See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/380574541

A Study Of Traditional And Recent Data Backup Techniques And Security Risks

Article · June 2023

CITATIONS

0

READS

1,385

2 authors:

Satish Batrel Batrel Veritas

3PUBLICATIONS   0CITATIONS    SEE PROFILE

Ashwini Manish Brahme

International Institute of Management Science , Pune 13PUBLICATIONS   14CITATIONS   

SEE PROFILE

All content following this page was uploaded by Satish Batrel Batrel on 15 May 2024.

The user has requested enhancement of the downloaded file.

SHIV SHAKTI

International Journal in Multidisciplinary and Academic Research (SSIJMAR)

Vol. 11, No. 3, June 2023 (ISSN 2278 – 5973)

A Study Of Traditional And Recent Data Backup Techniques And Security Risks

Dr. Ashwini Brahme¹Associate Professor, Yashaswi Education Society International Institute of Management Science (IIMS) , Chinchwad , Pune

Satish Batrel^2,Research Scholar SIMCA, Pune & Principal Project Management Specialist, Veritas Technologies -Pune.

Abstract:

Security risk in data backup and disaster recovery planning is an opportunity for backup industry.

Backup Planning needs to be to be full proof for creating a backup which is Ransomware free.

Hackers use various vulnerable door to contaminate the data. This research paper is intended towards data backup especially traditional backup method, disaster recovery planning, data backup testing. This study is also focused on possible data backup methods for data availability and lowest recovery time with minimum data loss. Traditional backup devices are easily available and data transfer costs can be low, but they also come with a host of critical issues.

The present paper discusses a multi-server solution that uses four cloud backup servers and an enriched genetic algorithm to retrieve lost data. When the main cloud server loses its data and is unable to offer data to users, the suggested approach gives the user the freedom to acquire information from any backup server to achieve dependability.

Keywords: Data Backup, Traditional backup Methods, Ransomware free Backup, Disaster planning for data MSP ( Managed Service Provider)

INTRODUCTION

Backups and availability of the same while DR drill is always a challenge on any environment.

Numerous researchers have put forth various data recovery strategies, however they are ineffective and unreliable. It’s always been dangerous for managed services providers (MSPs) to exercise backup best practices, but this has become even more vital with the pandemic having reset

employee’s potential around remote work. Up to 74% of professionals believe that remote work is here to stay according to Growmotely, while 16% of companies globally are already completely remote and 40% offer hybrid working. This is proving that WFH looks set to be an ongoing feature of the modern workplace, rather than the temporary fluke that many expected or even hoped it might have been at the start of the pandemic.

For example, IT staff must manage and monitor a backup application server and ever-expanding local storage, meaning MSPs must set aside money to fund these staff members and keep them on call. For smaller MSPs with fewer resources, less time, and less money than their larger

counterparts, this is a significant disadvantage. Also, traditional backup mechanisms typically don’t scale very well. Adding more local backup storage space is time-consuming and labor-intensive because it requires installing and maintaining more physical hardware and doing so drives up operating costs.

Literature Review

Shared by Sindhura Yarrapothu is "Effectiveness of Backup and Disaster Recovery in Cloud."

In daily IT operations, backup and disaster recovery, or DR, play a crucial role. They outline several details of an enterprise's business continuity strategy. Improvements in backup and recovery

performance are always required for factors such backup window size, high availability, security, etc. Businesses want and rely on definitive knowledge to change from conventional approaches and adopt emerging technologies, which are an integral part of routine company operations. Many studies have been done on how to improve backup and disaster recovery procedures. However, they lack clear information on how their performances vary and what specific parameters may be raised by utilizing modern, innovative techniques.²⁹

A researcher named Praveen Challagidad stated cloud computing offers access to any form of services dynamically through the Internet on a demand basis in his article titled Efficient and Reliable Data Recovery Technique in Cloud Computing. Storage as a service is one of the most important services being offered. Any quantity of data that a cloud client stores in cloud storage leads in a massive amount of data being stored in the datacenter. A disaster that is man-made (either by the CSP or the customer without their knowledge) or a natural disaster (either earthquakes or volcanoes) might result in the deletion of data from the datacenters. The volume of data being produced nowadays necessitates the use of data recovery techniques or services. Consequently, it is necessary to design.³⁰

Author Lisheng Ma states that, real-time data backup is a crucial concern to increase the survivability of a geo-distributed DCN (Geographically distributed Data Centre Network) in the progressive catastrophe scenario when numerous nodes and connections are successively

interrupted with varied early warning times. In order to analyse this issue, we make the assumptions that different disaster-covered DCN nodes have varied backup node sets and that various disaster- covered DCN nodes and connections have various early warning timings. To maximise the overall quantity of data backup, we first provide an ideal data backup technique based on integer linear programming (ILP).³¹

Two backup strategies—maximum data backup and fair data backup—are suggested by carefully examining the early warning time at the critical node. The former allows for the most data to be backed up overall. The latter maximises the same backup proportion (in terms of percentage of the total amount) for each data type while taking equity among various data kinds into consideration.

