It is no secret that data is growing astoundingly, and along with this, the need for physical storage grows.
It’s said that the size of the digital universe will double every 18 to 24 months.
However, many people aren’t sure where or how to store data correctly. There are two choices: local and in the cloud.
Local storage requires storage devices such as hard drives, tapes, DVDs, and USB keys, to mention a few. Unfortunately, hardware fails — this is unavoidable, and you can lose data that is in storage from failed or faulty devices.
Are you contemplating hiring a data recovery expert? Have you ever wondered how much it costs to recover lost data? Read on to learn about data recovery costs and why it’s essential to understand your options.
What Is Data Recovery?
Simply put, data recovery refers to the process of retrieving data from failing or compromised hardware storage. You should not confuse this form of data recovery with a backup recovery, which is the process of restoring backed-up data.
You can use a variety of procedures in data recovery to address varying circumstances.
You will need data recovery when a hardware failure prevents access to data stored on a hard disk, USB pen drive, or any other device.
There are essentially two forms of data recovery:
- Software recovery
- Hardware recovery
Software data recovery entails manipulating the binary information saved on a device. The loss of the data could be due to accidental deletion or overwriting.
Hardware recovery uses tools and other resources to attempt to repair device issues. This could be trying to copy the data to another disk or replacing failing components on a device. Data recovery professionals sometimes refer to this as in-place recovery.
Whichever recovery you use, it is clear this is not a DIY process. But there are a few steps you can try for yourself before engaging the services of an IT consulting professional. More about this later.
Challenges That Affect the Cost of Data Recovery
We have all heard the expression “big data,” and it is not an exaggeration. It’s simple math; the more extensive the data, the more storage we need. The more storage there is, the more likely there will be failures.
The bigger the data, the longer it takes to read, copy, and write the data. This, in itself, introduces a storage challenge. The devices need to be bigger and faster than ever.
Compounding this is the variety and age of storage devices in use. This can be from simple USB drives and external hard drives to advanced RAID technology.
Data recovery today involves a multitude of complexities and permutations.
In the past, data recovery needed a file system toolset or software. Nowadays, it is far more challenging.
For example, to recover a RAID system, the data recovery professional would need to access the configuration system before starting the recovery or may even need to restore the system itself. This is because the configuration system sets how RAID disks combine to form a single storage bank. Without access to the configuration, recovery is not possible.
Time to Recover
How big is big data? We’re talking petabytes (PB) of it. When we acknowledge this, data transfer speeds become a significant challenge and, at times, a barrier to successful data recovery.
Let’s look at an example.
RAID data transfer rates range from 100 to 400 MB/s. For this exercise, we’ll take the middle of the road at 300 MB/s. The total time to recover 50TB of data would be around 370 hours (15 days).
Suppose this is a dual redundant drive; you will need to do this twice, so it doubles to 30 days. Let’s assume the time to recover the storage configuration is another five days. The recovery is 35 days.
In most cases, recoveries like this would be abandoned.
Using the same arithmetic 1PB (petabyte, which is 1024 TBs) would take nearly 7,500 hours or roughly 300 days.
It’s simply not feasible. The data will be stale by the time it’s recovered. That said, it depends on what data you need to recover and its value to the business.
We have spoken of the range of storage devices, and we have a better idea of the impact of data transfer speeds. Storage devices encrypt the data even if it is not asked for! Even without a password, the data is encrypted.
The encryption key is kept in flash memory, a chip on the device board. If the board has burnt out, you cannot access the flash memory, and recovery is impossible.
Other Challenges for Data Recovery
The bottom line is that data recovery is a challenge.
Here are a few other aspects that impact the feasibility of recovery:
- The type of storage
- The condition of the device
- Its age
- The file system type
The decision to go ahead with data recovery depends on the value of the data. The challenges just described will influence your decision for sure.
Why Would I Need to Recover Data?
It is easier to lose data than one might think. It sounds crazy, but it is true.
You might have dropped your laptop or left your external hard drive in a hot car at the mall. You may have deleted some folders and files by mistake. Imagine your hard drive gives up the ghost the week before you are due to defend your Doctorate.
We know not all data can be recovered, and we understand now that recovery can take a long time and be costly.
Whatever the reason the data has been lost, or if you cannot access it, you will need the help of a data recovery expert.
DIY Data Recovery
There are a few things you can do before contacting data recovery specialists. The decision to try yourself is influenced by the nature of the problem, the type of device, the format and value of the data, and how much data needs to be recovered.
Here are a few things you can try:
- When you power up the device, listen for any sounds that weren’t there before
- If there are no sounds, you can try and connect to another computer
- If the device is still not recognized, test with a new power cable
- If the device is still not identified, you will need professional assistance
If the device clicks, whirrs loudly, buzzes, or makes a grinding sound, the damage is most likely physical and cannot be repaired without professional assistance.
