10 steps to the CPA's perfect backup plan
- Define your backup policy
Formalize the what, when, where, and who of backups. Determine what data is to be backed up, when the backups should occur, where the data should be stored (i.e. offsite, vault, etc.) and who is responsible for ensuring that the backup process is followed, verified, and tested on a regular basis.
- Use online backup to move data offsite
By the very nature of online backup, your data will be stored in a location other than where your servers reside. This is a key component in your disaster recovery planning.
- Use "local network copy" function for immediate restores
Choose an online backup solution that allows for a copy of your backup data to be stored locally on your network -- in addition to the copy that will reside in the backup datacenter. This will provide better performance for restoring large volumes of data in a hurry. The datacenter copy will allow for recovery from disaster that destroys the local copy.
- Ensure that e-mail server mailboxes are included in backup job definitions
Firms usually do a good job of including the entire e-mail server database in the backup routine, and this is great for restoring a total server failure. However, for events requiring a single mailbox to be restored, be certain that you use the backup feature that allows for backing up individual mailboxes.
- Ensure that work-in-process files on laptops, desktops, and home PCs are factored into backup plan
Your audit teams spend valuable time scanning, creating, modifying, and notating documents in the field. Be sure that even these PCs are covered in your backup strategy. Simply install a backup agent on each of your field laptops and any home PCs where data is stored, and your data will be protected.
- Use solutions that encrypt data end-to-end
From the time your data leaves your server(s) until the moment it reaches its final destination in the datacenter, it should be encrypted using at least 128-bit encryption. And, only you should have the encryption keys, so that no one other than you can access the data – not even the datacenter employees.
- Avoid backup processes that require human intervention
Human error is the cause of at least one third of all data loss. Typical online backup solutions will minimize the need for human interaction by automating the backup process and eliminating the need for tape rotation and manual offsite storage.
- Ensure method of recovery from an alternate location in the event of a disaster
Be certain, in the event of a disaster, that your data can be restored from a location and to a location other than your primary office. Online backup allows you to restore to any computer, from any location that is connected to the Internet.
- Test the restore process on a regular basis
Once a disaster occurs, it is often too late to test the restore process on your backup system. Regularly restore sample files from your backups to validate that the restore process works and that it functions according to your expectations.
- Ensure backup policy adheres to data retention policy
Data retention is a much debated topic with the regulatory demands that impact accounting firms. No matter what your policy for retaining client data dictates, ensure that the files stored within your backup comply.
AccountingWEB would like to thank Trey James, president and CEO of Xcentric, LLC , for providing this information. Xcentric is a technology consulting group that specializes in network technology consulting, hosting, and implementation for accounting firms. For additional information or insights into refining your backup strategy, call James at 678.297.0066 or e-mail firstname.lastname@example.org .