Enterprise Data Security Management - Backup

Enterprise deploys automation using IT Infrastructure and business applications. These business applications generate business data which is critical for business functions and decision making. Business data consists of various categories such as

1. Financial Data of Enterprise.

2. Technical and operational data.

3. Customer's personal data as part of providing customer services.

4. Supplier and business partner's confidential data.


Data Security:

Data threats such as unauthorized access, change, theft and maybe destruction need to be taken care of apart from physical security of data storage environment from fire, unauthorized access, disaster as well as network security.

Threats to these categories of data demands organized data management with classification of data as common reference point for system architects, enterprise architects, Developers to adopt various data structures prescribed for usage in different use cases across the application realms.

Apart from such a documented approach, data protection and its backup are needed to thwart virus and malware attacks, media failures, human errors, power failure or can be human errors.

Let us define implementation methodology to cover the above aspects of data protection. Data backup is a vast topic to cover and needs little longer post in covering the entire spectrum of enterprise data management.

Step 1 : Define Data Backup Policy for the enterprise.

This policy will cover identification of business-critical data creation, updating, deletion, archival and destruction(Disposal) lifecycle by various business application. Policy need to provide guidelines as well as process and procedures for business-critical data.

It should give clear directives for IT users as well as IT administrators on data access, change, backup, restoration, protection from threats as well as disposal of data without any risks to the organization.

Step 2: Data Backup Strategy:

Threat prevention measures to protect data needs to ensure that primary data has workable copies online as well as offline for threat prevention and business continuity.

Policy needs to be documented considering various factors such as size of data, nature of update and delete frequency of data, criticality, and confidentiality of data as well as Risk and Compliance demands such as uptime, security, archiving and storage of records, secured way to dispose the data and many more.

Policy and Procedure to include vital aspect of backup plan such as -

Step 3: Evaluation of Data backup Technology options

Each organization will have its backup technology based on factors such as total cost of ownership covering capex and opex limits, IT Infrastructure, IT team’s skills, business priorities on data recovery and disposal.

Below backup and recovery technology components can serve the expected performance in consideration from technology and business perspective are described below.

Backup Media:

Backup media technology has evolved to cater to ever growing demand for data management by organizations. Selection of backup media is influence by cost of media ( 1GB Data cost as unit for comparison), Read and Write speed, Recovery time from backup media as restoration cycle impacts resilience of application to operate on secured data, security and reliability of media from theft, damage and compliance demands.

Below describes various options available for the same and compared from the above factors.

Backup Software:

Backup software tools need evaluation from a usage point of view with evaluation criteria which can be considered for identifying your organization.

1. Backup End point devices (Laptops, desktops), on-premises servers, Virtual machines as well as cloud-based data.

2. Compatible with OS used ( Only MS Windows OS, Linux/Unix servers)

3. Encryption of data on backup media

4. Automatic backup batch scheduling and notification services

5. Centralized backup dashboard to monitor the backup schedules and other backup tasks.

6. Workflow and ticketing facilities in case of backup failure due to software issues.

7. AI/ML empowered defense from virus attacks


Some of the backup software platform recommended are as follows:

1 - Durva Data Resiliency suite (https://www.druva.com/)

2 - Rubrik 's Zero Trust Data Security suite (https://www.rubrik.com/)

3 - Azure Backup - For All Windows enterprise deployment (https://azure.microsoft.com/en-in/products/backup)

4 - Veeam Data Platform (https://www.veeam.com/)

5 - BluVault from Parablu (https://parablu.com/products/bluvault-for-servers/)

6 - Acronics Cyber Protect Suite (https://www.acronis.com/en-us/products/cyber-protect/)

7 - Bacula Enterprise (https://www.baculasystems.com/)

8 - Commvault Cloud suite (https://www.commvault.com/platform

9 - Zerto by HPE (https://www.hpe.com/in/en/storage/data-protection-solutions/disaster-recovery-zerto.html)


Step 4: Data backup Plan

Typical Backup plan documents below information for IT administrators to follow based on various business criticalities, recovery cycle, cost of backup.

Backup plans need to consider below influential factors to build data backup plans viz.

  1. All types of data ( Database, files, log files, OS Images);
  2. Frequency and location of backup media;
  3. Schedule of backup;
  4. Type of backup (Full backup, Incremental Backup, Differential backup);
  5. Offsite location for storage of offsite copy - Secure transport of media and safe storage of media from electromagnetic radiation, theft.
  6. Revalidation schedule;
  7. Most important disposal schedule and method of data disposal after its business use life.

Step 5: Disposal of Data:

Data generated by business applications generates millions of GB data in any large organization and online storage being costlier to reduce cost old data with less possible usage will be moved to offline backup media such as tapes, optical media, cloud storages (AWS Glacier)

Data management also encounters cases of media failures and data stored on it needs to be sanitized as a data protection measure before disposing of media.

Enterprise needs to evolve media disposal policy for the same to provide guidelines and procedure to handle various media failures use cases.

Compliance frameworks such as ISO27001,PCI-DSS,HIPPA, GDPR and many more expect such policies and procedures to be placed in the enterprise.

Benefits Derived from Successful Backup policy implementation:

  • Safeguard against media failures, unauthorized updating
  • Resilience from data corruption due to error in software.
  • Data Theft or Virus attacks
  • Legal risks such as confidentiality clauses to secure and protect data from compliance perspective.
  • Risks aversion from compliance and privacy law

要查看或添加评论,请登录

社区洞察

其他会员也浏览了