By Kirk Drake | October 29, 2012
Top 4 Challenges for Credit Unions with Online Backups

Online Backup or Data VaultingIf you are looking for an Online Backup or Data Vaulting solution that gets the regulators off your back, than this blog will probably make you nervous. However, if you are concerned about having a solution that will actual work as part of your Disaster Recovery plan, read on!

There are many issues that should be considered when trying to select an off-site backup solution. These issues will vary greatly depending on your specific goals, but generally 4 major challenges with online backup solutions are:

Security

When selecting an online backup solution, end users must perform extensive due diligence to ensure that the solution vendor has taken all necessary steps to ensure your data’s security. Research should include, but not be limited to:

  • Security certifications are achieved (SSAE16 Audits are the current industry standard)
  • Encryption options for your data
  • Regular Penetration Testing is performed by a respected third party.
  • That quality hardware and software is utilized throughout your solution (even in systems that the end user may not use directly)
  • References. If the Vendor cannot provide a reasonable amount of current happy customers, they may not exist.
  • Proper insurance is in place, including cyber liability coverage and/or other specialty coverages.
  • Proof that Business Continuity and Disaster Recovery Plans exist and are executable.
  • Knowing that your data is secure, both against threats and destruction, is essential to having a reliable backup solution.

Management/Monitoring

Even though your data will be stored offsite, a diligent IT manager should expect to be involved at some level by the solution vendor. Even if you are just reviewing weekly/monthly backup operation reports it is important to know your data is being protected as you expect it to be.

  • While the backup solution is the responsibility of your vendor, there is still interaction with your internal network. Regular checks of internal resources related to the offsite of data should be performed often to ensure your data is being provided to the vendor as you expect it to be.
  • Bandwidth/Data Transmission – This challenge can vary depending on the amount of data you have backing up offsite. Whether it is a large or small amount on information, you want to make sure your backup operation has enough bandwidth to operate in a timely manner without affecting your production operations. Before selecting an online backup solution you should try to estimate how much data will be send over the internet and at what frequency. An hourly backup may cut into your organization’s client/customer/member operations, while a nightly backup may create a very large amount of data and may not give you the desired Recovery Point Objective (RPO).
  • If you are sending information outside of your internal network, ensure that the data is encrypted before leaving your network and remains so throughout the backup process. Technically there is no reason why a vendor would require access to your data. Backup integrity checks can be performed on encrypted data without decrypting it on the vendor side. This will also vary with the sensitivity of your data being backed up and your relationship with the solution vendor.

Integration into DR/BC Plans

  • Integrating your backup solution into your overall DR/BC Plan(s) can be difficult depending on your disaster. How will you access your data? How will you recover your data? How will this online backup solution simplify and/or speed up your recovery process? These are only a few of a bevy of questions that should be asked in the light of all kinds of events that may affect your operation. Know your solution, its strengths, weaknesses, and limitations.

Data Migration

  • The difficulty of transferring the initial backup of your data (or Seeding) will greatly vary with the amount of data you will be working with. Your vendor should be accommodating to your needs regarding security protocol through the transfer process. Methods will vary with the amount of data being transferred, but secure FTP sites and hard drives being mailed are common methods. Once your data has been seeded, you should confirm the integrity and that incremental backups are occurring.

Are you looking for ways to calculate how much bandwidth you need to get your data offsite? Are you looking for more information on how to properly test your disaster recovery solution? If you have these questions or others please e-mail us at info@ongoingoperations.com or fill out the short form below and an OGO team member will be in touch shortly!

 

Posted in P3 - Plan, Prepare, Protect, Replicator and tagged , , ,

Cost-Effective Solutions for Your Credit Union

Simply fill out this form and select the topic(s) that you would like more information for, and our team will reach out shortly.

Medium

Role
I agree to receive marketing communications from Ongoing Operations regarding news, updates, products, etc.(Required)

blank
modal close button

Welcome to the Ongoing Operations blog archive.

For our most up-to-date information, please visit ongoingoperations.com.

HOME