Jul 13 2017
Data Center

4 Best Practices for Better Endpoint Backup in State and Local Government

As employees move to use multiple devices, follow these critical steps to minimize threats to data.
by

Craig J. Mathias, a principal with the wireless and mobile advisory firm Farpoint Group, has more than 25 years of experience in wireless and mobility.

The risk of data loss can keep any IT manager up at night. Disappearing data can cause major expense and even serious damage to the credibility of a government agency and significantly affect the productivity of ­individual employees and workgroups. Endpoints are particularly vulnerable, with risks springing up like a perpetual game of Whac-A-Mole: user error; unauthorized data modification or other malicious action; and mobile devices being damaged, lost or stolen.

Today’s vast number of mobile workers and the adoption of bring-your-own-device (BYOD) programs add to the challenge. Critical and even sensitive data roams out and about on endpoints not always under the direct control of an agency. While backups can simply involve regularly copying files to a USB drive or cloud-sharing service, the most effective strategies encompass far more. It’s important to start with up-to-date operating policies, and then assure the integrity and security of government data on all authorized devices.

Best practices and solutions will make backups simpler, certain, compliant and complete. Incorporate these strategies to help lock down endpoint security:

1. Make Backups Automatic and Transparent

End users must be in compliance with agency-specific backup requirements, but never responsible for implementing them. While it is acceptable for users to make working copies with a flash drive or online (if secure and within policy), you should require employees to regularly connect to the government network so backups occur.

Backup solutions should be automatic and transparent at best, or at the very least trivially easy, ideally with no user interaction required. Users need to be trained on how to restore information, unless IT handles this function on behalf of users.

2. Cover Your Tracks with the Cloud

It’s easy today to use public and private clouds for backup, with a wide variety of cost-effective products and services available. The cloud also has a huge advantage over local backup volumes: The technology minimizes loss that can occur from events such as fire, flood, theft and related physical security ­challenges.

It may also be desirable in some cases to use two different backup ­solutions simultaneously for both local and cloud storage — the suspenders-and-a-belt approach.

3. Mobile Devices Need Their Own Management Solutions

Use mobile device management and mobile content management solutions. Backup is integrated into most MDM systems, and MCM uses software containers to isolate government data, which you can back up and manage separately from user data.

This is the preferred strategy in BYOD environments; an agency’s IT department is not responsible for nongovernment data.

4. Secure Your Backup Setup

Backups should be just as secure as any other data. This means that backup data encryption, authentication (ideally ­two-factor) and authorization must comply with the local security policy. To maintain integrity, the system should preserve multiple generations and copies. Also, be sure to check whether other government regulations require specific compliance measures.

Some might argue that damage to data is so uncommon today that anything beyond infrequent backups is unnecessary. But the potential for loss of end-user productivity is quite real. By applying a few simple, cost-effective techniques, you’ll go a long way toward assuring continuity when that backup copy is required, as well as supporting data loss prevention and disaster recovery.

Put Policies in the Driver's Seat

Employees should understand that the data they create, access and modify lies at the heart of effective government, and agencies must clearly define, communicate and reinforce policies. While you may need to update plans as new challenges arise, having standards in place helps assure that backups become a consistent and integral part of agency success. Here are key elements to implement:

Security: Spells out which information is sensitive; who can have access to it and under what circumstances; and what to do in the event of a breach, including misplaced backup copies.

Acceptable Use: Defines what activities can be performed with a computer connected to a government network, and prohibited uses as well. This includes defining such elements as anti-malware and backup activities.

BYOD Policy and Agreement: Authorizes specific device/operating system combinations and details connection activity required for updates and backups. Also, end users acknowledge that they must maintain the integrity and security of data, and give notice if a device is lost or stolen.

Education and Training Program: Instructs help-desk personnel how to handle not just data recovery, but also problems caused by not f­ollowing operational policies, with remedial individual education aimed at avoiding future issues.

Exactostock/Glow Images

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now