Moving on from GDPR……Long Term Data Strategies

As a business, we would be nowhere without our data. But it’s not just the IT industry who need to be concerned about their data. Even the most service-oriented business relies on their data to keep them operational, and so making sure it’s protected is an essential business practice. Because regardless of how it happens, data loss can be a very costly problem. If you lose data unique to your business, like financial reports, client information or system instructions, your business could be down for days, face fines or total closure. Luckily, there is a really simple, effective solution to that problem – backup your data!.

 

What Is A Backup?

A backup is a copy of all the data files on your computer system that is stored in a remote location, away from the original machines. These copies can be made and stored in a variety of ways, such as cloud backups, tapes, USBs and even NAS and server storage, all of which have their advantages and disadvantages. The important factors for a backup are that they should be made frequently, and they should be stored separately from the systems they are copies of. That way if the building you are working in catches fire, you can restore the data from the backups fairly quickly. Essentially, if your computers all broke down tomorrow, your backups are the only thing that can get you back up and running from where you left off. Data is the most important aspect of your computer systems, without it, they are just empty shells.  Backups not only give you peace of mind, but they also save you a lot of time and money should something terminal happen to your systems and files.

 

Why Is Backup Important?

Because put simply, data is the lifeblood of your business. Your computers would become just empty shells, and you would have no way of accessing the information that helps you do your day to day work. Think about all the data you use in your everyday business life – customer files, supplier details, accounting records, access keys. How would your business cope without it? The sad truth is that without that information, most businesses would fail within a day – and many without backups do.

But if you back up your systems once a year, this won’t do you much good. That’s why most businesses run a daily backup (usually in the evening while the systems aren’t in use) to ensure that, if something were to go wrong, the loss would be minimal. It might sound a little paranoid, but you would be surprised how many ways your data could be lost overnight. Viruses could infect and corrupt your computer systems, power failures spikes could fry the circuits inside your servers, software could crash, flood, fire, theft or vandalism could render your network and machines useless, or it could be something as simple as a user error deleting a bunch of critical files. But if you have a working, up to date backup of all of your data, you can restore the data and get operations back up and running.

 

How Does GDPR Impact Your Backups?

By now, you should have heard of the infamous GDPR, and have put measures in place to make your business compliant. Part of that process for many businesses was putting backups in place for the first time, while others were looking at where all of their data was held – and some of that will have been in their existing backups. But how does the storage of data in backups work in a world where users can request the complete deletion of their data? Luckily, there are a few best practice guidelines around making your backups GDPR compliant:

  1. Where possible, businesses should organise their backups so that each individual data subject gets their own separate backup archive of personal data. This is an ideal solution, since it gives businesses the ability to search for and delete records on a granular level. However, it’s also highly impractical for most businesses to implement, since individual data is often scattered across many different applications, locations, storage devices and backups.
  2. Backups should always be stored under strong encryption to prevent access in the event of theft.
  3. When an individual request the deletion of their personal data, businesses should be transparent with them about what will happen to the backups, including:
  • The primary (active) instance of their data will be deleted with all due speed.
  • Their personal data may reside in backup archives that must be retained for a set period of time – either because it’s impractical to isolate individual data within the backup, or because the businesses is required to keep the data for a set period thanks to legal restrictions.
  • The individual should be assured that their personal data won’t be restored back to the active use systems. If the backup is used in a disaster recovery effort, the data controller will honour the deletion request and remove the data right away.
  • That backup archives are protected with encryptions, so even if the data was stolen, it could not be accessed.
  • Retention rules have been put in place, so personal data in backup archives is retained for as short a period as possible before being automatically deleted.
  • Records of all data subject’s requests for deletion will be retained, as will audit logs showing the activity on backups, so users can be confident that their data was stored and deleted in accordance with GDPR.

At ACT Systems, we work with business owners across the country to provide a simple, effective and affordable backup solution. It’s called BackUp+, and offers a multi-tier back up and disaster recovery solution, all wrapped up in a simple monthly subscription. Our backup solutions are all GDPR compliant and can easily slot into your existing business systems for a seamless data backup process. Never worry about the safety and security of your data again and move forward in the knowledge that your business data is protected, no matter what happens. For more information, just get in touch with the team at ACT today for your free consultation.

For further information on our backup and disaster recovery solutions please click here.