World Backup Day highlights crucial data protection needs
With World Backup Day approaching on 31 March, cybersecurity experts are urging organisations to expand their data protection strategies by incorporating vital backup practices beyond traditional methods.
Stasia Hurley, Principal Product Marketing Manager at Barracuda Networks, has highlighted three critical backup strategies that organisations should adopt to enhance data resilience in an increasingly cloud-based and threat-prone environment.
"March 31st is World Backup Day – the annual reminder of the importance of backing up and protecting data from loss and theft," Hurley stated. "The universal messages of making regular backups, keeping offline copies and more are as important as ever – but in an increasingly digital, cloud-enabled world and with a rapidly evolving threat landscape, there are other aspects of effective backup that are worth thinking about on World Backup Day. They may not be as obvious, but they are just as important."
Hurley first emphasised the importance of backing up identity and access management systems, such as Microsoft Entra ID. She warned that many organisations wrongly assume that Entra ID data is automatically backed up.
"Many organisations assume there's a default backup of Entra ID data. However, this only retains data for a rolling 30 days. Some information, such as security groups, is not retained at all," she explained.
The risk, Hurley noted, is that Entra ID data can be lost, corrupted, or encrypted either accidentally or maliciously. Without proper backups, businesses may face serious disruptions.
"If it is not properly backed up – and recoverable – your employees won't be able to get to the applications and services they need to do their jobs. And you'll have to start all over again to recreate the directory. The impact on the business will be significant. Rebuilding Entra ID content is costly and time-intensive, and while they're waiting for you to fix it, colleagues can't do their work effectively," Hurley warned.
Another major risk involves restoring data without first ensuring it is malware-free. Hurley stressed the importance of scanning stored data for potential threats before reintroducing it into the network.
"Data may sit in your backup systems for a while. You may have robust inbound security measures in place, but this longer-term stored data could be harbouring malware that was not known to security systems when the content was first backed up," Hurley said. "If you restore without first scanning for malware you could be inadvertently introducing the threat into your network."
Lastly, Hurley encouraged organisations to test their backup systems to ensure their functionality when they are needed most.
"The worst time to discover that there is an error in your configuration, or that a setting is not right, is right after a ransomware event or when you really need to restore something and can't," she explained. "Even with easy-to-use systems, you and your staff need to be familiar with how your backup works and should be comfortable with restores – before the pressure is on."
As businesses continue to navigate complex digital environments, these proactive steps are crucial for minimising data loss, downtime, and security risks.