By carefully choosing a set of secure backup DCN nodes and matching backup routes, an integer linear programme (ILP) and a heuristic are suggested for each scheme in order to address the problem of resource competition. The accuracy of the ILP formulations and the effectiveness of the heuristics are supported by extensive numerical evidence. As states in Heterogeneous Data

Backup Against Early Warning Disasters in Geo-Distributed Data Center Networks by Xiaozhou Li. ³²

What does backup data mean?

Typically, backup data means all necessary data for the workloads your server is running. This can include documents, media files, configuration files, machine images, operating systems, and registry files. Essentially,

any data that you want to preserve can be stored as backup data.

Data backup includes several important concepts:

Backup solutions and tools—while it is possible to back up data manually, to ensure systems are backed up regularly and consistently, most organizations use a technology solution to back up their data.

Backup administrator—every organization should designate an employee responsible for backups. That employee should ensure backup systems are set up correctly, test them periodically and ensure that critical data is backed up.

Backup scope and schedule—an organization must decide on a backup policy, specifying which files and systems are important enough to be backed up, and how frequently data should be backed up.

Recovery Point Objective (RPO)—RPO is the amount of data an organization is willing to lose if a disaster occurs and is determined by the frequency of backup. If systems are backed up once per day, the RPO is 24 hours. The lower the RPO, the more data storage, compute and network resources are required to achieve frequent backups.

Recovery Time Objective (RTO)—RTO is the time it takes for an organization to restore data or systems from backup and resume normal operations. For large data volumes and/or backups stored off-premises, copying data and restoring systems can take time, and robust technical solutions are needed to ensure a low RTO.

Benefits with traditional backup ways:

Organizations need to consider their data protection needs when comparing cloud and local backup options. The benefits of local backup include the following:

On-site accessibility. It doesn't get much more accessible than having the backup data at your primary site. Disk-based backups are typically continuous throughout the day, so a user can go back to a specific point in time.

Speed. On-site disk is fast for backup and recovery operations.

Security control. An organization has more control over local backup than data that's in the hands of a cloud provider.

Major security risks with traditional backup ways:

Set up Cost is too high: The expense of on-site hardware is very high. Disks are steep, so adding them can make a considerable bang in the budget. In addition, the lifespan and robustness of disk requires replacement from time to time as well as routine maintenance.

Scalability difficulties. With local backup, the process of adding space is more labor-intensive because the business needs to acquire the surplus storage and install it. Tangibly storing more data backups is more of a saddle than just adding storage space in the cloud.

High maintenance: Dedicated staffing is required to maintain and manage it. In Cloud computing, IT resource gets chance to focus on other important tasks besides backup maintenance.

Cybersecurity issues. If a cyber-attack hits the primary data center, an organization should use an off-site backup -- whether it be on tape or in the cloud -- to make sure the restore is clean.

Ransomware, an even bigger risk to

Disaster recovery issues. If there's a disaster at the primary site, a local backup will not be helpful.

However, if your organization has moved tapes off-site, those backups are valuable for disaster recovery. Traditional local backups use disks to store backup data—meaning data is entrusted to physical media at the customer location that are vulnerable to damage. Small businesses may not fully appreciate proper storage hardware management. For example, if your onsite backup storage happens to be under a water pipe, and that pipe bursts, that data could be lost forever and your local backups rendered useless. Similarly, there is the threat of natural disaster. If all your backups are stored in the same location as your production data, and fire or floor takes out the facility, you have nothing to fall back on. The results can be catastrophic for a business owner, and for their MSP.

Single Point of failures: Speaking of hardware risks, there are issues that can come with

proprietary backup appliances. They can potentially introduce a single point of failure into the data protection process. If you use a local appliance that aggregates the backups and sends them in one huge chunk to the cloud, any device failure will bring scheduled backups to a halt. If the appliance suffers a hardware failure, or simply reaches its capacity, there is a risk of not discovering the issue until several backup cycles have passed. This can adversely affect your RPO, introducing an unnecessary risk.

