“What should I backup?” “Everything, right?” While that seems like the most obvious answer, it isn’t the most optimal. With data privacy being the central focus of compliance laws like the GDPR, HIPAA, and SOX, both the type of data that can be stored and the duration of time it is stored are under the scanner. Apart from the audit hassles and the risk of non-compliance fines, retaining data, even if it is in the form of a backup and is not actively being processed, can have serious legal implications.
The Importance of Granular SharePoint Backup and Recovery
With the growing importance of data privacy and retention, having the capability to selectively backup only required SharePoint sites can help your organization easily adhere to legal and compliance requirements. For example, if certain site collections contain sensitive or time-barred client content it should be possible to delete their backups. Consider project-based site collections once the engagement has ended, or a client specifically requests that a backup be deleted. You need to be able to easily and permanently deleted backups.
Other Compliance/Legal Requirements of SharePoint Backup and Recovery
A solution that offers comprehensive backup and quick recovery can protect your organization from data loss — that’s a given. However, with data regulatory laws aplenty, it is essential to also examine the compliance and legal requirements expected of SharePoint backup and recovery. Questions such as:
Where is my backup located?
Check on the physical location of data and its backups that is mandated by the regulations your organization has to comply with. Ensure that they match with your backup solution’s datacenters.
What will be the backup’s retention time?
As detailed above, understand the data retention times for your company’s data and for the clients that you work with. For example, client content that is no longer needed and legally must be removed, or project-based site collections that have run their course and are no longer needed.
What control do I have over the backup and recovery?
Security and Compliance Officers may need to have granular control over the specific content that is backed up and retained. For instance, backing up only certain site collections, recovering a single artifact, etc. Ensure that such provisions exist with your backup solution.
How secure are my backups?
Your organization’s data is only as secure as its backup. Check that your backup provider uses strong data encryption, is compliant with the various certifications that your industry demands (SSAE 16, HIPAA, GDPR, etc), and has regular audits.
Spanning’s Secure and Granular SharePoint Backup and Recovery
Spanning Backup gives granular backup control via its intuitive UI, so Administrators can select the specific Site Collections that participate in the backup process. Simply select or deselect the content you wish to protect and rest assured we’ll back it up or remove the backup securely. For a client’s test pilot, only those target site collections needed for testing can be backed up. Optionally, choose to backup all new site collections to protect sites created by end-users without administrative intervention. Thus you can easily meet all data retention and privacy regulations and demands.
Furthermore, Spanning understands that a robust backup solution means a secure and compliant one. Spanning Backup for Office 365 is compliant with SOC II, GDPR, and HIPAA. Your data remains safe at rest and in transit with 256-bit AES object-level encryption which is one of the strongest block ciphers available. Spanning also has data centers across the globe – so you can choose the location of your backups. Thus meeting all compliance and legal requirements that one would expect from a comprehensive and secure backup and recovery solution.
Get Backup that is Secure and Compliant.
*** This is a Security Bloggers Network syndicated blog from Spanning authored by Matt McDermott. Read the original post at: https://spanning.com/blog/why-granular-sharepoint-backup-and-recovery-is-important/