Are you showing enough data backup love to your field offices? If not, you run the risk of critical corporate data falling into the abyss. A comprehensive plan can protect data out in the field.

Your phone rings. It’s Dave from the Southwest regional office. He’s in a panic because one of the servers just went down, and all his Q1 contracts have relocated to digital purgatory. Can you help?

You should be in a position to help—but sadly, that’s often impossible. An astonishing number of businesses leave their field offices to fend for themselves: 41 percent of IT professionals who support remote offices admit they do not back up data in those locations, according to a 2011 InformationWeek study. Just 16 percent of those surveyed replicate their data to the home office.

Without a comprehensive backup plan to protect critical data—regardless of where it physically resides—your company is exposed to potential data losses. And aside from putting a dent in productivity and possibly losing revenue, your firm may also end up answering to federal or local regulators for violating data handling laws.

The Choice: Centralize or Keep It Local?

By definition, all the data your organization’s remote workers use is distributed outside the data center. Choose from one of two backup strategies: Either perform it locally or handle it from your headquarters. Each technique has its pros and cons, and ultimately your optimal strategy may combine the two.

Backing up data locally typically means shorter backup and recovery windows, since the data doesn’t need to travel over a network. But in many cases, there are no IT personnel at a remote site to manage a local backup process. In fact, 59 percent of firms with fewer than 10 employees in remote/branch offices function without any local IT staff, and 71 percent say they use onsite storage at some point in the backup process at those locations, according to a June 2011 survey by Enterprise Research Group (ESG).

That’s one of the reasons a centrally managed cloud backup architecture and a fully managed online backup service that covers even individual laptop computers appeals to enterprise storage managers. Centralized backup for remote and branch offices is gaining ground, though it’s still the exception. About 26 percent of organizations back up data from remote and branch offices over a wide area network directly to a centralized corporate site, according to the ESG study. That’s a jump from the 7 percent that operated this way in 2007.

However, backing up remote office data to a cloud storage provider or the company’s data center at HQ will not be the right fit in all cases. For large data sets, the cost of the bandwidth required to meet backup and recovery time objectives could make local backup the only feasible choice. Plus, high-speed data links may not even be available in some remote locales.

As you’re weighing backup alternatives, keep in mind that not all data and applications are created equal. When developing a backup strategy that encompasses remote sites, prioritize the most business-critical systems and give them the highest levels of protection.

Pull Out the Tape Measure

If it’s clear you need local data backup at a remote site, you then must consider whether to use traditional tape or a newer disk-based appliance. Tape is still far cheaper on a per-byte basis, and its reliability is unmatched. Moreover, tape is the preferred medium for shipping backup data to a disaster-recovery hot site.

But you’re still dealing with the staffing issue: Tape systems need regularly scheduled media swaps, and seldom can anyone at the remote location do that. In this situation, consider putting a trusted partner to work as your remote hands, eyes and ears to perform routine remote-site backups. Look for a partner that provides automatic alerting and tracking tools, and that follows industry standards for security.

Whichever options you choose, your overarching goal is still the same: making sure the data that is the lifeblood of your company remains safe and sound. There’s no excuse for leaving your remote offices vulnerable. With the right data backup strategy, all points on the map will be in good hands.

Do you have questions about data backup and recovery? Read additional Knowledge Center stories on this subject, or contact Iron Mountain’s Data Backup and Recovery team. You’ll be connected with a knowledgeable product and services specialist who can address your specific challenges.

Related Content

Tape-Based Archiving: A Smart Solution for the New Age of Big Data

Ready, Set, Migrate: Ensuring Constant Access to Your Data Archives

From Daily Backups to Long-Term Archiving: The Long and Winding Data Lifecycle

When it comes to records management, organization, storage and retrieval are often the first things businesses think about. However, disposition of records should be a critical element of every organization's records management program.

Destroying paper-based records through incineration or shredding may seem like a logical way to get rid of files that are identified as no longer necessary. In today's world, that just might not be enough to remove all traces of data from digital and electronic records. Increasing concerns about privacy and security means electronic data disposal must be carefully and systematically handled to minimize the risk of illegal and/or unauthorized access to information.

