We’ve talked about backup strategies here before, mostly relating to the hardware used to do the job. But one aspect of backups that doesn’t get much attention is rotating a set of backup media offsite, just in case of some sort of catastrophe that would take out the servers, the data on them, and any backup media stored in the same building.
I read this morning about a health care firm who had an employee take a set of backup tapes home with him, which is probably an ok solution 99.9999 percent of the time, but this time someone stole the backup media from his car.
There is no indication that any data that would reveal confidential medical information has been accessed — not everyone has access to the tape drives and software to pull the data from the media, plus the thief probably wasn’t after the backups at all, and they are now sitting in a landfill somewhere — but just the fact that the records of some 365,000 patients ended up in the wrong hands is cause for huge concern.
While the take-it-home method is probably the cheapest and most convenient method (I do it with my current job, and I’m sure I’m not alone) it’s probably a good idea to have the data encrypted at the very least. There are also lots of storage firms that will house your backup media for a reasonable price; they’ll even pick up & drop off the media for you. And with high-speed Internet connections being more the rule these days, you wouldn’t even need to worry about carrying media around.
For my job, with the amount of data I need to get offsite (mostly graphics files), online backups would take too long and cost too much. Carrying tapes or drives is almost necessary, but this is making me wonder if throwing some sort of encryption into the mix would be a good idea, at least for some of the more critical data, and the data that could be damaging if it got into the wrong hands. What works for you?
via The Consumerist.