Why storage backup is essential in 2024

With business storage demands growing, it’s become more important than ever to keep your data safe by using a true backup strategy. Steve Ranger explains your options.

We’re addicted to data. Whether it’s family photos and video files, recording of corporate Zooms or customer databases, the amount of data we are storing continues to grow. Not just in size, but in complication.

And it’s no longer a simple matter of which storage medium you pick from the vast array on offer.

“The bigger picture is data management – how do you do what you need to do with your data. And storage is one of the pieces in the puzzle,” says Dennis Hahn, Principal Analyst for Data Center Storage at tech analyst firm Omdia.

Recommended reading: Top 5 Enterprise Storage Providers

Storage backup has changed

A decade or so back, storage was centralised and relatively simple. Mostly, companies had data from their customer relationship management or enterprise resource management systems, plus email databases, to look after. 

But, with the growth in data such as video, Internet of Things logs and other unstructured data, not to mention cloud-based options, the storage scene has become a lot more complicated. 

So let’s start from a couple of simple principles. Storage is for data you’ll need to access regularly. Backup is your fallback position, a way of replacing or restoring your files or photos if something goes wrong.

And that’s the biggest reason that storage backup is essential. Sooner or later, it’s very likely something is going to go wrong with your data storage, and without backups, you’re in big trouble.

“If it’s worth storing, it’s worth backing up. Or why bother storing it?” says Hahn. 

Recommended reading: How IT Managers should deal with old data

Reasons you need storage backup

There are plenty of reasons you might need a backup. Someone might steal your laptop, your servers might fail, or you might just delete a file you really need. There’s the risk of a larger catastrophe like flood or fire that renders the office – and all your files – impossible to access. 

But for many, the most likely risk to your data in 2024 is ransomware. A ransomware attack could see all your primary storage encrypted by attackers and rendered useless. Once your data has been encrypted by a third party, you’ve effectively lost control of it. This might get you into hot water with data protection authorities, too.

One fundamental step is to work out what are the most important things for you to backup. 

That’s likely to include obvious data sources such as customer databases and accounts, but it’s important to investigate how staff are really storing the data they rely on. It may not be stored where you expect, and that’s especially true of senior managers.

That’s why building a backup strategy often starts with an audit of your broader storage strategy.

Backups can take on a huge variety of forms depending on what you are trying to protect. At the most basic, it might be an external hard drive with vital documents on it, or a cloud-based individual device backup like Windows Backup or Time Machine for Macs (note: a USB stick is not really a backup strategy).

But for a more comprehensive approach, you will need a series of backups across multiple devices, formats and locations. Larger operations might back up to their network attached storage or storage area network. There’s even the option of backing up critical data to tape and keeping those tapes safe (maybe literally in a safe) a long way from your primary office.

Cloud backups

One fast-growing option is cloud backups. They are offsite which means any local incident should not affect them. Cloud backups should be easy to access from anywhere and because they are hosted in the cloud you are able to grow them to a much larger scale than you might want to do with your own hardware. However, access to these needs to be carefully secured, with clear rules around when they are able to access the network. 

Many organisations try to keep to the 3-2-1 rule with their backups. That means you need to keep at least three versions of the backups, on two devices, and one offsite. The idea is that this should limit the risk of all backups being compromised at once. The UK’s NCSC cybersecurity agency suggests it’s probably a good idea to go one further than this and ensure that one backup is offline (a cold backup). 

That’s because ransomware attacks can encrypt connected USB and network storage drives holding data backups and – if you’re not careful – your connected cloud storage containing backups. Ransomware groups have been known to time their attacks for when backup storage is connected to do the maximum damage.

What to backup

Alongside the storage architecture, you need to decide what you want to back up, and how often. How often will depend on how much data you are willing to lose? If you back up monthly and then have to revert to those backups in a crisis, you’ll have lost up to a month of data. It’s worth therefore considering what is an acceptable ‘recovery point objective’ and then setting up your backups to support this. 

Backups can be slow to do, especially if you have large amounts of data, so doing a full backup every time is less common than doing an incremental backup – that is, adding to the backup all the data that has been created during a certain period of time. There’s also differential backup, which stores all the data that has been changed during a set period of time. Both of these are likely to be much smaller and much quicker to do. 

Backup recovery

An organisation could do all three of these on a regular basis, and add different backup points enabling them to roll back to the data on a particular day or time. The challenge is balancing the cost of the backups against the need to recover quickly. Ideally, you will set up backups to be automated according to the rules you’ve decided on, which should ensure that they are done.

But you’ll need to test that it actually works as part of your business continuity plans. 

Backups can fail (which is why you need more than one). You’ll also have to make sure the recovery process itself doesn’t take too long, or this downtime could be as damaging as losing the data. Also, remember that priorities change. It may be that you add new sources of data or your recovery point objective changes. 

Backups are something that you hopefully will never actually need. As such it’s often seen as one of the least glamourous bits of tech and one that regularly gets overlooked. That might be true, but it’s also one of the most essential, especially when things go wrong.

Recommended reading: AWS makes it cheaper to store little-used data with EFS Archive