Tech Talk: Protecting Data against Equipment Failure
Technology and cyberthreats are ever changing. In this new series for the Bulletin, I will share best practices for you to consider in maintaining the security of your data and how technology can best be implemented to work for you. The following highlight some standard operations you may want to consider employing related to the protection of on-premise servers against equipment failure.
Mike Robey, MS, AAO-HNS/F Senior Director, Information Technology
Technology and cyberthreats are ever changing. In this new series for the Bulletin, I will share best practices for you to consider in maintaining the security of your data and how technology can best be implemented to work for you. The following highlight some standard operations you may want to consider employing related to the protection of on-premise servers against equipment failure. These are based on two axioms that work for me: 1) all systems will eventually fail, and 2) single points of failure should be eliminated.
Uninterruptible Power Supply (UPS)
Servers should be protected by UPS systems such as an APC Smart-UPS. Surge protectors with no battery backup are not enough. If you have a UPS, check the batteries. Battery life is between three to five years. If you cannot recall when the batteries were last replaced, replace them now. Another must-have feature is a software agent. Most UPSs come with a software agent that gets installed on the server. When the building electricity goes out, the UPS will signal the sever to gracefully shutdown before the battery run-time runs out.
To mitigate hardware failure, servers should be replaced every five years. Servers should also have redundant power supplies. If one goes out, the server is still up. Equally important is making sure the software is patched on a regular basis. Outdated software is more vulnerable to cyberattacks.
Regular review of system logs
A system administrator needs to be checking the system’s event logs and database logs on a regular basis. Although cryptic, these logs contain valuable information about the health of the system and database. Regular review may prevent a major disaster from occurring.
Redundant array of independent disks (RAID) configurations are a must. RAID enables individual hard drives to work together as an integrated subsystem. If one drive fails, you don’t lose everything. The storage subsystem continues without data loss until the failed drive is replaced. Make sure the hard drives are not swappable, and you may want to have a spare drive (or two) on-site for faster recovery. Also, make sure the RAID controller is dual-paired.
Back up your data
Two big advantages to third-party, cloud-based backups, which are highly recommended: 1) the backups are offsite providing disaster recovery protection, and 2) you don’t have to worry about ensuring you have adequate backup media on hand. (Backup media ages, too, and should be replaced on a regular basis.)
Probably the most overlooked aspect of backups is testing.
- When was the last time your backup solution was tested by doing a database restore? This critical point is true for any backup solution, cloud-based or premise-based.
- Another important aspect of backups is how far back can you recover? Two weeks? Six months? One year?
The effects of a ransomware attack or virus can be equally devastating. In my next article I will be talking about building a security foundation to protect your infrastructure and staff against cyberattacks.