Ask most Practices if they have a ‘backup’ and they most always reply “Yes – we have a backup”. When asked “how sure are you that it is working, and does it include everything?” most are a lot less certain. Ransomware destroys any backup it can find. Does your strategy account for this?
Backup is a primary concern to most Practices (or should be). It is your lifeline after a natural disaster like fire/theft/flood, or more commonly now a deliberate attack by a hacker. We still live in a world where computers fail and people make mistakes, so a backup can save the day here, too.
Having “a backup” isn’t a singular approach anymore. A good backup is a strategy designed to provide you with a means of recovery that works for all the challenges.
No single backup solution is sufficient to protect you.
MME will review your Practice, how it operates, and what data exist within it to protect. We will work with you to discuss your options, their benefits and costs.
You cannot have too many backups. MME will plan a backup strategy for your Practice that is multi-tiered. Each plays a role and defends from different challenges.
- Knowing what data need backing up – Far to often when MME is asked to review a new clients network we discover that the previous IT person has not taken the time to learn where all your data are, and merely assumes they are on the Server. The odds are good that data are being missed by the backup. The most commonly missed piece of data is your most important, the SQL database that your practice management application uses to hold all your patient data, schedule, treatment data and financials. MME knows how dental software applications and imaging devices work and where they store their data. It is not always where you would expect. Many applications have their own built in backup routines, and these need to be properly configured for your selected backup solution. Understanding this is a critical first step.
- Shadow Copies – A simple first line of defense built into Microsoft Windows Server software. They can quickly and simply recover files accidentally modified or deleted by your staff. This is a free solution included in Windows Server and is simple to enable. Keep in mind that if the Server dies, this dies with it, and, in most cases ransomware is smart enough to destroy these backups.
- Onsite Backup – A good old-fashioned onsite backup is still the solution for a lot of problems. Configured to run on a schedule, they create daily, weekly and monthly imaged-based backups that are a full ‘photocopy’ of your entire server’s contents. These are usually created by backup software such as Acronis and stored on an external USB hard drive in an encrypted format. If the server dies, we can quickly restore everything back to the exact moment the backup was taken. Keep in mind that if there is a fire/theft/flood event at the location of the server the USB onsite backup drive usually suffers the same fate and may not be able to save the day. A ransomware attack will also look for any attached USB backup drive and destroy the backup.
- Offsite Portable Backup – Similar to the onsite backup, but they are done daily, and ideally carried offsite by a staff member each day. A number of portable USB hard drives are cycled through (one for every day of the week for example). Only today’s portable drive is attached to the server. They offer the same type of quick recovery as the onsite, but the USB drives kept offsite when not in use provide additional protection from fire/theft/flood and ransomware attacks. Fire/theft/floods or ransomware cannot damage them if they are not there.
- Internet Cloud Backup – The backup of last resort. Many people have gravitated to using an Internet backup as their ONLY backup in lieu of a local backup strategy. This can be a mistake. Eliminating the need to change portable drives and monitor local backups is appealing, but it exposes you to a larger issue – very slow recovery times. With a traditional USB backup we can usually restore a clients entire server in a matter of a few hours since it contains everything – the Windows server software, its highly configured setup, all of your Practice’s applications, and all your precious data. An Internet backup ONLY backs up the data its been configured to save. All the software must be reinstalled and reconfigured at great effort before any data can be restored from the cloud. All the data must be downloaded from the cloud. This can take days, if not weeks, depending on the amount of data. An Internet backup still has an essential role to play, however. A well configured, reputable Internet backup is nearly impervious to a ransomware attack. If ransomware were to strike, destroying the local server and attached USB backups, we could restore from the most recent offsite portable backup (a few days old), and then in-fill the missing days’ data from the Internet backup. This requires only downloading the missing bits, which can go quickly. You get the best of both worlds, a quick recovery of the server from the offsite portable backup, and you get all the data back by combining it with the Internet backup.
- Monitoring – There is no 100% reliable backup solution. Period. Any backup strategy MUST include monitoring it regularly. It should be tested periodically to be sure the backups are usable. MME’s Proactive Server Maintenance plan is designed to do just that. We keep an eye on the backups and test them monthly to be sure they are ready if you ever need them. Learn more about MME’s PSMA program and its other features here.
A great backup for your Practice will likely include one or more components mentioned above, providing you with a layered defense to help survive any challenge that comes along.
Please Contact Us to have us evaluate your Practice’s backup strategy.