A backup is basically a preservation of all relevant data or files. In a private context, these are often documents or photo collections. In a business context, these can be important operational information about processes or employees - company secrets also fall into this area. Of course, no one wants to lose their data, which is why it's important to regularly create and securely store a backup of this data.
What types of backups are there?
The full backup is probably the type of backup most private individuals use. It creates a complete backup of all relevant data. Within companies, incremental backups are often seen. These only include data that has been modified or added since the last backup. This allows saving storage space and keeping backup process execution times short. However, restoring this type of backup is somewhat more complicated. Differential backups are a mixture of full and incremental backups. They store all data that has changed since the last full backup. This makes restoration easier than with incremental backups, but not as easy as with full backups.
How does a backup work?
Most backup processes are tool-driven in some way. Special backup software is used to perform backups at certain intervals. This often happens outside regular business hours, for example at night. The relevant data is collected, compressed, and placed at a destination. This can be a local medium, such as a hard drive in a NAS, a local backup server, or even cloud storage - Amazon AWS S3 or Microsoft Azure Blob Storage are well-known examples here.
What is the 3-2-1 backup rule?
This is a well-known rule for how backups should be performed. It states that there should be THREE copies of the relevant data (original and two copies). TWO different media should be used - a proven combination is to store one backup locally and the other in the cloud. The ONE requires the use of an offsite backup. This is intended to cover loss through theft or natural disasters.
The same roughly applies to private households - here it has proven successful to secure relevant data in the data storage of a NAS. A NAS is connected to the home router and allows storing data there via network access. There is also software that helps private individuals with this. Using Google Drive and similar cloud storage is also a good option - the data protection aspect should not be neglected here. Companies like Boxcryptor offer solid solutions.
How often should you create backups?
This depends on the importance and currency of the data. Important business data is sometimes backed up hourly. For personal data, weekly or monthly backups are usually sufficient - but here too: backup as often as needed to feel secure.
Security aspects of backups
If you only store backups locally for private use, you need to worry less about this point. It's different when it comes to business data. Backup media should be stored securely - a safe would be a good location. It's also common to encrypt backups directly or protect them with a password so that not everyone can view everything directly. Especially with cloud backups, you should consider whether you want to store them unencrypted there. Several scenarios should be reviewed with experts here - what if a hacker somehow gains access to the cloud storage? What if the entire local network including backup servers gets compromised and encrypted?
The last two questions are not unimportant. We repeatedly see ransomware attacks that paralyze entire companies because everything gets encrypted. Often, IT then discovers that the backups were also encrypted - and that's a disaster. The realization that backup servers within companies in particular are an interesting attack surface for APT and hackers has become established in recent years. Therefore, it's important that backup servers and media are protected just as well as the production environment. An Assume Breach campaign can uncover vulnerabilities here.
Thank you for your feedback! We will review it and optimize this content.
