Why Should We Care About Securing Business Data?

What the Heck is World Backup Day?

Computer geeks think every day is World Backup Day. For the rest of us, World Backup Day, March 31 each year. It’s a day designated to raise awareness about securing business data with backup copies.

Most computer savvy people habitually back up their data files. However, statistics show nearly 30% of computer users have never backed up files on their devices. And with people now collectively generating over 1.8 zettabytes of data a year, a lot of information could be lost in the blink of an eye. The importance of securing business and personal data has never been greater.

Just think about all the data you record in a single day: business transactions, timecards, service calls, human resources interactions, and more. For those not in business, photos, text messages, call logs, music playlists, social media posts, et cetera, are collected on your computer, smart phone or tablet. Everyone should care about World Backup Day.

The Cost of Data Loses

The “2017 Ponemon Cost of Data Breach Study” shows some good news over previous years: The global average cost of a data breach is down 10% over previous years to $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information also significantly decreased in this year’s study. However, even though cost per record went down, the number of records being breached went up. The average size of the data breaches in this research increased 1.8% to more than 24,000 records.

Despite the good news from the latest report, the statistics also show that data breaches and money lost from them are higher in the United States than the rest of the world. Business Insider reported last year that the average loss due to a data breach to U.S. businesses is over $7 million.

Average Cost of a Data Breach

  • Globally: $3.62 million average cost of a data breach, up 17% since 201
  • U.S. only: $7.35 million average cost of a data breach, up 25% since 2013

Average Cost per Record Breached

  • Globally: $141 average cost per record breached
  • U.S. only: $225 average cost per record breached

Expenses incurred resolving data breaches include:

Remediation

It takes an average of 46 days to resolve a cyberattack at a cost of $21,155 per day for a grand total of $973,130.

Loss of customers

In a 2016 survey of 2,000 adults by an independent technology market research specialist, 76% of customers said they would move away from companies with a high record of data breaches.

Business disruption

Business disruption accounts for 39% of external costs.

Regulatory fines

Data breaches can draw fines from a variety of agencies including the Federal Communications Commission (FCC), Federal Trade Commission (FTC), Health and Human Services (HHS), and Payment Card Industry Data Security Standard (PCI DSS).

Legal costs

Some companies, Target among the most highly publicized, have had to pay upward of $10 million to settle class action lawsuits, and that doesn’t include legal expenses.

Public relations

A data breach damages an organization’s brand and reputation.

Breached client records

The average cost for each lost or stolen record containing sensitive and confidential information increased from $217 in 2015 to $221 in 2016, according to the 2016 Ponemon Institute study.

Direct financial loss

Once your network has been breached, hackers may be able to access and manipulate your financial accounts.

Notification costs

Most states require private- and public-sector entities to notify individuals of security breaches of information involving personally identifiable information. Regulations such as the PCI DSS and Health Insurance Portability and Accountability Act (HIPAA) also require disclosure to consumers whose data has been breached.

Credit card re-issues and identity theft repair

A report from the U.S. Consumer Bankers Association indicates that re-issuing cards affected by the Target data breach cost over $172 million.

Effects on Small Business

The astronomical amounts of money lost by large corporations is incredible. How does that translate to local retail stores? Steve Strauss, an attorney specializing in small business who contributes to USA Today, wrote last year that, according to a Verizon 2017 Data Breach Investigation Report, 61% of breaches hit smaller businesses. That figure was an 8% increase over 2015.

A UPS Capital report adds:

=

Cyberattacks cost small businesses between $84,000 and $148,000

=

60% of small businesses fold within six months of an attack

=

90% of small businesses don’t use data protection for company and customer information.

In other words, small businesses, which don’t have the resources of large IT departments or legal staffs, have everything to lose.

How Data Breaches Happen

Data breaches can range from sophisticated malware attacks that utilize a squadron of malicious coders to a relatively simple but often used attack called a Business Email Compromise (BEC). BEC’s are a phishing scam where fraudulent emails appearing to be from reputable sources They are sent en masse to corporate employees with the hope one of them will make a fatal response.

Once a hacker gains entry to a company’s database, the door is wide open for a breach. Small businesses can easily lose customer lists and records. These could contain credit card and social security information, vendor information, financial and human resources data, and more. 

