View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
August 18, 2014

How to overcome the weaknesses of backup systems

Philip Antoniou, MD of smart web application development company, Ad Finem, shares his thoughts on securing data.

By Duncan Macrae

Backing up systems is crucial to keeping a business’s customer data and processes safe in case of any incident, but many business and professional backup solutions are failing to fully protect users and businesses. Backup solutions are leaving holes that viruses and intruders can exploit and delete all of a business’s data. It’s important to know the weaknesses of backup systems so that you can overcome them before they overcome you.

The first question any business or backup solutions provider should ask is often the most overlooked one: where are the weaknesses in the system? Without knowing this you cannot fix these issues, and it is impossible to maintain a secure backup system.

About the only problem which is properly accounted for by most backup systems is when a backup is needed is due to the loss of a laptop or a disk failure, which happens to every computer eventually but happens faster when the device is used daily. In this instance, the files are simply restored to the new system.

Other key issues are rarely accounted for, however, for example, fully protecting against Viruses, Trojans and hackers. Viruses can delete data outright, while Trojans and hackers allow others to view your data, and can therefore also erase it. This is by far the biggest weakness of most backups systems: the backup can usually be accessed from the device being protected, meaning that a virus, Trojan or hacker, can delete both the original data and backup versions resulting in total data loss.

To protect against this, be wary of solutions which push backups onto an external hard drive, network location, or server. You should also steer clear of any solutions which allow the user to access backups from the device being protected – and yes, that does rule out most backup software!

Instead, use a solution which offers a password option, but also allows the backups to be accessed only through the backup software itself. You might have to tweak the options on your backup solution software to implement both these features, but only working together will they protect you from Viruses, Trojans and hackers.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Human intervention is also a key issue which rarely gets examined fully: protection against burglars, or disgruntled employees, is a concern for any business, big or small. The usual mistake here is to keep backups on an external hard drive or office server, in the same vicinity in which the computer being protected is stored, making them both easily to steal by an enterprising individual. To remedy this, backups should be made to an offsite location, or at the least a frequent backup should be made and manually removed from the site.

Other overlooked weaknesses include a lack of versioning, which should be done using a smart versioning method: a back up once a day for the last two weeks, once a week for the last two months, a monthly backup for two years and a yearly backup for two years should keep you covered.

Additionally, backing up laptops can cause problems as they tend not to fit well with a lot of the more traditional, and even some newer, business backup models, as they are often used on the move and at unconventional business hours. The solution is to look for systems which handles laptop backups smartly: they should only run backup when the system detects that the laptop is connected to the business systems and the backup schedule should be automatically adjusted if a backup is missed.

The rise in cloud based backups and file sharing software has also come with difficulties. Files are often being sent to two places, once for backup and once for sharing, using twice the bandwidth and resources. Ideally, it is best to have one solution which does both these things, or a smart solution, like Ad Finem’s custom backups solution software.
Lastly, backup software can stop working without the user realising it, especially in smaller businesses. Use a system which sends regular email reports on the backup systems, status, though do note that a possible weakness here is that email reports will cease to work if for some reason emails cannot be sent.

As you can see, being aware when you step into the market for a backup solution is crucial: the market is a mixture of old fashioned solutions which are inconvenient and work poorly with laptops alongside modern cloud-based, ‘user-friendly’ systems, neither of which protect against all scenarios. Even many of the high-end products will leave you hanging in a crisis.

If your backup solution meets all the criteria listed here, chances are your data is safe, but it’s worthwhile checking because most small business, low cost and consumer backup solutions won’t cover all this. If in doubt, assess how much your data is worth to you: what would happen if all your data was lost entirely? In the end, a high end or custom solution, which covers all your bases, might be well worth the money.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.