If you gain access to the drive in the steps above, copy as much of the data to another drive or the cloud. You may find you need to repeat this a few times. This is usually due to the drive overheating. An overheating drive will shut down after a few minutes. It is worth persevering.
There is file recovery software you can buy and try.
If the problem is physical, the device may not power up. Obviously, you cannot install the recovery software.
Here are a few reasons you may need recovery software:
- Logical drive failures
- Partition table issues
- NTFS, FAT, or EXT file system problems
- Recovering accidentally deleted files
- Accessing formatted storage
Read the Terms and Conditions of the recovery software you elect to use. There will be disclaimers you need to understand. Watch out for those freebies; they usually have some catch.
The Cost of Data Recovery
If you have tried everything you can, had friends and family lend a hand, and nothing has worked, you will need to contact a professional.
Here are some indicative market-related costs to give you an idea:
- Data recovery from a hard disk costs around $1,000
- Recovering data from a flash drive or thumb drive is generally less than $500
- Information recovery from an external drive might cost anything from $800 to $2,000
- Recovering a NAS, SAN, or RAID array ranges from $1,000 to $10,000
- In most cases, recovering lost emails from Outlook or other systems costs less than $500
The actual cost of recovery is difficult to determine upfront. It’s all about the value of the data.
How to Avoid Data Recovery Costs
The most obvious solution is avoiding data loss in the first place. The precautions you can take to protect your data, be it personal or company data, depend on the resources you have and the value or importance of the data.
Let’s start with the most obvious data recovery tips and straightforward setup — backups!
Backup your Data
In essence, a backup is a copy of your data. It can be copied to a USB key, an external hard drive, a NAS (Network Access Storage), and to the cloud. You can use other storage, but the issue here is having the copy.
You don’t necessarily need sophisticated syncing software. Set up a daily, or at least once a week, routine to copy your data.
If your data is very valuable, perhaps consider 3-2-1. Three Copies of your data, two different media, and at least one offsite nowadays in the cloud.
Anti-Virus and Anti-Malware Software
Access to your data can also result from a virus or malware. There are a lot of products on the market to help you with this challenge. Do your research, or speak to a professional to find the product that suits your needs.
Once again, the value of your data will determine how much you will invest.
Regardless of the software you have installed, if you get ransomed, there is a strong probability you will need professional assistance.
In the previous paragraph, we discussed backups. What a relief to know you have clean copies of your precious information.
What Is the Cloud?
We have discussed the physical failure of storage. In addition, we have touched on the value of backups and the importance of antivirus and antimalware software.
Let’s talk about data security and recovery in the cyber world, or as many would say, in the cloud.
A son says to his dad, “Dad, what are clouds made of?” Dad replies, “Linux Servers mostly.” Jokes aside, the cloud we refer to is no different from on-premise computers. It is made of servers and storage; the only difference is that it’s accessed over the internet.
Why Use the Cloud?
Using cloud computing reduces certain IT expenses and overhead. For example, businesses no longer need to upgrade and maintain their servers because the cloud vendor will be doing it.
This significantly influences small firms that may not be able to finance their internal infrastructure but may outsource their infrastructure needs to the cloud at a reasonable cost.
Thanks to the cloud, your data is accessible from anywhere with an internet connection.
Is Data Secure in the Cloud?
Securing data in the cloud or securing it on-premise follow the same basic principles. Appropriate technologies, policies, and procedures must be in place to ensure data security and integrity.
Cloud service providers ensure cybersecurity is intact. If they didn’t, they wouldn’t stay in business.
With that, it would be reckless of any data owner or custodian, often referred to as data stewards, to simply assume that all data security measures are in place.
Cloud providers with robust security can assure that they, and therefore your business, are compliant with regulations such as HIPAA, GDPR, and PoPi, to name a few.
Cloud service providers that are regularly audited and certified assure that their services are robust and secure to protect even the most sensitive company information.
What if I Cannot Access My Data in the Cloud?
Storing your data in the cloud does not detract from having backups.
Here are a few reasons why you may not be able to access your data in the cloud:
- Loss of internet connectivity
- A drop in the speed of your internet connection
- System Maintenance at the Cloud Service Provider
- Cyber Incidents such as Ransomware attacks or Denial of Service attacks (DoS or DDoS)
- Forgotten passwords or 2-factor authentication failure
Even if your production or live data is in the cloud, making local copies is a very good failsafe.
The list above mentions cyber incidents. However, did you know that over 90% of cyber attacks were triggered by human error?
