The following article appeared in the February 2010 issue of the Central Illinois Business Magazine.
It’s 5:00 p.m.: Do you know where your data is?
Increasingly popular offsite backup solutions require asking tough questions
By Jeff Facer, Owner and CEO, Area-Wide Technologies
I have on several occasions written in the Central Illinois Business Magazine about the importance for businesses of all sizes to create standardized procedures for backing up crucial company data—and the corresponding need to follow through on these procedures to protect valuable business information in the event catastrophe strikes. Over the years, backing up company data on a daily basis has become far easier than it once was; indeed, business owners no longer must trust their most crucial data to bulky magnetic tapes—tapes that can, at times, become unreadable, tangled in the backup tape drive, or even lost or stolen if not stored properly.
Over the past several years, remote backup services have become increasingly popular with businesses of all sizes. In a nutshell, these services enable businesses to back up their data offsite by periodically sending such information over the Internet. Data is encrypted prior to being sent over the Internet and is typically stored in a secure, temperature-controlled environment.
While the vast majority of remote backup service providers follow crucial protocols such as encrypting data prior to transferring it via the Internet, many obscure another fundamentally critical component of keeping your data safe and secure. More specifically, many providers do not disclose the precise physical location where your data will reside; what’s more, many of these same providers are vague when it comes to how much access the backup provider will have to your confidential data.
If your company elects to explore utilizing a remote backup service, there are several key questions that should always be asked of the providers being considered:
- Where is my data being stored? Some providers utilize storage space on servers outside the United States of America. International laws can vary dramatically in terms of the protection and privacy of your data, and data transmitted overseas may be open season for malicious cyber-criminals.
- Who has access to my data? Generally speaking, you should only conduct business with providers that state in their terms and conditions that they cannot and will not access your data unless explicitly directed by you to do so. Your data should be stored in its encrypted state on the provider’s backup infrastructure and should not be made accessible to anyone under any circumstances.
- What are the physical characteristics of the backup facility? Physical access to the facility should be restricted to only those servicing the backup infrastructure. Ideally, the provider should also have some form of redundancy in place so that if—for an unforeseen reason—the server storing your data is rendered unusable, a secondary storage location can quickly and easily restore your company’s data.
One final note about facilities in the United States: you can rest easy with the knowledge that you can always visit the facility storing your data so that you can see firsthand whether these important procedures are being practiced.
# # #
