Back-up Your Data
A foundation article
Have all your bases covered….
In this foundational article, we are focusing on a crucial risk aspect of effective practice management which is fundamental to your practice – backing up all your data. And this undoubtedly is important to the continuous (and successful) running of your practice (and business).
Avoid risk altogether and backup your data
Backup is defined as –
“a digital copy of computer data that is taken and stored safely on another computer system so it can be used to restore the original in the event of data loss”.
The reality is, not everyone knows why they need more than one data backup or why they even need to back up in the first place. But the fact is – data loss can be a disaster for any business and individual user alike.
Why you should do your own backup
In their article Understanding the importance of data backup and recovery in 2020 there are a few important points to consider –
- ” Human Errors Are Common – all humans err, and your employees are no different. Despite having the best intentions, they will make mistakes every now and then, and this means your data may be inadvertently (or advertently) compromised. A data backup and recovery solution can undo this costly mistake. Incidents involving the accidental deletion of important data, data theft, system crashes, loss of hardware, are more common than you know. Having a quality data backup and IT disaster recovery strategy in place can ensure that you don’t end up losing any critical information and your business operations continue unhampered despite any kind of human error.
- Cybercriminals Are after Data – with data becoming as valuable as currency, it should come as no surprise that cybercriminals are always going to go after it. Take the example of ransomware, which is a type of malware that can deny you access to your own files stored on your computers, servers, and mobile devices. The cybercriminal will not only steal your sensitive data, but also threaten to misuse/publish it on public platforms. You may be able to unlock your files only after paying a ransom. Over time, cybercriminals have devised several ways to launch these kinds of attacks on businesses. Businesses need to protect themselves with anti-virus software, firewalls, proper authentication, and user training, among other measures. Despite these safeguards, a cyberattack can still wreak havoc and data can be lost. Proper data backup and recovery systems are crucial to minimizing damage in such cases.
- Unexpected Downtime Costs Are Heavy – a good backup and recovery solution matches your RTO (recovery time objective) to the solution. RTO refers to the amount of time it takes to restore your backups. This should be minimal so that the data is back online as soon as possible. Unfortunately, data loss almost always results in downtimes because employees cannot work without information, mission-critical applications, and programs. Even servicing clients efficiently can become impossible without their contact details and account information saved by an effective data backup solution. Without a proper data backup and disaster recovery solution in place, you will be forced to compromise and pay a huge price to recover lost data and rebuild your business from scratch.
- Protect Your Reputation – in the absence of data backup solutions, you may not be able to recover lost data or recovery may take too long, creating doubts in the minds of your customers about the strength of your business. Losing priceless customer data can result in immense delays, embarrassment, and reputational damage. If your business can’t operate for days after an outage because you’re still recovering, customers may lose faith in your abilities. They may even decide on never doing business with you again. Potential customers will also form an opinion that you lack professionalism and are incapable of protecting their data”.
Having your own (additional) backup provides true “peace of mind” in that – in the very unlikely event of your service provider (such as AJS’s managed cloud hosting system) being compromised, you would still be able to restore your information – because it was backed-up. In addition, it is actually a requirement for all firms who host their accounting information on a remote server (they should have a backup copy of the data on-premises).
In fact, according to Rule 54.9 of the Legal Practice Council Rules –
“A firm shall retain its accounting records, and all files and documents relating to matters dealt with by the firm on behalf of clients:
- for at least seven years from the date of the last entry recorded in each particular book or other document of record or file;
- subject to certain provisos, save with the prior written consent of the Council, or when removed therefrom under lawful authority, at no place other than its main office, a branch office or, in the case of electronic accounting records or files, the location at which such accounting records or files are ordinarily hosted”.
Simply put, as legal practitioners you need to learn how to design your own backup policy. By doing so, you can learn how to back-up your data yourself. And implementing the policy – that just solidifies how back-ups are done on a practical level. So, it is almost a two-for-one deal. Doing and learning simultaneously.
Backing up your own data offers an additional layer of security and protection that even data centres cannot provide. Data centres (due to the very fact that they are connected) are still susceptible (but not easily so) to virus attacks and therefore cannot absolutely guarantee that your data will always remain completely secure. Whilst virus threats rarely affect sophisticated data centres, they do happen and just like any back-up plan, having your own backup and implementing your own back-up policy is imperative to ensure business continuity.
To be clear – it is always preferable to have multiple (and hopefully offline) backups.
What does a backup involve?
