Skip to main content

Confessions of an IT Professional – Part 2 – Data Backups

By December 10, 2018Security
Confessions of an IT Professional Series

Terry Allen, Technical Engineer, OXEN TechnologyThis week’s article is the second in a series by OXEN’s own Terry Allen, one of our technical engineers based in Joplin, MO. Part 1 is here.

This post originally appeared on Bloggin’ IT with Terry Allen and is reprinted with permission.


I’ll admit that I bang the security drum a lot. Those of you that know me will admit that I avoid risk. I look for it and work to manage and reduce it as much as reasonably possible. I don’t like risk. Life has taught me that our world is full of it. Often risks are ignored until the threat is realized and then we’re suddenly “awake” and sensitive to our newly realized vulnerability. We also live in a world where “FUD” (fear, uncertainty, and doubt) is used to manipulate our buying decisions. My motive is never to manipulate people for self-serving purposes. I am motivated to serve your interests through my years of experience and observation. I am awake to many risks that you may not be aware of because I observe this stuff daily. While I’m not yet a self-described security “expert”, I am experienced enough to share with you my lessons learned in part two of my Confessions of an IT Professional on data backups.

In part one I confessed that our traditional IT ingredients related to security are no longer sufficient to protect us from the threats of a modern-day Internet. A lot has changed to make our traditional security measures less effective.

Let’s talk about data backups. One of the first places we start as professional IT practitioners is to ensure the systems we’re working with have the right kind of data protection. Backups are not created equal. Backup products are VERY different in their capabilities and use cases. I’m talking about both local or cloud-based backup programs! Let’s review some important questions to consider about backing up our valuable data:

#1 – What does it backup and how does it do it?  Does it backup files, folders, installed programs, databases, or my Windows software? It will take many hours to rebuild a corrupted Windows system along with everything else. Most backup programs DO NOT enable this fully.

#2 – How easy is it to restore data from the backup? Can I restore a file, folder or the entire software system? How long does it take to restore? When is my most recent saved backup? I am currently using a cloud based backup program that is widely advertised on the radio. I needed to restore from it for the first time recently and was not able to complete the restore quickly enough to be able to use it which is why I am moving to another cloud backup solution. I didn’t do my own homework!

#3 – Is my backup data secure from ransomware or malicious software that can seek and destroy my backup data? Does my backup store data securely offsite in a cloud in case of a disaster or other loss? Some malicious software will seek and destroy backup data. Data backups need to be offline, redundant, have verifiable data integrity (not corrupt), and be separated from the data source being backed up.

#4 – Is my sensitive data encrypted or protected from unauthorized access if lost or stolen? (Think external hard drives or USB devices.) Encryption may or may not be a feature of your backup software and may not be enabled automatically! Assume that backed up data is accessible by a 3rd party unless you use encryption (based on a password) to make data unreadable by unauthorized parties.

#5 – Does my backup system have history to enable me to restore files from different points in time? You need flexibility depending on the kind of data needing restoration. When finance or the tax attorney calls needing a copy of “that file” from 6 months ago that you can’t find, does your backup have sufficient historical archives to enable going back in time to restore at a point on time?

Not only to we need to think about the right kind of data backup solutions (or disaster recovery) for our PCs, laptops, or servers, we also need to consider how to protect mobile and cloud data: social media accounts, smart phones, tablets, thumb drives (AKA USB or flash drives), and SD “memory” cards in our portable digital devices. Many of us use our phones exclusively (instead of a PC or Mac) and we’re storing more personal content than ever. Are we protecting and preserving our valuable memories for future generations?


Recent Posts / View All Posts

social engineering tactics

How Hackers Use Social Engineering Tactics in Phishing Scams

| Business Productivity, Security | No Comments
Social engineering is quite a buzzword these days in the world of cybersecurity. But what is it, and why are businesses so afraid of it? It is a form of hacking that uses deception and manipulation to get victims to divulge information. Companies have reason to be fearful because social engineering tactics have led to a lot of destruction and millions of dollars in losses for businesses worldwide. Phishing is one of the most rampant types of attacks these days. It has been highly successful because it uses tried-and-tested social engineering techniques to hoodwink potential victims. What are these Social…
spot social engineering

Training Employees to Spot Social Engineering

| Security, Tech Tip | No Comments
Social engineering is one of the newest methods hackers use to access sensitive information. Rather than attacking a system directly, this technique relies on human psychology to gain information. This method is brilliant when you think about it because it does not have to deal with going past ironclad network security. If hackers can manipulate even a single employee, they might hand over sensitive information on a silver platter, and the hackers can take control of the organization’s entire system. This is why its important for your employees to learn how to spot social engineering. Companies must understand that if…
Phishing Scam Tactics

Top 8 Phishing Scam Tactics and How to Identify Them

| Business Productivity, Security, Tech Tip | No Comments
Phishing has been a common hacking method for over two decades now. You would think that everyone would already know how it works and how to avoid becoming a victim, right? Sadly, that is not the case for these Phishing Scam Tactics. There are more victims now than ever. In 2022, there were more than 300,000 victims in the US alone, with damages amounting to over $52 million! The thing is that phishing scams have evolved over the years. Hackers are now more adept at hoodwinking unsuspecting victims, and they also have easy access to modern technology that helps elevate…