Let’s be honest. When it comes to installing a backup system, you probably just want to know that it works. I mean, you hardly ever need to use the thing anyway. How many times a year do you really need to restore your servers from a backup? Once? Twice in a bad year? In the event that you do have to restore the data, you’re going to be more concerned with why you have restore rather than what you’re restoring. Here’s the thing: You’re paying for a backup solution. Why wouldn’t you want your backup to pull its weight around the office? Keep reading and you’ll learn how more modern backup solutions are offering to do much more around the office than they do now.

Typically, companies backup their data by following the 3-2-1 rule. This means keeping 3 copies of your data on 2 different types of media and keeping one copy offsite. It used to be that someone would take the tapes home at the end of the day and this was considered ‘offsite’ storage. The only difference today is that the tapes have been replaced by an external hard drive. This worked fine until the person responsible either forgot, or had their car stolen, or towed or worse. In case you haven’t noticed, people are getting pretty sensitive about where their data is begin stored. Placing thousands of client files and documents in the hands of an employee is risky and downright unacceptable these days.

There’s another problem. The best case scenario in the event of a massive data loss is that your firm can go back 24 hours. You’ve still lost an entire day’s worth of production. That’s still thousands of dollars in lost revenue, not to mention the hassle of letting your clients know that the work you were doing for them is now going to be delayed further. And if it’s a malware problem that caused the data loss, there is no guarantee that your latest backup doesn’t have the offending program sitting on it. Restoring an older backup from the cloud can take many hours. Many firms have had to wait 12 hours or more just for the backup data to download, let alone be restored.

There is a better way to go about all this. Firms in the know are converting to an active backup solution that offers a much higher level of flexibility in backup schedule and recovery speed. Here’s how they work:

Software is installed on a server that automatically backs up all your data to both and external drive, and a cloud storage site. Once the initial backup is complete, the software backs up only the changes to the server at a regular interval, say, every 15 minutes. At the end of each day, those daily changes are then sent to the cloud so the last day’s work is always kept offsite. If you’re thinking “Wait, we have each day’s backup offsite already. Why do we need an active solution like this?”, keep reading.

The reason some of the more robust backup software programs are way better than past generations is the way they handle their incremental backups. By marking only the changes in the data they are able to pinpoint specific changes at the individual file level. You know that brief you spent 5 hours on before your word processor crashed and corrupted it? With an active backup solution, you can get it all back in no time.  Did one of your in-house IT staff members accidentally delete a critical .dll file when they were upgrading your case management system? No worries. That can be easily restored with a few clicks.

Additionally, when combined with the right cloud storage provider, an active backup solution can get your firm back to business in minutes in the event of a major catastrophe. Modern solutions allow you to spin up a virtual image of the server hard drive from the cloud. This means that with just an internet connection, the entire staff can be up and running as if nothing is wrong while the server is being restored. All of this is done using secure encryption to ensure compliance with just about any standardization.

If your firm is using an older more traditional backup solution, it may time to consider changing things up a bit. Storage has never been cheaper so there is no better time than the present to put a solution in place that actually proves itself a little more useful than you’re used to. 

Much has been made recently of a bug in a critical internet security protocol called OpenSSL. The bug, known as Heartbleed, allows hackers to access the memory of a web server and potentially acquire the server’s security key. This would enable hackers to do all sorts of nefarious things to the website itself as well as its’ users. While the worst of the Heartbleed storm passed without incident, it is still important to know what it really meant to internet users and what effect it should have on our habits and how it will affect the internet in the future.

The first thing to understand about Heartbleed is that the potential for disaster was very, very high. OpenSSL, the protocol that Heartbleed affected, is used by a full 2/3 of the top 5000 websites on the internet. Fortunately, it was discovered by the good guys long before the bad guys had a chance to exploit the bug. This means that most of the really important websites were offered the opportunity to patch the vulnerability before the bug was made public. Common sites like Facebook, Twitter, Gmail, banks and such had already been made aware of the exploit and had fixed it before most of us knew it existed. By the time the hacking community was aware of the bug, they weren’t really able to do much with it. However, that didn’t keep them from trying. That brings us to the next important point to understand about Heartbleed.

Many of the World’s top internet security experts analyzed data from thousands of servers and discovered that nearly all of the attempts to take advantage of Heartbleed were made after the bug was made public. Since most of those affected had patched the bug, the exploit returned no information to the hackers. It seems highly unlikely that there are many, if any, hackers that were able to acquire valuable information from the servers they attempted to exploit. So, what if they did manage to use Heartbleed to access a server’s memory? What would they have been able to acquire? Odds are, not much. The way the bug worked, it pulled the data that remained resident on the server’s physical memory and only 64kb at a time. This dramatically reduces the chances that hackers would grab both your user name and/or password.

So does this mean that there is nothing to worry about and to just ignore the Heartbleed hype? Not exactly. The problem is that while it looks as if everything is going to be OK, there are no guarantees. And since the threat of what this bug was capable of or the potential for it to be expanded still exists, it’s best that users take some action. Namely, change your passwords on everything. Obviously, this is a huge pain in the neck. However, this is always a good habit to get into anyway. It’s not a bad idea generally to change all your passwords once a quarter at minimum anyway. If that seems like too much work for you, consider a password manager such as LastPass or KeePass or RoboForm. These servers enable you to store randomly generated, long passwords for all your websites in a secure, encrypted vault that no one (not even the company itself) has access to. You simply enter one password into the service and it will automatically log you in to any password-protected sites you visit. If you want to change your password to any site, the service can do it for you and you still won’t be required to remember it.  These services can also work at an enterprises level. This means that employees that need to have access to say, the company Facebook page, will login using their password manager and will never actually know the password. If that employee leaves, you simply deactivate their LastPass or KeePass account and they lose access to all corporate internet accounts.

The important thing to keep in mind with all of this is that there are always going to be vulnerabilities that are exposed. There are also always going to be vulnerabilities that aren’t exposed. The best way to keep yourself safe is to be smart about where you go and what you do when you get there. The same rules always apply: Don’t click links you can’t absolutely trust, and don’t download or open files or attachments you can’t absolutely trust. YOU are the best malware program there is. If you want more information about how you can put the right procedures in place to protect you or your company, feel free to contact us. We’ll be happy to help any way we can.