{"id":219,"date":"2021-03-17T08:01:59","date_gmt":"2021-03-17T08:01:59","guid":{"rendered":"https:\/\/iconit.co.nz\/?page_id=219"},"modified":"2021-09-14T15:07:13","modified_gmt":"2021-09-14T03:07:13","slug":"it-audit-backups","status":"publish","type":"page","link":"https:\/\/iconit.co.nz\/index.php\/it-audit-backups\/","title":{"rendered":"IT Audit – Backups"},"content":{"rendered":"\n

Are your backups<\/a> in place, and are they regularly being tested? Failure to test backups is a common occurrence in companies where the IT team is simply too busy with other projects to do this regularly, or where you have a third party looking after your backups, and they have not been reporting that they have completed testing \u2013 possibly because they haven\u2019t done any. An IT audit or review will highlight an issue with your backups, if there are any.<\/p>\n\n\n\n

It\u2019s the old story here; no one thinks about the backups until that time when they are critically needed, and they haven\u2019t been tested, and they aren\u2019t working. This has happened before to many organisations, and it will happen again. Please don\u2019t let it be you the next time.<\/p>\n\n\n\n

As a result of the IT Security and Phish workshop that Icon IT completed with my team,
we all have a heightened awareness and have implemented many of
Icon IT’s suggestions to further protect our business.<\/p>Amanda Stevens,\u00a0Ben Stevens and Team<\/a>\u00a0Real Estate<\/cite><\/blockquote>\n\n\n\n

Another reoccurring problem is that a new server gets added, but no one adds it to the backup regime.<\/p>\n\n\n\n

It\u2019s a huge business risk, and unfortunately one that happens all too frequently.<\/p>\n\n\n\n

The scope of the review<\/a> will determine how deep we dig; do you simply want to know your systems have been backing up and are being tested (test restores<\/em>), or we can go deeper and get evidence and reports so you can be absolutely sure?<\/p>\n\n\n\n

Having a review of your backups might mean that you can sleep a bit easier at night.<\/p>\n\n\n\n

\"IT-Audit-Backups\"<\/figure>\n\n\n\n

My data is backed up already by Microsoft 365 – isn\u2019t it?<\/h2>\n\n\n\n

Some organisations believe since they have their information saved in the cloud somewhere, that backups are no longer needed. This may<\/em> not be and probably is not the case. Unless you are paying to backup your data, it is not being backed up at all. Other people confuse availability with backups, thinking since (for example) their data in Microsoft 365<\/a> is saved in different geographic locations, they are covered. But this doesn\u2019t allow you to restore that deleted file required for a legal case from 5 years ago. Geographic Redundancy<\/em> is all about high availability, not backups.<\/p>\n\n\n\n

Having backups included in a review is a classic case of another box to tick for your board of directors; you can say your backups have been reviewed independently, and are either just fine, or that they have been reviewed and need changes.<\/p>\n\n\n\n

Icon IT would suggest changes where needed, in an IT Road Map<\/a> or as an independent report.<\/p>\n\n\n\n

\n
\n

<\/p>

    <\/ul><\/div>\n
    \n
    \n\n\n\n\n\n\n\n<\/div>\n