Demand the Best from Your Remote Backup Service

Congratulations – you’ve made the wise choice of backing your data up to a secure off-site facility! But how do you choose the right firm to perform this very important function? If your data is important enough to back it up to a secure off-site facility, you shouldn’t trust that job to just anyone. Here are seven critical requirements you should demand from the provider you hire.

Military-level security, data transfer and data storage. Never trust your data to a provider that isn’t compliant with HIPAA, Sarbanes-Oxley, Gram-Leach-Bliley and SEC NASD. These government regulations dictate how organizations with highly sensitive information handle, store, and transfer their data. If yours is a medical or financial institution, you are required by law to work only with vendors who meet these stringent requirements. But even if your organization does not fall under one of these categories, a provider meeting these requirements likely has high-level security measures in place.

The provider should also have a secure physical location where the data is stored. Ask if they have an ID system, video surveillance and a card key setup to allow only authorized personnel to enter the site. Finally, make sure they encrypt data with SSL protocols to prevent a hacker from accessing the data during transfers.

Multiple data centers that are geographically dispersed. Anyone versed in data security knows the best way to avoid loss is to build redundancy into your operations. This means that your remote backup service should store multiple copies of your data in more than one location. That way, if a terrorist attack or natural disaster destroys one of their locations, they have backups of your backup in a different city where the disaster did not strike.

The ability to receive overnight copies of your data on DVD or another storage device. If your entire network gets wiped out, an Internet download to recover your data could take days or weeks. Therefore, you should only work with a remote backup provider that will provide overnight copies of your data via some physical storage device. For this reason, your provider should also give you the option of having your initial backup performed via hard copy.

The ability to have data restored to a different computer than the one from which it was backed up.Some backups can only be restored to the same computer from which they came. If the original computer was burned in a fire, stolen, or destroyed in a flood, you’re left without a backup.

Daily status reports of your backup. All backup services should send you a daily e-mail to verify that your backup actually ran AND to report failures or problems. Many victims of cybercrime, including those hit by ransomware, realize too late that their backups are not done appropriately or often enough. (See our article on ransomware for more details.) Professional providers should also allow you to notify not only you but also a technician or your IT person of these status reports and any issues they present.

Help from a qualified technician. Many online backup services are “self-serve,” allowing the provider to make their service cheaper. But if you don’t set your system to back up correctly, the money you will save will be insignificant compared to the losses you’ll suffer. At the very least, ask your service provider to walk you through the steps on the phone or to check your settings to make sure you did the setup properly.

Regular test restores to check the effectiveness of your backup. Any number of things can cause your backup to become corrupt, and you won’t know it’s happened until you need it to work. Insist on a monthly test of your backup; it’s the best way to ensure that you’ll have a good, solid copy of your data available should disaster strike.