Calling for Backup

Backing up your data might not seem important, until you need to retrieve it

By Simson Garfinkel

March 01, 2004 — CSO — Whenever I'm asked to do a security evaluation, the first question I ask is always the same: "Tell me about your backups." The answers, of course, are all over the map. "Backups? We want you to evaluate our security," is a typical response. Or, "We want to get all of our security set up first." The most common response is something along the lines of, "We back up the important stuff, and we keep our fingers crossed about everything else."

Of course, some organizations really have their acts together, with multilevel backups that take the data through two levels of spinning storage and then send it to tape, with every file logged in a central database. But those organizations are the exception, not the rule.

Why are backups on the bottom of so many to-do lists? In part, it's because there is no glory in implementing and maintaining a backup system. Backups are an organizationally difficult task that, if everything goes right, should never need to be used.

Even when they work, they're not the sort of thing that most IT professionals are eager to brag about. "Gee, Boss, the hackers broke in and zapped our accounts receivables database, but fortunately we were able to restore it from a backup!"

Nevertheless, if you are behind in your work and overextended in the budget department, there are many good reasons why you should be dropping other projects and working on your backup system instead.

The most important reason to back up your data should be obvious: If your security is so bad that some hacker does manage to break in and zap your accounts receivables database, at least you'll be able to restore it from a backup.

But backups are about more than just protecting against hackers. Backups are good insurance against all kinds of disasters and mishaps, both natural and man-made.

Hourly backups let you quickly recover from something like an accidentally deleted file or a formatted volume. Weekly backups are vital for recovering important files that aren't used very muchlike system configuration and startup files. Quarterly and yearly backups can be really useful in patent disputes and other kinds of litigation. These backups let you literally go back in time and retrieve memos and e-mail messages that have long since been otherwise deleted or lost.

As an information security professional, one of your main tasks is to be the information assurance person; that is, it's your job to ensure that information is available when it's needed. Backups play an important part in providing that assurance.

• Print