I sat down with Everett Brooks, Account Manager for CrashPlan Backup Solutions. We chatted about the importance of Cloud Backups for Small and Medium Sized Businesses.
When I’m working with my clients, there’s some questions that come up right off the bat. And two things that enter the conversation are:
- Why should I store my data off site?
- If it is stored off site, what kind of encryption is happening so that somebody that’s off site can’t get to my data?
I think having a conversation with a customer that recognizes that backup is important is key because 60% of businesses out there don’t even backup their data. So, if you’re at least having that conversation, that’s certainly positive. And there are a lot of different methodologies and frameworks that exist. One of the ones that I think is easy to remember, at least for an old guy like me, is the three two one methodology.
Basically, what that says is if you’ve got critical data, then that should be backed up at least three times somewhere, right?
And to provide a degree of diversity, it should be backed up on at least two different types of media. Right? So hard to drive, tape, what have you.
Then at least one of those copies should be off site.
One of the nice things about cloud backup is it covers one of those categories all the way down. Because certainly it would be a copy, it would be a different media, and it would be off site.
Now, to your other question about security and encryption, we really standardized on AES, 256-bit encryption. So, we utilize and the CrashPlan framework is really built around security. And so, what we do is based on the agent that we have that resides on the endpoint data is encrypted, the backup is actually encrypted using that AES encryption. It transits the Internet to our cloud backup. So not only do we encrypt the data, but we encrypt the pipe.
Then once it is in place in the cloud backup, then it is continuously protected by that AES encryption. Which is interesting because our model ties all of that to a key that exists for an individual user or license. And that’s important too, because when you think about security and there are a lot of different solutions out there, some of which will claim that they’re secure, you really must dig into what they mean by that. But at least as far as CrashPlan is concerned, we take very seriously the fact that data needs to be secured in transit so that in case there is a man in the middle attack, or somebody has gotten in that path that they can’t decrypt or access the clear data. And then once the data is at rest, it’s still encrypted as well. And it’s really all tied back to a single user. Access and key be controlled by an individual or an IT organization or an MSP, such as Tech Hero.
That’s one of the things that I think companies like Tech Hero can do, is help take a lot of that guesswork and a lot of that piece out of the hands of your clients. Let them really focus on what they do best.
To go back to 3-2-1 backup model you mentioned, that’s one of the reasons I really like to work with CrashPlan is diversifying the backups. Can be super helpful because let’s say you have your three different backups. There’s a whole myriad of things that can happen just on the workstation or server alone. Whether it’s getting stuck in an update loop or somehow, potentially, maybe an end user inadvertently removed the agent that’s on that machine, or just some Internet issues that can happen. And so, as I start to diversify the backups, it just provides me as an IT services provider, more options and more screenshots, more captures where we can restore data from, because the unfortunate thing is an attack or any hardware failure is going to happen, almost always happens at the worst possible time.