Restore Testing Drills: Many old-style backup products do not provide an programed way to test and verify the recoverability of backups. Regular backup testing is the only way to make sure your backups are recoverable, but older systems require manual work and effort to test backups,

including dedicated servers or virtual machines. Busy MSPs rarely have time to do this as often as they know they should.

Important statistics on Data Backup from ²⁷

2 out of 3 midsize companies were affected by Ransomware in the past 18 months.

Each week, 140,000 hard drive failures occur in the US.

28% data breaches are caused by malware.

Every five years 20% of medium-sized and small businesses experience data loss from a major disaster.

Only 45% of businesses consider security budgets adequate.

60% of businesses that suffer a data loss event within six months will close down.

33% folders aren’t protected.

82% breaches are caused by human error.

93% of companies that lose their data centers for more than 10 days file for bankruptcy within one calendar year.

96% of businesses do not back up their workstations.

A team of incident responders can dramatically reduce the cost for a data breach.

More than half the businesses don’t have enough money to recover from data breaches.

85% rise in dark web data dumps.

Data Backup Best Practices for 2023

Use Offsite Storage

A physical server in a different location or a cloud-based backup is best example for offsite storage. In the event when central server is compromised in some way offsite copy helps. A natural disaster (like the hurricanes, earthquakes etc..) lead to destruction of data on-site server, causing a huge loss of data which business incurs.

3-2-1 Rule for the backup

This rule says to keep 3 copies of your data on 2 different devices/mediums with 1 off-site storage solution. An example of data backed up according to the 3-2-1 Rule would be a primary server in a business’s headquarters, a cloud-backup or remote DR backup and a backup of NAS drive. This ensures your data is backed up no matter what happens.

Backup Frequency

Data backups on regular basis is equally important. Data retention and frequency are important perspective in recovery industry.

Important data needs to be backup up more frequently as compared to less important.

Encrypt Your Backups

As we see that data backups which are not encrypted lead to data leak causing huge financial loss. Strong data encryption methods like PKI, Certificates , data lockers and fingerprinting of data are equally important to ensure the data is secured.

Think About Endpoints

Phones, tablets, and computers that are used to in organization to carry out their duties are endpoints. They store data and if they are not backed up, the data will be lost if in the instance of device fails or gets lost or stolen. Data backup plans must include backup for such individual devices.

BOYD

Bring your own device (BYOD) is new normal in growing IT industry. This helps save a lot of infrastructure cost. However, this can lead to data more vulnerable. If the data is lost and not backup in effective manner it leads to financial losses. Proposing a better implementation of secured data backup will surely help in better business gains.

Security Traditional v/s Cloud

Data security has frequently been a significant problem in IT. Because data are dispersed over several machines and storage devices, including servers, PCs, and other mobile devices like wireless sensor networks and smart phones, data security becomes a particularly critical issue in the cloud computing environment. In comparison to traditional information systems, data security in the cloud is more difficult.

CONCLUSION

High disaster recovery costs are making cybercrimes more serious for businesses. The global cybercrime cost will rise to $6 trillion per annum by 2022 according to predictions. The cost of data management is increasing, and security threat are growing very high. Based on the best practice above it is cited that a balanced approach needs to be made on the same. Proper data encryption is important factor for data

security on the backups. Ransomware attacks carried out with incorrect backup tools lead to huge loss in the business. Proper Disaster recovery planning for data can surely help to achieve zero data loss if all the important perspective are considered.

In the present current world, improvement of present-day advancements is becoming unsurprising to fulfill the client's necessities. To defeat the business requests, the organization should watch out for worldwide coordinated effort, change, and efficiency. These are the nuts and bolts for an organization to rival different organizations. Subsequently the idea distributed computing advances. This paper investigates the framework of distributed computing and Reinforcement as administrations. Security issues and virtual distributed computing are examined. Distributed computing for instructive establishments is created. In future, administration level arrangements (SLA) can be viewed as in instructive distributed computing.

SCOPE FOR FUTURE RESEARCH/

RESEARCH IMPLICATION

This study focus on the backup planning. We need to explore various options on data backup solution with high security on data loss. Effective data backup tools need to be worked in a better solutions environment avoid financials losses. Major organization like IT firms , Backup companies, Cyber Cell , Service providers need to work on better product for backup and technology to be faster and safer backup. We need to further determine various backup methods and a combination of both traditional and modernized. Explore methods to minimize RPO and RTO for business availability of data. A mixed approach needs to be worked on for efficient and quicker DR drills to ensure data integrity.

