10 Year Challenge – How data backup has changed since 2009!
Since it’s the first fad of 2019; we thought we’d compare how data backup has changed over the last 10 years. Let’s begin by looking back on 2009.
IT in 2009
Back in 2009, the world hadn’t fully realised the potential that the Internet had to offer to business. Most businesses (regardless of size) had some sort of physical server room – even if it was just a machine sitting in the corner of the main office.
All critical applications required by the business were usually self-hosted; and the responsibility for the IT team or IT service provider to assure up-time and availability.
Main data risks in 2009
As with any on premise based IT configuration; the main threats to data loss back in 2009 included:
- Hardware faults: It’s not uncommon for a hard drive, power supply or motherboard to fail. Once one of these things happened; it usually brought the office down completely to the point where staff would often be sent home. IT worked through the wee hours of the night just to return the office to a working state.
- Theft of the physical hardware: While it can be a bit hard to believe; there have been instances where valuable IT equipment has been stolen. This could either be from an actual robbery or by a disgruntled employee thinking it’s ok to take hardware for personal use.
- Natural disasters: This one can come in a few forms; such as a localised building fire, a flood or earthquake making the actual building inaccessible. These will all certainly make a mess of even the most organised server room and destroy everything containing your business critical data.
- User error (unintentional or intentional): This is a fairly common occurrence; I’m sure we’ve all done it at some point or another. We’ve worked on documents and then deleted the wrong version accidentally. There are also a number of instances where disgruntled employees have sabotaged workplaces by deleting business critical data.
Data Backup in 2009
To make sure that any business was covered as much as possible – backups needed to be used to counter these types of data loss threats. The best way to do this was devised under the 3-2-1 backup rule:
- 3 copies of your data (including the primary)
- 2 physical pieces of hardware
- 1 copy always stored offsite
To achieve this; a local backup was kept within the server room while an employee was ‘in charge’ of swapping and taking physical media with a backup on it offsite (usually to their house) for safe storage.
The advantage of having an onsite backup at all times helped counter hardware faults and user error as this could be quickly accessed to either restore the data back to the original location or provide access to critical data in the event it was required.
The purpose of the offsite backup was that if there was a break in at the office (and yes, we’ve heard of people taking off with computers during a robbery); then this backup could be brought back onsite to restore from when the hardware was replaced. It would also counter possible natural disasters such as fire, flood or earthquake (depending on how localised the disaster was) – however this wasn’t entirely fool proof if the disaster affected both the office and the offsite storage (employee’s house).
Data backup has changed since…read further to find out how.
IT in 2019
Now that we’ve covered the IT landscape in 2009; it’s now time to look forward to today and how everything works now. The expected requirement is everything is accessible; all the time. Businesses now don’t generally need or require IT equipment onsite to run effectively – choosing to instead pay a monthly subscription to gain access to IT services from any device, anywhere in the world.
The requirement is that the IT service provider hosts and maintains all critical applications from within their data center. This means that they are also responsible for up time and availability – unlike 10 years ago when it was a self-hosted environment within a businesses IT environment.
Main data risks in 2019
With such a shift from on site hosting to everything being hosted within the cloud – a new set of data risks are now a reality for businesses. The data is hosted physically somewhere else; by someone who maintains the hardware and has built in redundancy in the form of data centers being located around the globe.
However; this new way of IT has a new set of risks.
- User error (unintentional or intentional): This is still an issue and will continue to be while we have humans working with data day in day out.
- Ransomware Attacks: First coming into light around 6 – 7 years ago; ransomware attacks are carried out by a program that is run by a user which then in turn encrypts all data that it comes across – be it in the cloud or local. The only way to get access to the data is by paying for it to be decrypted (which doesn’t always happen even if payment is made).
- Social Engineering: One of the big things with outsourcing is that you don’t know the service providers team; and they don’t know you. This has been identified by hackers who will pretend to be someone their no to gain access to data and online accounts. In 2009, you would’ve known who your IT person was and they would’ve known you – making it hard for someone to impersonate you.
- Online Account Compromise: Leading on from social engineering; online account compromise generally means that all online service accounts held by someone are compromised. The reason for this is that they all integrate via API’s and share data. This and the fact that people generally use the same password for all their accounts as there are too many to remember if they were all individual.
Data Backup in 2019
Since everything is now hosted by online service providers; there is a misleading feeling businesses have outsourced responsibility for their data as well. In most cases; this is totally incorrect and one major reason why data backup has changed in the last 10 years.
Service providers usually state in their terms that they’ll provide availability of their service, the data that you enter into their service is still your responsibility. This means that data backup is still your responsibility; and if it’s lost at all the service provider cannot be held accountable.
How the 3-2-1 backup rule works with cloud data
One way data backup has changed is that the 3-2-1 rule still applies; however it’s kind of in reverse. Your primary data is offsite; while your ‘offsite’ data is actually stored locally. Many businesses opt to replicate their data between multiple online providers to allow for the required redundancy; however it’s still important to backup your cloud data to local – just for the fact you’ve got ‘your data in your hand’ so to speak.
To illustrate the change from 2009 with the 3-2-1 rule in regards to cloud data:
- 3 copies of your data (including the primary)
- 2 copies stored in different media (be it cloud or physical drives)
- 1 copy always stored locally (which you can touch)
Hopefully this outlines how data backup has changed; but is still the same when it’s reduced to a simple level.