Essentially backing up your data involves (either by means of backup software, onsite storage and/or offsite storage) in some variation the copying of data from servers, databases, desktops, laptops, and other devices in case of user error, corrupt files, or a physical disaster that renders critical data inaccessible. It can also protect sensitive business data in the event of a hardware malfunction, hacker penetration, and many other threats posed to digitally stored information.
And we acknowledge that there are many things that you can do to keep your data safe – from choosing a first-rate managed cloud hosting platform to installing every type of high-tech anti-virus software available.
But the single most important step you can take is to perform data backups yourself — early and often, always having a recent backup of your data close at hand. That way, if your data centre is hacked or threatened with a virus (which happens but is unlikely), your chosen backup method can ensure that you are not caught with your pants down….
A few of the different backup methods to choose from include –
Onsite backup usually entails storing important data on a periodic basis on local storage devices, such as hard drives, DVDs, magnetic tapes, or CDs. These allow for immediate access to data, which is less expensive, not requiring any access to the internet. However, if there is any type of catastrophic event (like a fire, flood, or theft) onsite, your precious data can be completely destroyed or lost. Remember that because this method is still “connected” it will still be susceptible to virus attacks and is therefore not 100% safe.
Off-site (and off-line) backup is a method of backing up data to a remote server or to media that is transported off site. It usually entails the replication of the data to a server which is separated geographically from a production systems site and can be achieved by way of direct access, over Wide Area Network (WAN). Offsite solutions allow for access to the data from any location by using File Transfer Protocol (FTP) or Internet ensuring that the data can’t be destroyed in case of a catastrophic event at the principal site. Offsite backup data can also be shared with several different remote locations. Additionally, offsite (and offline) backup is crucial when it comes to data recovery as it is not connected to data centre servers, which always remain online. This ensures that they will not be affected by viruses, which data centres (due to their constant online connectivity) are still susceptible to. However offline backup does not guarantee complete protection against Ransomware, which usually infects a computer long before it activates the attack.
According to Techopedia, backup software is “any application that enables the backup of files, folders, documents, software data, most data types and the computer/server as a whole. Backup software enables the creation of an exact duplicate of computer files that can be used for restoring the original files in case of file corruption, accidental/intentional deletion, or a disaster. It can be used for local/individual computers or for an enterprise’s computers, servers, and networking devices. Backup software for individual use generally backs up selected files, folders, and important operating system files on the same computer/hard drive. The advanced or enterprise-level software is typically integrated within each computer, server or node and backs up selected files and folders on a scheduled basis or as required”. It’s also important to note that multiple copies of backups can be saved. This can be done by retaining multiple points at once, or by saving the same backup on multiple drives or clouds. Additionally, backup software provides the ability to restore data if the original storage location is deleted. A definite plus. Again, remember that because this method is still “connected” it will still be susceptible to virus attacks and is therefore not 100% safe.
AJS recommends following a Grandfather-Father-Son (GFS) Data Retention backup system. Used by AJS, this is a common backup system used as a hierarchical data retention strategy. For example, three sets of backups, such as weekly, monthly, and yearly backups are defined. You are then able to vary this frequency to suit the requirements of your environment. The weekly or Son backups are rotated on a weekly basis with one graduating to Father status each month. The monthly or Father backups are rotated on a yearly basis with one graduating to Grandfather status each year. One or more of the graduated (Grandfather) backups is preserved for disaster recovery and archival purposes.
Remember cloud hosting (such as that offered by AJS) will count as data backup. However, we are of the opinion that it should not be your only means of data backup. It is always better to be safe than sorry.
The more places your data is backed up, the better. In fact, whatever method you use is fine as long as you have multiple backups, and you create them often. For maximum security, we recommend keeping several duplicate backups in different locations. And ensure that one of your backups is offline. That way, even if you lose one, you’ll have a backup of your backup.
Whilst some might say that less is more, we are of the firm belief that where data security is concerned – more backups are better!
Being an efficient, affordable, and reliable legal practice has never been easier. And has never been more necessary.
As Thomas A. Edison said –
There’s a way to do it better, find it
Just because it is a foundational principle, does not mean it cannot be improved upon. So, do that. Seek to continually improve your legal practice – incorporate legal tech to become more efficient, accurate and affordable and make an effort to boost your revenue, your productivity and client retention in order to build a successful operation.
Get in touch with AJS today to see how we can assist you with backing-up your data (or at least advise you on how best to go about it). We will, no doubt, have a solution for you.