Tech Tips: Recovering from a “data disaster”

What would this situation mean to your financial advisory business?

You have options in the event of a data disaster, and there are steps you can take to ensure that it never happens again.

Broadly speaking, your stored data can be trashed by two types of problems: physical faults and logical failures.

Physical faults are hardware failures in which the underlying mechanics of your data storage drive fail. Failure can occur for various reasons. Destruction by flood or fire are the obvious ones, but there are less spectacular possibilities. Simply dropping a computer that has a hard drive inside can cause the heads of the unit to crash catastrophically, for example, while a power surge from a lightning strike or an outage can fry your data.

Your hard drive is going to fail eventually anyway, though, no matter how well you treat it. All such units eventually die. The magnetic signals on the storage media will decay, and the microscopic components in the drive will stop working one day, leading to ugly data corruption issues. Even solid-state drives, which have no moving parts, can fail.

Logical failures happen when software issues cause data to be written incorrectly to the storage drive. Simply powering off the machine unexpectedly or disconnecting a drive when software is busy writing a file to that drive can cause these issues, as can badly programmed software.

Criminal low-lifes have added another potential danger to your data: ransomware. This class of malware encrypts your data, then charges you to decrypt it. Victims typically are made to pay their anonymous online attackers in bitcoins. Some ransomware now destroys the encrypted data piece by piece until the victim pays up.

– recover your data

If your data has been smashed, scrambled, shredded or fried, then, ideally, you would have a backup from which to restore. If you haven’t, you’re in trouble – but you still may have some options. You can send your data to a consultant who can try to “scrape” the information from your drive for you, or you can try to do that yourself.

The consultancy route is often better for non-techie users. Typically, firms such as Minneapolis-based Kroll Ontrack Inc. will take a physically damaged drive and work on it in a “clean” room, taking your drive apart and using specialized equipment to read the magnetic media. These services will create as accurate a copy of your data as possible on their own computers, then use their own tools to extract the intact files for you.

If you want to recover your data on your own, then it must still be working physically, meaning that the data corruption comes from a logical fault. You’ll have to find a way to attach the corrupted drive to another computer, typically using a dedicated piece of hardware that can accept the damaged drive and connect it to another computer via a USB connection.

Then, you’ll want to use data-recovery software of your own to “trawl” for the files on the damaged drive. For Windows users, Recuva from London, U.K.-based Piriform Ltd., gets good reviews. Mac users can try FileSalvage from SubRosaSoft.com Inc. of Fremont, Calif.

This type of file recovery software won’t save you from ransomware, though, which leaves your data perfectly preserved but completely unreadable. Paying up is one option, although the U.S.-based Federal Bureau of Investigation advises against doing so, as there’s no guarantee that the crooks will keep their promise to send you the digital keys that unlock your data.

In some cases in which ransomware authors have written poor code, anti-malware companies have been able to produce tools that decrypt your data for you. The attackers typically create new versions, though, in a constant game of cat and mouse, so you cannot rely on this tactic.

– protect yourself

Whether or not you are able to recover your data after experiencing a disaster, your next step will be to ensure that you’re never left in the same position again. And that means one thing: backups. Even if your dealer firm or managing general agency has some backup options for company-specific data, you’ll probably have to invest in your own comprehensive solution for other documents floating around in your practice.

Any backup tool that you use should include “versioning,” which preserves multiple versions of your files as you change them. This feature enables you to retrieve old versions of your files even if the latest one has been encrypted by ransomware or accidentally altered with the wrong data.

Good backup software can retrieve files stored several versions prior, giving you plenty of options in recovering your data.

Where should you back up your files?

In the first instance, you may have a centralized file server or network-attached storage device in your office on which everyone writes their files, using software on your computers that manages this process automatically for you.

However, having files backed up on a single central disc or server is not enough – for two reasons.

First, if your desktop or mobile computers are connected to that drive all the time, then ransomware may find that drive and encrypt its data, too. Some ransomware strains are emerging that specifically target networked storage. The other danger is that the centralized disk may fail or your office may be damaged by a flood or a fire.

You need a secondary option – a backup of your backup – and, ideally, one that isn’t connected to your desktop or laptop computers all the time.

Cloud storage is one option. Having your computers or servers back up to the cloud can provide an extra layer of protection. Any cloud backup solution worth its salt these days will encrypt your data for you. However, beware backing up sensitive data to U.S.-based providers who retain control of the keys to your encrypted data, as this exposes you and, potentially, your clients to privacy issues.

Protect the privacy of your backed-up data by using services that let your business control its own encryption keys. SpiderOak, from Kansas City, Mo.-based SpiderOak Inc., and SOS Online Backup, created by El Segundo, Calif.-based Infrascale Inc., are good examples of such services. However, ensure that you don’t lose your own encryption keys, as doing so will render your backups unusable.

Whoever first said, “A stitch in time saves nine” could have been talking about data: procrastinating about online backups and assuming that the worst will never happen are all too easy.

History is littered with distraught businesses that made these same mistakes. Avoid becoming a victim.

© 2016 Investment Executive. All rights reserved.