REFERENCES

[1] Justin, C., Ivan, B., Arvind, K. and Tom, A. ―Seattle: A Platform for Educational Cloud Computing‖SIGCSE09, March 37, 2009, Chattanooga, Tennessee, USA. 2009.

[2] Shanthi Bala, P. ―Intensification of educational cloud computing and crisis of data security in publicclouds‖, International Journal on Computer Science and Engineering (IJCSE), Vol. 02, No. 03, 2010,741-745.

[3] M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A.Rabkin, I.

Stoica, and M. Zaharia, ―Above the Clouds: A Berkeley View of Cloud Computing,‖ UCBerkeley Reliable Adaptive Distributed Systems Laboratory, 2009.

[4] Al Noor, S., Mustafa, G., Chowdhury, S., Hossain, Z. and Jaigirdar, F. ―A Proposed Architecture of Cloud Computing for Education System in Bangladesh and the Impact on Current Education

System‖International Journal of Computer Science and Network Security (IJCSNS), Vol.10 No.10. 2010.

[5] Vouk, A. Cloud Computing Issues, Research and Implementations. Journal of Computing andInformation Technology - CIT 16, 2008, 4, 235246, doi:10.2498/cit.1001391 2008.

[6] Amazon Web Services (AWS) Web Site. What is AWS? A comprehensive cloud computingplatform.

http://aws.amazon.com/what-is-aws/

[7] Amazon Web Services, Case Study. Application Hosting.http://aws.amazon.com/solutions/case-studies/

[8] Amazon Web Services, Educator. AWS in Education. http://aws.amazon.com/education/

[9] Amazon Web Services (AWS), EC2 Web Site. Amazon Elastic Compute Cloud (Amazon EC2).http://aws.amazon.com/ec2/

[10] Garrie, D., Who has Legal Jurisdiction in the Cloud? , Accessed from WWW and Retrieved on 12-03- 2012 and Available @ https://www.gplus.com/legal-issues/insight/who-haslegaljurisdiction-in-the-cloud- 50084

[11] Gellman, R. (2009), Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing, World Privacy Forum, USA.

[12] Global Internet Liberty Campaign, Privacy and Human Rights: An International Survey of Privacy Laws and Practice, Accessed from WWW and Retrieved on 07-02-2012 and Available @

http://gilc.org/privacy/survey/intro.html

[13] GoI, Guide on Right To information Act, 2005, Accessed from WWW and Retrieved on 12-03-2012 and Available @ http://rti.gov.in/RTICorner/Guideonrti.pdf

[14] Gulshan Rai (2012), Technology is changing the Entire Paradigm, Feb 2012, EGov Magazine, Noida, India. Advanced Computing: An International Journal ( ACIJ ), Vol.3, No.2, March 2012 169

[15] Five Hidden Security Risks You May Find with Traditional Backup Mechanisms - N-able [16] Cloud backup vs. traditional backup: Advantages, disadvantages | TechTarget

[17] Data Backup Best Practices In 2023 - Business Security (copycei.com)

[18] Data Backup in Depth: Concepts, Techniques and Storage Technologies (cloudian.com) [19] Cloud Backup vs Local Backup | EIRE System (eiresystems.com)

[20] 50+ Backup Statistics 2022 Backup vs. Recovery, Disaster Recovery, Trends (enterpriseappstoday.com)

[21] Data Loss Statistics: Why Your Business Needs a Backup Plan (invenioit.com)

[22] Why Do You Need both Local and Cloud Storage When Backing Up Data? | Backup Ninja [23] Cloud Storage vs. Local Storage (bemopro.com)

[24] 11 Surprising Data Backup Statistics – 2022 Report - Ontech Systems [25] Cloud Backup Vs. Local Backup: Which Is Better? - Geekflare

[26] What's Better? Data Backup Center vs. Cloud Backup (uschamber.com) [27] 50+ Backup Statistics 2022 Backup vs. Recovery, Disaster Recovery, Trends (enterpriseappstoday.com)

[28] https://i0.wp.com/www.enterpriseappstoday.com/wp-content/uploads/2022/08/areas-covered-in- organizations-disaster-recovery-plans-.png?resize=1024%2C567&ssl=1

[29]Effectiveness of Backup and Disaster Recovery in Cloud from https://www.diva- portal.org/smash/get/diva2:861846/FULLTEXT01.pdf

[30] Efficient and Reliable Data Recovery Technique in Cloud Computing :: Science Publishing Group

[31] Real-time data backup in Geo-distributed data center networks against progressive disaster | SpringerLink[

[32] Heterogeneous Data Backup Against Early Warning Disasters in Geo-Distributed Data Center Networks (optica.org)

View publication stats