This is how you can mitigate the issues in the list above:
- Have a second internet connection
- Cloud service providers send out maintenance alerts; make sure the correct person in your company is aware
- Use a password manager (sometimes referred to as a vault)
- Make sure your cybersecurity response plan is up to scratch
It’s difficult to breach the cloud’s security, but it’s far from foolproof. Hackers can gain access to files stored in the cloud via automated and brute force assaults.
What Cybersecurity Measures Do I Need to Take?
While your cloud service provider will take every measure possible to secure your data, you have the responsibility to take countermeasures.
Your People Are Your Best Defense
It all starts with awareness.
Take time to keep your staff informed and alert by:
- Having a clear, communicated cyber incident response plan (CIRP)
- Running simulations
- Building a culture of transparency
- Encourage “If in doubt — Shout!”
Cyber security is a complex and, at times, intimidating space. Trying to keep up with all the threats and methods hackers and cybercriminals use to access your data is simply mind-numbing. However, having an informed, confident workforce is a quantum leap toward peace of mind.
The Power of the Password
There are some excellent practices to implement to manage passwords.
Consider these as a starting point:
- Establish a password policy of 8 characters or more
- Discourage password sharing
- If a password needs to be shared, make sure it gets changed ASAP
- Use a different password for each application
- Make sure there are no non-expiring passwords
- Change default administration passwords
Weak passwords are tantamount to inviting the hacker in for tea!
Use 2 Factor Authentication
We must do everything we can to improve online security and manage access to data. But unfortunately, we access data from multiple devices and different locations. As a result, our online accounts are undoubtedly attractive to hackers.
Luckily, another layer of protection we can introduce on top of passwords is known as two-factor or multi-factor authentication.
After the user enters their name and password, they must provide another piece of information.
This second piece of information might be:
- Something you know: a PIN, a second password, or the answer to a ‘secret question’
- Something you have: a hardware token, credit card number, or a smartphone
- Something you are: fingerprints, iris scan, voice print, or some other form of biometric
Which 2FA to choose is dependent on the value of the data you are protecting. Not all data is equal; you may find that additional folders, for example, have different layers of access security.
Don’t Skip Updates and Patches
All systems have vulnerabilities. Vendors and Service Providers will release updates and patches as soon a vulnerability is known.
This doesn’t only apply to applications. It is also relevant to hardware and firmware. You may need professional assistance in patching the hardware or doing firmware updates.
Classify Your Data
Not all information is created equal. Some information is more sensitive.
There are several kinds of information, so make sure you:
- Consider the information you can get from a company’s website, such as phone numbers and addresses
- Bank account numbers, Social Security numbers, and IRS information are examples of confidential or private information
- Trade secrets are included in this category of data
- Governments hold top-secret information, such as planning for times of conflict
Data classification will aid in the implementation of appropriate recovery methods. For example, losing your customer mailing list for a few days is not as disastrous as losing your patented product or service concepts.
Have a Plan
Effective management of cyber incidents, including data loss, entails a formal process for detection, containment, elimination, recovery, and post-incident activities.
Detection and Containment
Once a cyber incident has occurred, it is critical for the Cyber Event Response Team (CIRT) should take steps to isolate and limit the event so that it does not spread throughout the company.
The CIRT should examine the security incident and its impact on vital business activities during the incident management detection phase.
Elimination and Recovery
The CIRT must enact processes and procedures to resume business operations.
This method removes the incident’s components, such as uninstalling malware, deactivating hacked user accounts, and identifying and mitigating all exploited vulnerabilities.
Identifying all impacted hosts inside the company during eradication is critical so they may be remedied.
Recovery may entail recovering systems from clean backups, rebuilding systems from scratch, replacing compromised files with clean versions, implementing updates, changing passwords, and enhancing network perimeter security.
The CIRT should conduct a post-mortem, root-cause analysis and lessons learned activities with various teams and stakeholders inside the company.
To maintain continuous improvement, all proposed outcomes should be reviewed and implemented.
Policies and processes need to be updated as required.
Protect Your Data and Save Your Business
Data protection principles do not change whether you use a managed IT service, a cloud service provider, or your own IT department. The same applies to cyber incidents and recovery.
Losing data is more than just recovery; it is about avoidance too. Unfortunately, the reality is that systems fail from time to time. Therefore, it is vitally important to have the best mechanisms in place to prevent and recover from the loss.
As you can see, the data recovery cost depends on many factors.
We hope this article has given you insight into the most common causes of data loss and recovery, as well as how much it costs you in every way. Thankfully, IT support services can help.
Are you ready to take your businesses’ managed IT to the next level? Do you want to learn more about our IT services and what we offer? Then, let’s get started!