POPI Article – The Importance of Backup & Disaster Recovery in Putting Protection of Personal Information First

software-engineers-working-on-project-JRT9C8L (1)

Your data is your business’ lifeline. No business can operate in this day and age without taking serious measures to protect their data. And, in recent years, the storage and management of data has become more than simply an internal discussion between a company’s CEOs and IT team. With legislation like the EU’s GDPR data protection and the South African data protection act, the way that you store your clients’ and employees’ personal information is now being regulated by the government as well. That’s what makes having a backup and disaster recovery system in place essential for any business.

While the Protection Of Personal Information (POPI) Act has long been in the works, it officially came into effect on 01 July, 2020. Businesses have been given a year to comply, so by 01 July, 2021, you need to make sure that your business is safely and securely storing any personal data that you need to operate.

Becoming compliant can seem like a mammoth task. Many companies don’t have systems in place to keep track of their data. Even those that do may be storing the information in multiple ways, or storing unnecessary information without realising it. There are so many bits and pieces to the process that it can be easy to lose track. But, rest assured. We are here to help you ever step of the way with our series of POPI blogs to see you becoming compliant.

Backups will become your business’ backbone

We’ve already looked at the importance of performing a POPI compliance audit as the first step to becoming GDPR compliant. The main role of performing an audit is to answer the questions of what data is being stored, what it’s being used for, who is accessing it, and why. Once you know these answers, it’s time to do a data protection gap analysis, and ensure that your data is as secure as it can possibly be.

There are three areas that make your data susceptible when it comes to the Protection of Personal Information Act:

  1. Cybercrime
    It’s a constant battle that every business has to fight. Cyber criminals are becoming more sophisticated, even as our technologies are advancing to fight them off. One of the most common methods of cybercrime is encrypting your data and holding it ransom. As you an imagine, this particular method of attack opens you up to more than just lost data. It can seriously impact your POPI compliance, especially if it turns out that you were negligent with the personal data that you store.
  2. Loss & Corruption
    It’s not just cyber criminals that corrupt a business’ data. Hardware and software faults and failures can see the personal information that you store becoming compromised. And losing personal data is just as dangerous as storing data that you don’t need. It can have severe implications for your business, both in terms of the Protection of Personal Information Act, and for your reputation in general. This makes it even more important to have a plan in place to ensure that the sensitive data in your possession doesn’t become lost or corrupted.
  3. Human Error
    Errors happen every single day. People make mistakes. Any business that deals with people and hires humans will run the risk of human error. And having this added to the mix when it comes to personal information can put your business at risk. Sometimes these errors occur by mistake. Other times errors are purposeless made by malicious (often previous) staff members. Whichever the case, when it comes to personal data, the risk is very real that human error can affect your POPI and GDPR compliance.

Luckily, there is one solution for all of these problems. Keeping your data safely, securely, and regularly backed up. This may see you breathing a huge sigh of relief. “I’ve got a cloud solution,” you may be saying to yourself, “I’m already backed up and covered.” While many businesses think that just by storing their data on the cloud, it’s already being backed up, you may be surprised to find how little backup cloud solutions provide on their own.

Thankfully, this is an area that a number of IT companies can help you with. Service providers like Solid Systems offer a wide range of backup solutions to meet all of your business needs, ensuring that your data is stored according to all compliance regulations. In fact, trusting an external company to manage your data backups could be the wisest decision for keeping your data compliant, as IT companies like Solid Systems have been taking their clients’ personal data storage seriously for decades. They are perfectly placed for keeping their own data safely stored and managed, making them the perfect partner for keeping your data safe and secure.

Is backup enough on its own?

Much like those businesses who sighed with relief, thinking that their cloud services automatically backed up their data, there are likely many people reading this, sighing with relief at the thought that their data is already backed up elsewhere. After all, it can be easy to think that once your business’ data is backed up, it’s secure and you’re compliant.

We’re sorry to be the bearers of bad news (again), but backing your data up is only half the process for protection of personal information. You also need to have steps in place for recovering your data when disaster strikes.

Picture this scenario, for example. An extended power outage knocks out your city. It’s not unheard of – load shedding and blackouts are problems that are faced by South Africans on a regular basis, after all. But when load shedding ends, your systems refuse to come back online. Your data is stored in a data centre on the other side of the country, but you have no access to the information that it holds. How are you going to bring your systems back on line? How long will your business be at a stand-still while you wait for your servers, apps and information to be available?

This is where Disaster Recovery solutions come in, ensuring the protection of personal information, even when the worst happens and disaster strikes.

A service provider like Solid Systems can help you come up with a Disaster Recovery plan, ensuring that the data and apps most vital to your operations (and reputation) are both backed up, and quickly and easily accessible. This will ensure that even when disaster strikes, your business will be able to continue uninterrupted. Essential services will be restored within a manner of minutes, while the rest of your apps and data gets restored in the background.

This also means that your data will never be held at ransom, since you’ll always have duplicate copies of it available to you at a moments notice, ensuring the protection of personal information within your business.

Tick data storage off your POPI act compliance checklist

There are so many threats out there. Ensuring that your data is secure, whether it’s business-related, sensitive or personal, is essential. That’s why you need a partner that you can trust to keep your data safe, secure, compliant, and readily accessible, even when disaster strikes. That way you can tick data storage off your POPI act compliance checklist Having a company like Solid Systems by your side to help you put the protection of personal information first is vital to your business’ continued success. Contact Solid Systems today to find the best data backup and disaster recovery solution for your business.

Want to learn more about staying POPI and GDPR compliant? Check out the other blogs in our series:

POPI Compliant Audit

The First Step in Helping Your Business Become POPI and GDPR Compliant


Daniel Avinir

Daniel Avinir

Head of Client Success at Solid Systems | Virtual CIO I have a love and passion for people, their minds, technology, and nature.I believe in empowering people to work in increasingly flexible and productive ways, helping them unlock the collaboration potential and leading the cultural & technological change of our time.

Didn't find what you were looking for?