Financial Data Protection: How Do Banks Backup Data?
2023-08-24 | Iris
Last passage has talked about the data retention requirements for financial institutions like banks. So how can financial industry ensure the data can remain secure? How do the financial institutions manage backups and disaster recovery to support business continuity? Let's take a look.
What types of data do banks need to backup?
As financial institutions, banks need to back up a wide range of data to protect their daily business operations and respond to various emergencies.
The types of data that banks need to back up include transaction data, customer information, security logs, system configuration files, application system data, certificates and keys, electronic documents, images, and other data such as financial data, employee data, office data, and so on.
The type and quantity of data varies depending on the size of the bank, type of business, data processing system and other factors. Generally speaking, large banks need to back up a larger amount of data and may need to back up more than millions customer information and transaction records, as well as a large amount of system logs and employee data. All these data will increase over time, so banks need to regularly evaluate their backup strategy to ensure that the backed up data can meet business needs and regulatory requirements.
Factors influencing the development of bank backup strategies
There are 6 major factors of that:
1) Data backup cycle
2) Data backup retention policy
3) Data backup storage location
4) Data backup strategy
5) Data recovery test
6) Data backup security
How do banks backup data usually?
Different business systems of banks have different data types. When performing backup and disaster recovery, they need to be protected according to the importance and protection level. Currently, there are four methods for backup and disaster recovery in small and medium-sized banks.
1. Active active failover
Active active failover is to use two servers that are backups of each other to perform the same service together. One host is the working machine (Primary Server) and the other host is the backup machine (StandbyServer). Under normal system conditions, the working machine provides services for the application system, and the backup machine and the working machine monitor each other to see if the other’s operation is normal. When the working machine is abnormal and cannot support the operation of the application system, the backup machine takes the initiative to take over the work of the working machine and continues to support the key application services to ensure uninterrupted operation of the system.
Active active failover is a real-time backup. Any software error, virus impact, misoperation, etc., will be synchronized across multiple copies of data. Therefore, only using this program for critical services, there are still considerable security risks. For example, there is no way to recover from data damage and loss, which can have irreversible effects in a catastrophic event.
2. Storing backup data in a branch office in the same city.
The most common mode of this data backup method is: regular backup + critical data backup.
Regular backup: It is to back up the data of a certain moment of the system to the hard disk or other media according to a certain time interval, and transfer it to a safe place far away from the data center in time to save it.
Critical data backup: It is to back up the updated critical data such as logs or bank statement in time and transmit them to a safe place (usually the main branch office in the same city). Critical data backups should be performed more frequently than regular backups. Critical data contains all operations of data updates. Therefore, using regular backup and critical data backup, it is perfectly possible to restore data to the last critical data state before the end of the backup.
Most of this solution operates in the way of manual transfer of periodic backup media and data communication transfer of critical data, with the advantage of less investment, using existing storage and database management system tools.
The adoption of this approach to disaster recovery shows that the bank has a basic knowledge of disaster recovery, but the means of protection is relatively single. In the event of a regional disaster, there is also the possibility of losing data that is critical to the bank.
3. Building datacenter in a branch office in the same cicy to do remote real-time backup
This means that while performing data update operations, backups are performed in both the operating system and the backup system, and the data update operations are both written to the local disk and transmitted to the disk of the backup system via a high-speed data communication line until confirmation of completely data update operations is received from the backup system.
In this scheme, the backup operating system is in a hot backup state, so the RTO is extremely short, besides the time of network switching. The technologies used generally include remote disk mirroring, remote database replication, and data network mirroring, etc.
4. Hosting the backup system in IDC datacenter in the same city to do remote real-time backup
This is similar to the third situation, the difference lies in the use of a third-party datacenter environment. The infrastructure conditions of IDC can vary, but the fundamental aspect lies in operational management. IDC's system, management and facilities are adapted to the Internet hosting equipment, which quite differs from disaster recovery center in operation and management. If there are no corresponding measures, the hidden dangers will be even greater.
Where do banks keep data backups?
According to regulatory requirements, backup data needs to be stored off-site. Therefore, the banking industry stores data backups in a secure location far away from the production server room to avoid data loss due to local disasters.
In the early days, backup data were generally transported to designated safe locations for safekeeping by manual security escorts. With the rapid development of technology, the banking industry basically has a multi-center disaster recovery architecture, which generally replicates and stores backup data to the local disaster recovery site or off-site disaster recovery server room through the network replication. Moreover, the recovery capability of backup data is pre-designed in the planning of multi-center disaster recovery architecture.
The banking industry's choice of backup location includes the following:
1) Data Centers: Banks will set up their own data centers and data backup facilities. These data centers usually have high-level physical and cyber security measures to protect data from unauthorized access and catastrophic events.
2) Geographically Dispersed Locations: To protect against the risk of a single location, banks choose to set up data backups in different geographical locations. These locations can be far away from the main data center or even spread across different cities or countries.
3) Cloud Storage Services: Some banks also choose to back up their data to a reliable cloud storage service provider. Cloud storage provides a high degree of security and redundancy, ensuring that data is backed up in multiple locations while providing fast and reliable recovery options.
In fact, data backup strategies may vary depending on bank size, regulatory requirements, and other factors. Banks will develop the most appropriate data backup solution based on their needs and risk management considerations.
How to easily backup bank data?
For reliable data security and backup, banks and finance companies can rely on Vinchin Backup & Recovery, which has help many banks protect their data.
Vinchin Backup & Recovery is a professional solution which supports data backup of VM like VMware vSphere, Hyper-V, XenServer, XCP-ng, oVirt, RHV, OpenStack, etc. and other data like database, NAS, file server, etc.
In addition, Vinchin Backup & Recovery provides Remote Site / Branch Office backup solutions. You can copy your backup data to remote DR center or cloud storage like Azure and S3, or copy your branch office’s backup data to HQ using Vinchin Backup Copy. When any disaster occurs to your primary production site, you can directly use the offsite backup copy to recover the VM to offsite production system. You can also transfer back the well protected backup copy from offsite to onsite, and recover the VM to onsite production system.
Want to level up your security? There is a 60-day full-featured free trial of Vinchin Backup & Recovery. Try Vinchin with its free trial now!
Banking data is crucial to customer privacy and business continuity so that banks should take data protection seriously. There are four common backup solutions for banks like active active failover, keeping backup media in branch office, directly backing up data in remote datacenter, and hosting backup system in IDC datacenter.
To easily build the backup system, you can select Vinchin Backup & Recovery which is the choice of many banks. Don't miss the free trial！
Thanks for subscribing! A confirmation mail has been sent to your mailbox, please check within 48 hours.