“You’re on mute”…a phrase that has become familiar to many of us over the past year. A sign of how the digital age has transformed how we live, work and interact with each other. Mobile devices have put a computer in our hands, one that is able to capture images and video, contributing to the zettabytes of data that is created and generated each year. In this data era, how valuable is your data to you, to your organisation?
The 31st of March is world Backup Day! (http://www.worldbackupday.com/en/) A day to emphasise and remind you of how important it is to backup your data.
Despite the increased reliability of modern devices, hardware can, and does fail, devices get damaged, stolen, or infected by viruses and ransomware. Hardware can be relatively easily repaired or replaced (at a cost) however, data loss, can be priceless – irreplaceable. The simple rm -rf * command executed on the wrong directory at Pixar deleted 90% of Toy story 2! Fortunately, that data or a copy thereof, was able to be recovered. That incident also transformed Pixar’s backup policy.
Simply put, a backup is copy of all your important files which is stored on another device in a safe place.
Typically, backups are done either to an external device (e.g. external hard drive, NAS, etc) or an internet based service, or both. Each option has its advantages, external devices in most cases don’t have any on-going-costs and data transfer rates are higher, meaning backups (and crucially restores) take less time to complete. Internet base services offer off-site backups and greater data integrity as services providers have their own backup procedures to keep your data safe. They also may be included in a service that you are already paying for e.g. Microsoft 365.
The exact backup solution will depend on your requirements. However some key aspects to consider when determining a backup procedure/policy:
- What data should be included in the backup?
- How often should backups be done?
- How many copies will be made?
- Where is the backup data stored? If this is internet base, where are the servers located.
- Who has access to the backup data?
- How long is backup data retained?
While having a backup procedure is good practice, if it includes personal data, backups are a General Data Protection Regulation (GDPR) requirement. The GDPR states that: “…must have the ability to restore the availability and access to personal data in the event of a physical or technical incident in a ‘timely manner’.”
For personal data included in backups, the GDPR could also influence where backups are stored, who has access to them, and how long they are retained for. Trickier aspects include the anonymisation of data, and the individual’s “right to be forgotten”. The GDPR does not make any exceptions for personal data contained in backups i.e. personal data should be deleted from backups too. The guidance from the Information Commissioner’s Office (ICO) is that the steps need to remove an individual’s personal data be dependent “…on your particular circumstances, your retention schedule (particularly in the context of its backups), and the technical mechanisms that are available”. The ICO stresses that “You must be absolutely clear with individuals as to what will happen to their data when their erasure request is fulfilled, including in respect of backup systems.”.
While it is context specific, the guidance acknowledges that due to technical reasons it would be difficult to erase an individual’s data from a backup. If this is the case the backup data be marked as ‘beyond use’. The ICO states “You must ensure that you do not use the data within the backup for any other purpose, ie that the backup is simply held on your systems until it is replaced in line with an established schedule.” For more information on the ICO website.
Most, mobile devices by default will automatically backup to cloud based storage – Google Drive for android devices (Samsung devices can also be backed-up to a Samsung account); iCloud for Apple devices. This is dependent on the available storage space and usually only happens when the device is connected to Wi-Fi and is charging. These backups may not include all the data on the device. Some app e.g. WhatsApp offer their own backup service specific to that app’s data.
Depending on the context in which these devices are being used, these backup options may need to be reviewed and disabled.
Whatever your backup procedure is, backups should be checked for integrity – most backup software allows for this. After all, a backup that can’t be used to restore your data is not much use.
Whether you choose to take the backup pledge or not, on the 31st of March please give some thought to backing-up your data. To quote the World backup day website “Don’t be an April Fool. Backup your data.”
Finally, as always, I am interested to hear about how you are using mobile and other smart technology. I am also available to support and help where I can.
Article meta data
Clicking on any of the links in this section will take you to other articles that have been tagged in the same category.