Thought Leadership

5 Essential Elements of a Data Protection Strategy

Data Protection Strategy

(November 2, 2022) Steady increases in ransomware attacks and other data loss incidents suggest that organizations aren’t embracing the five essential elements of a data protection strategy. Analysts say nearly half of U.S. businesses still rely on outdated technologies and processes that were primarily designed for conventional on-premises backup.

Poor data protection practices deliver predictable results. According to one recent survey, almost half of all companies experienced a data loss event resulting in downtime during the previous year. Legacy practices are ill-suited for today’s environments in which data is often spread across multiple data centers, cloud platforms, edge servers, and endpoint devices.

A robust backup and disaster recovery strategy is essential for protecting your critical information assets and minimizing the risk of downtime. Here are some of the key characteristics of an effective BU/DR plan:

  • 3-2-1 strategy. The 3-2-1 approach to backup calls for making three separate copies of data, storing them on two different types of media with one copy stored offsite. This level of redundancy will help ensure you can access a good copy of your data in the event of a disaster, malicious attack or device failure.
  • Data immutability. Newer ransomware strains are known to spread throughout local systems in order to corrupt or encrypt backup files. Immutable backups that cannot be altered or deleted provide a critical hedge against such threats. At least one copy of your backup should use immutable storage or be completely isolated from local systems so that it can’t be compromised.
  • Geographic diversity. Research suggests that more than a third of businesses rely upon onsite data replication, which won’t provide any protection if a disaster incapacitates your main site. Geographic diversity, or geodiversity, refers to maintaining adequate physical distance between your primary site and your backup location. Cloud-based solutions make it possible to store redundant copies of data in different regions or even different continents.
  • Backup encryption. Encrypting backup data helps protect it in the event of theft or exposure. It’s also required to comply with regulations such as PCI-DSS and HIPAA. You should use strong, industry-standard cryptography — ideally AES-256-bit encryption, but at minimum AES-128 — and make sure the cryptographic keys are properly managed.
  • Frequent testing. Don’t wait until an actual emergency to find out if your backup plan is working properly. Perform frequent backups and verify they are working properly to ensure data, files, applications and other resources can be reliably accessed. Plans should be modified as needed to ensure they are meeting your recovery requirements.

Organizations with limited manpower and expertise may be better served by a managed services provider with experience designing and maintaining modern data protection and disaster recovery solutions. A qualified provider will reduce your staffing burden by orchestrating backup processes while also managing security and recovery processes. The provider will also test backups frequently to ensure they are working correctly and readily available in the event of an attack or some other disaster.

Although the consequences of data loss are well understood, too many businesses don’t have an acceptable backup and recovery strategy in place. Careful planning can help ensure the safety of your critical data assets.


Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting, custom software development, and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United.

Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile

Contact Us

  • Industry

  • Category

  • Regulation

  • Solution