fbpx Skip to main content

Confessions of an IT Professional – Part 2 – Data Backups

By December 10, 2018Security
Confessions of an IT Professional Series

Terry Allen, Technical Engineer, OXEN TechnologyThis week’s article is the second in a series by OXEN’s own Terry Allen, one of our technical engineers based in Joplin, MO. Part 1 is here.

This post originally appeared on Bloggin’ IT with Terry Allen and is reprinted with permission.


I’ll admit that I bang the security drum a lot. Those of you that know me will admit that I avoid risk. I look for it and work to manage and reduce it as much as reasonably possible. I don’t like risk. Life has taught me that our world is full of it. Often risks are ignored until the threat is realized and then we’re suddenly “awake” and sensitive to our newly realized vulnerability. We also live in a world where “FUD” (fear, uncertainty, and doubt) is used to manipulate our buying decisions. My motive is never to manipulate people for self-serving purposes. I am motivated to serve your interests through my years of experience and observation. I am awake to many risks that you may not be aware of because I observe this stuff daily. While I’m not yet a self-described security “expert”, I am experienced enough to share with you my lessons learned in part two of my Confessions of an IT Professional on data backups.

In part one I confessed that our traditional IT ingredients related to security are no longer sufficient to protect us from the threats of a modern-day Internet. A lot has changed to make our traditional security measures less effective.

Let’s talk about data backups. One of the first places we start as professional IT practitioners is to ensure the systems we’re working with have the right kind of data protection. Backups are not created equal. Backup products are VERY different in their capabilities and use cases. I’m talking about both local or cloud-based backup programs! Let’s review some important questions to consider about backing up our valuable data:

#1 – What does it backup and how does it do it?  Does it backup files, folders, installed programs, databases, or my Windows software? It will take many hours to rebuild a corrupted Windows system along with everything else. Most backup programs DO NOT enable this fully.

#2 – How easy is it to restore data from the backup? Can I restore a file, folder or the entire software system? How long does it take to restore? When is my most recent saved backup? I am currently using a cloud based backup program that is widely advertised on the radio. I needed to restore from it for the first time recently and was not able to complete the restore quickly enough to be able to use it which is why I am moving to another cloud backup solution. I didn’t do my own homework!

#3 – Is my backup data secure from ransomware or malicious software that can seek and destroy my backup data? Does my backup store data securely offsite in a cloud in case of a disaster or other loss? Some malicious software will seek and destroy backup data. Data backups need to be offline, redundant, have verifiable data integrity (not corrupt), and be separated from the data source being backed up.

#4 – Is my sensitive data encrypted or protected from unauthorized access if lost or stolen? (Think external hard drives or USB devices.) Encryption may or may not be a feature of your backup software and may not be enabled automatically! Assume that backed up data is accessible by a 3rd party unless you use encryption (based on a password) to make data unreadable by unauthorized parties.

#5 – Does my backup system have history to enable me to restore files from different points in time? You need flexibility depending on the kind of data needing restoration. When finance or the tax attorney calls needing a copy of “that file” from 6 months ago that you can’t find, does your backup have sufficient historical archives to enable going back in time to restore at a point on time?

Not only to we need to think about the right kind of data backup solutions (or disaster recovery) for our PCs, laptops, or servers, we also need to consider how to protect mobile and cloud data: social media accounts, smart phones, tablets, thumb drives (AKA USB or flash drives), and SD “memory” cards in our portable digital devices. Many of us use our phones exclusively (instead of a PC or Mac) and we’re storing more personal content than ever. Are we protecting and preserving our valuable memories for future generations?


Recent Posts / View All Posts

Social Engineering

January Recap: All You Need to Know About Social Engineering

| Managed Services, Security | No Comments
This month, we covered a range of topics concerning social engineering. Social engineering is now considered one of the most prevalent risks when it comes to online security. Most hackers rely heavily on social engineering tactics to lure unsuspecting users to divulge information. It sounds complicated but it's nothing more than the practice of manipulating people into revealing information through the use of false pretenses. It often creates a sense of urgency, fear or excitement, playing with people's emotions to get them to do exactly what the hackers want them to do. In case you missed any of them, here…
Cybercriminals Use Social Engineering

The Top 5 Ways Cybercriminals Use Social Engineering

| Managed Services, Security | No Comments
Advanced technology and cutting-edge hacking techniques have been the main tool that cybercriminals use for online attacks. But did you know that the most effective method that hackers use for enticing victims online is something so much simpler? Cybercriminals use social engineering or in other words, manipulate people by establishing trust and playing on their emotions. Common Methods of Social Engineering Attacks There are a number of creative ways that social engineers go about their devious ways. However, there are five ways that stand out on how cybercriminals use social engineering for their personal gain. Phishing This method is by…
Social Engineering scams

Where Does Social Engineering Scams Come from?

| Managed Services, Security | No Comments
Social engineering scams are so much more rampant these days than ever before. There will certainly be suspicious-looking items in your inbox when you check your emails, which are most likely phishing emails. Many people now know to avoid clicking these malicious emails, which is a good thing. But still, their vast amount makes you wonder, where do social engineering scams come from anyway? The very simple answer to that is social media. How Social Media Is Used for Social Engineering scams According to the latest count, there are more than 4.74 billion social media users today. For hackers, each…