Steps for: Storing Data Offsite (Secondary location)Billy McKindley
Throughout this portal we will refer to different Offsite Backup locations as “Primary” and “Secondary”, Primary backup and the Secondary backups live in different geographical locations (typically different States or Countries), both Primary and Secondary backup data is exactly the same, this method is used to protect against hackers, fires, floods, outages or other events that might impact both your main data source and the primary backup site.
Let’s look at a couple of scenarios that utilize a Secondary backup site.
Scenario 1: Floods
RapidLogistics is a national logistics company with a head office and depo near Brisbane that houses all their IT servers and equipment, during the 2010/11 floods they were unable to access their office and depo and IT system in the office, unfortunately all their IT equipment was flooded and the data was lost, they had a Primary backup site which was the owners apartment that was located in Brisbane CBD (20km away from office), due to the extent of the floods the owner was also unable to reach his apartment to retrieve backup files and the company was without their IT services and data, whilst they still had 60 trucks on the road around the country delivering and receiving cargo.
RapidLogistics had to keep operations running and trucks on the road, luckily their IT manager had some time to prepare for the floods and was able to upload a copy of their backup data to the cloud which effectively created a Secondary backup site for their data, due to this data being in the cloud their staff around the country could now access the data, putting the data in the cloud also allowed RapidLogistics to convert their backup files into Virtual Servers which allowed them power-on their server environments in the cloud, restoring RapidLogisics normal operations within a few hours.
- RapidLogistics was lucky they had time to prepare and created a Secondary backup site.
- RapidLogistics moved backup data into the cloud and this allowed remote operations to continue.
- RapidLogistics utilized Virtual Machine technology to replicate their servers and turn-them-on in the cloud.
Scenario 2: Ransomware attack
ABB company has a server at 123 Battery drive Melbourne, this server is backed up nightly to their Primary Backup site at 1 Computer drive Brisbane.
ABB company was hit with ransomware which infected all their computers at 123 Battery drive and also the backup data located at the Primary backup site, the ransomware was able to spread to the primary backup site by exploiting the VPN used for transferring backup data. ABB company was left with no recoverable data at both their office and their primary backup site. Luckily their IT MSP had the main server under a managed services agreement and they were maintaining the server and performing backups throughout the day, this backup data was being encrypted and uploaded to a third-party cloud backup service that was bundled into the MSP agreement, these backups were running in parallel to the normal backups occurring and used a different technique to backup, whilst this backup data was being uploaded to the cloud it was also being scanned for malicious files and as a result the ransomware was unable to spread to this platform, giving ABB company the ability to recover some of their data.
- ABB Company had ineffective home version of Anti-Virus (unmanaged) that didn’t detect the new ransomware strain.
- ABB Company didn’t have all their servers under an MSP agreement and some servers and data was unrecoverable.
- ABB Company had a Primary backup site, that proved to be ineffective in this scenario.