CSO, a company that provides corporations with information on securing business data, reported that Yahoo tops the list of the 17 largest data breaches of the 21st century.  In late 2016, the search engine giant announced it had approximately 3 billion user accounts compromised in attacks that dated back to 2013. User names, email addresses, birthdates and telephone numbers were filched, and most of the users’ passwords had been trashed.

Other notable data breaches include:

=

eBay: May 2014, 145 million users

=

Equifax: July 2017, 143 million users

=

Heartland Payment Systems: March 2008, 134 million users

=

Target: December 2013, 110 million users

The CSO story also reports that a July 2014 data breach of JP Morgan Chase not only affected 76 million households, the data of 7 million small businesses was also compromised. The bank reported that no money was stolen and there was no evidence that account information for affected customers was compromised in the attack.

Not all Data Losses are Breaches

Statistics show that 29% of data losses are the result of an accident, and no story represents that kind of loss better than the success of Pixar’s Toy Story 2. The movie that Rotten Tomatoes gave a perfect 100% and earned both popular and critical acclaim nearly vanished during production.

The Next Web reported on the accident in 2012. In 1998, with production nearly complete, somebody on the crew entered a line of code that began erasing the files. Oren Jacob, the chief technical officer at Pixar at the time, was working with an associate reviewing a directory that contained the assets of the story’s main character, Woody, when the files began disappearing.

The command responsible for the loss was designed to clear out unwanted files, but it was inadvertently entered by somebody working on the production somewhere it shouldn’t have been, and it slowly erased the files containing the characters of Hamm, Potato Head and Rex. The crew had to literally pull the plug on the server to prevent a total loss. Still 90% of the technical files had disappeared because the backups were not regularly reviewed, and newly entered data had pushed vital older data off the tapes.

The production was saved by Galyn Susman, the movie’s supervising technical director. She had been working from home due to the birth of her son, and her work station had a full copy of the movie on it, which prevented disaster.

The story emphasizes how one wrong computer command can erase a project, a company or a file filled with a lifetime of memories. It also puts an exclamation point on why World Backup Day should be important to individuals and businesses.

How World Backup Day Started

Igneous, a company that specializes in securing business data, reports that Adam Jefferson of Leeds, England inspired the creation of World Backup Day with a simple social media post. He had lost three years of data due to a personal computer crash because he had no backup files. On March 23, 2011 he logged onto Reddit and suggested a day dedicated to the importance of backing up digital data. His idea gained traction when another user, Ismail Jadun, secured the web domain and Twitter handle for World Backup Day. Jadun has been promoting World Backup Day ever since.

“I’m thrilled with the response to World Backup Day, and I hope it’s made a difference in people’s lives,” Jadun said.  “We all know someone who has lost critical data, whether it was their videos, photos, music, book reports, or personal stuff.  Hopefully this day will make everyone think about their situation, learn about the various options and get their files backed up.  I hope that World Backup Day sparks conversations about the enormous task of saving our digital heritage for future generations.”

Jadun set World Backup Day on March 31 to emphasize the message that people should not be an April Fool by not securing their business data.

Joining in World Backup Day Can Help Prevent Data Catastrophe

The files in business networks, personal desktops, laptops, smart phones, tablets and any other wireless devices should be backed up regularly. Jadun says data loss of the information they hold can come from either physical or cyber theft, hardware failures, natural disasters such as fires or floods, obsolete file formats, or by just being misplaced.

Backing up files today is relatively easy and there are two common solutions.

Local backup

External hard drives are available where computers are sold.

Off-site backup

Online or cloud-based backup services are readily available.

Igneous technologist Nick Kirsch offers additional suggestions:

Backup is only as good as your ability to restore

Creating a second copy is your primary concern, but being able to restore your data quickly from backup is equally important.

Aim for 100% reliable backups

Backup errors can be caused by a lack of automation. People forget to change tapes, don’t re-enable scheduled jobs, or inadvertently fail to capture all the data they should.

Don't forget that backup isn't an archive

Backup and archive both create copies of your data and it’s often easy to confuse the two. Where backing up files creates a second copy of the data in your primary system onto a secondary system or offline media, archive involves moving the primary copy to a secondary system or offline media to preserve inactive data. So, businesses should never forget to back up their archives, as well.
Not participating in World Backup Day or making it a regular practice securing business or personal data could be your loss.

Brian Bullock

Author