Data backup and security are rarely spoken about as being truly revolutionary, innovative or even remotely interesting. On the other hand, when thinking of cutting-edge, next-generation technology in the enterprise, inevitably people think about AI, IoT, big data and cloud computing.
Matt Harris, head of IT at Mercedes-AMG Petronas F1, called data backup and security “the least sexy bit of IT”. He says no one really cares about it, until it goes wrong.
Equally, there is a sense that technology is moving so quickly in all other aspects, that IT professionals don’t really realise the strides made in the data backup field. That is, unless they go back in time to see what the technology did look like.
For many organisations, this journey back in time wouldn’t take so long.
Is your big data stack up to scratch?
Leicester Tigers’ data protection advisor, MIS and projects manager, Phil Everitt, explains that about three or four years ago, the rugby union team would shut down the database in the middle of the night, back-up data to tapes and then every morning take the tapes out, put them into a fire-proof safe.
“This helped our main database with all of our customers on; it is essentially the lifeblood of our business. That changed when I arrived here; we put in virtual servers and now take snapshots of those servers. We’ve got mirrored virtual servers in different stands in the stadium, so they take snapshots each night and move it across to a different stand, so we’re duplicating our data across the business in different buildings,” he says.
Data backup: When Plan A fails how prepared are you?
But while this is a new approach, Barclaycard CIO Keith Little suggests that unlike other advances in technology, data back-up is still only about backing up data and nothing more.
“The core functionality and capabilities of back-up itself have not changed, the technology has dramatically, as has the accessibility, security, the attention of how to use the data for various reasons thereafter whether it is for marketing or to detect fraud.
“In the last five or ten years, open source and cloud computing allows us to do all sorts of new things with that information, so data back-ups can’t be ignored, but the core use of archiving is still there – nothing ground breaking, except for open source, compute and how much more accessible it is when you archive it,” he suggests.
Data classification
Some industries have far stricter regulation around the classification of data, and how the data should be stored and accessed. Banking and financial services is one, while the government has its own approach. Data backup and security seems to carry with it quite different priorities depending on the industry.
“The whole government has to decide what the classification of that information is and then treat it accordingly – so there are different tiers of information and then the more sensitive the data becomes, the more secure the systems are and the more effort is put in to protecting that information,” says Nicholas Lloyd, CIO of the permanent joint headquarters of the Ministry of Defence (MoD).
“Obviously intelligence is usually very highly protected, operational information is protected, and there is a lot of administrative and logistical information that is not as critical and so does not need to be protected to the same degree,” he states, adding that GDPR adds another layer of complexity, with personal or medical data needing to be secure as well.
The legal industry also has large amount of highly confidential data. Mark Walmsley, CISO at Freshfields Bruckhaus Deringer says 90% of the company’s data is confidential or highly confidential.
Data backup and blockchain, is this a game changer?
Employee data backup and security
But backing up data isn’t just something that the IT department do – employees have a tendency to back-up data too, and sometimes this will be against corporate policy and could lead to a data breach.
Freshfields has invested in a company called Dtex, a cyber security company that provides real-time alerts of what is going on in a business’ network.
“It’s an AI solution, which means that if an employee has taken a confidential document and changed the title of the document from ‘client advice’ to ‘five-a-side football team’, and then sent this to Lisa his assistant, and she has printed this off all to avoid being caught, the technology will say that we’ve found a known bad behaviour,” Walsmley explains.
The solution would pick up if an employee is trying to download confidential files to a USB stick or hard drive, or save it elsewhere in the cloud.
The legal sector is particularly tricky as although it has confidential data, it is required to regularly share this data.
“Unlike most industries we are almost always talking to clients and other parties and sharing that data. The mindset of being professional services has always been to trust our staff and we trust the people who we do business with but we’ve had to go back to a zero trust model,” Walmsley says.
That means having to really lock down the data the company has. It goes to show how important data is, and why employees should leave it to IT back-up data in new – if not revolutionary – data backup and security solutions.