuity/disaster recovery (BCDR) procedures need to be formally captured in writing and routinely stress-tested. This helps to confirm that data backup processes will function properly in the event of a real emergency.
Implement Multi-Factor Authentication
If your IT security budget is limited, a good place to start is with implementation of multi-factor authentication (MFA). With MFA, users authenticate their access to your systems by supplying two or more pieces of evidence—also known as factors. Microsoft research reveals that users who enable MFA on their accounts can block up to 99.99% of automated cyber-attack attempts.
Prevent Intrusions Before Attackers Reach Your Data
Another effective way to protect your data is to prevent potential intrusions before they reach your data infrastructure. A comprehensive defense-in-depth strategy combines anti-virus solutions, intrusion detection systems (IDS), and data encryption with existing data protection processes and MFA. Implemented collectively, this will reduce the probability of cyber-attacks.
Explore Ransomware Detection and Recovery
Ransomware demands and ransom payouts increased significantly in 2021. To prevent potential ransomware attacks that can encrypt your mission-critical files and stifle organizational productivity, consider a content management platform that detects potential ransomware and flags unusual behavior like high-volume encryption. Many solutions permit you to “roll back” to earlier versions of critical files in the event of a ransomware attack, which is commonly referred to as snapshot recovery.