What is Disposition?

Disposition is the last stage of a record's life cycle, which encompasses the active, semi-active and inactive stages. Active and semi-active records are altered and accessed, but once a record becomes inactive, it is unlikely it will need to be accessed again. However, whether paper-based or digital, a record isn't ready for disposal until confirmation can be given that the information it contains will no longer be required for operational, legal, federal, state or professional association compliance reasons.

Prior to destroying or disposing of any electronic records, it is the business's responsibility to ensure compliance with any and all electronic records disposal regulations governing operations.

Proper Disposal of Electronic Data Is a Critical Component of Records Management

More and more businesses and organizations have moved to storing information in the cloud as well as on hardware, such as onsite or offsite services, and portable devices, such as laptops, tablets and smartphones. This means the proper organization, security and disposal of electronic data is becoming increasingly necessary. Sensitive and private information falling into the wrong hands could lead to criminal activity, loss of business and even legal action.

Electronic Data Exists in a Variety of Forms

Email correspondence, text or voice mail messages, patient or customer files and financial records are examples of electronic records that may contain sensitive data requiring special consideration during the disposal process.

Electronic data refers to information stored via a medium other than paper. Some examples include:

• Hard drives on laptops and desktops
• USB jump or flash drives
• Zip disks
• SCSI drives
• Magnetic tapes
• Audio/visual media such as CDs/DVDs

Deleting files and sending messages to a trash bin in an email program does not erase the data. Electronic files must be properly sanitized and purged before they can be considered satisfactorily disposed.

Digital Sanitization Methods

In records management, disposition doesn't necessarily mean destruction. There are other acceptable ways to remove records that have passed their required retention period. In most cases, sanitization is recommended to "clean" sensitive information from records and may include one of the following:

1. Destruction is used when the storage device is no longer required at all and can be completely destroyed. Examples include shredding, pulverizing and incinerating.
2. Purging can be accomplished via degaussing or secure erasing on a hard drive. Degaussing magnetically erases electronic information from tape devices and hard drives, but it isn't effective in clearing data from DVDs and CDs.
3. Clearing electronic data is commonly achieved by overwriting existing data using software that incorporates a fixed sequence or patterns of letters, numbers or symbols.
4. Disposal refers to dumping data without sanitizing it and is usually reserved for nonconfidential information. If it falls into the wrong hands, data that has been disposed of without being sanitized can be a privacy and security breach for both the responsible organization and the individuals or entities named in the records. In addition, the responsible organization or business could face legal action and litigation.

Choosing a Disposal Method

When choosing a disposal method for electronic records, businesses should take a variety of factors into consideration. How many records are being disposed of? What will it cost? What are the environmental consequences of destroying data through incineration, pulverization or shredding tapes? Does the technique chosen meet all the necessary legal and compliance standards? Has each activity been documented to ensure all internal policies and guidelines are being met?

Confirmation of Disposal Certificate

Records that have been disposed of through overwriting, sanitization or destruction often require a written disposition certificate as proof that disposal has taken place. This certificate asserts that the records have been destructed or disposed of, and the activity has been verified to ensure all identified electronic data has been removed.

The National Institute of Standards and Technology's Computer Security Resource Center includes a variety of publications to assist organizations in creating and implementing policies, standards and guidelines to manage technological security, including the proper disposal of electronic and digital records. Their Special Publication 800-88 Revision 1, Guidelines for Media Sanitization, updated in September 2012, provides detailed instructions and advice for organizations interested in disposing of their own records in a responsible and compliant fashion.

Using a Secure Data Disposition Service

Organizations may use the expertise and experience of a professional records management service as a simpler and more cost-effective means of secure electronic data disposition. Experts familiar with the federal, state and professional compliance requirements of your industry can complete the steps required to safely sanitize and dispose of old records, leaving organization staff free to carry on day-to-day business operations. Records management professionals receive ongoing training in the latest techniques for dealing with security and privacy breaches that may occur during the final phase of digital records management.

Do you have questions about information management? Read additional Knowledge Center Small Business resources, or contact Iron Mountain’s Small Business team. You’ll be connected with a knowledgeable product and services Small Business specialist who can address your specific challenges.