Doing nothing – the most expensive data security plan of all

Doing nothing – the most expensive data security plan of all

Christchurch cathedral earthquake damage
The Christchurch earthquakes underscored the importance of having a disaster recovery plan. Photo credit: Royal New Zealand Air Force

What is the most expensive thing you can do when it comes to data security – nothing!

“Yes, that’s right,” says Computer Forensics’ Brian Eardley-Wilmot. “Not surprisingly, small businesses often balk at the cost of protecting their data, but they forget that their staff rely on that data to enable them to do their jobs.”

“Indeed, if a small company loses its data, and data recovery experts are unable to retrieve it, the business can be at huge risk.”

But protecting company data need not be expensive. The trick is to put security ‘best practices’ in place.

First, back up – this will protect your data in the event of a hard drive crash or other computer calamity. If your data isn’t backed up it could take days or even weeks to get your business up and running again. This is why both on-site and off-site data storage is important. And this is where the cloud can come in.

“I am not in favour of using cloud services for primary back up because of reliability and access considerations,” says Eardley-Wilmot. “But as a backup of backups it has its place. Ideally, you should first back up to a local server dedicated to storage, and then, using the belt-and-braces approach, back up again – to the cloud. This is remarkably low cost, even free, for small storage needs.”

Cloud storage gives you a simple recovery option – as well as allowing you to run your business even if your local infrastructure goes down completely, as happened with the Christchurch earthquakes.

But what about the smallest of businesses, of which New Zealand famously has a large number? Copying to a flash drive is a super-cheap option here. But it should only be one element in the company backup plan. What is essential though is to ensure you back up regularly – at least weekly. You can even use flash drives to archive data. These ‘mini drives’ can be invaluable in a crisis.

And, last but not least, test the safeguards you’ve installed. Check your backups. Most big companies do this regularly, most small businesses rarely at all. “Think of it as fire drill. Much of Computer Forensics’ recovery work involves dealing with automatic backups that just didn’t back up

“But doing so could serve double duty – you could use the process to put a disaster recovery plan in place at the same time,” says Eardley-Wilmot.

“Sadly, the Christchurch experience underscored just how important this it.”

Scroll to Top