Data Privacy Detective | Episode 70 - Backup Copies: Preserving Your Privacy and Business Data

Mike Potter’s cat bounced on his keyboard years ago. His hard drive cratered, and he lost his data. But he turned this disaster from feline treachery into a career and a company. Backing up data is an essential part of data privacy and retention for businesses as well as for people. Why is this, how does it work, and what’s the impact on how we keep and protect our data?

Mike Potter is CEO of Rewind, an Ottawa, Canada based company that backs up, restores, and copies to its cloud critical information businesses store in their SaaS (Software as a Service) applications. Apps sit atop a user’s platform. Not unlike cats, they can cause problems. Ransomware attacks, employee mistakes, and many other forces can cause a business to lose essential data even when the platform itself is running well. Having a readily available backup copy can allow a business to continue its customer connections, its bookkeeping, and other essential functions without material disruption. That’s the business of Rewind.

Many Rewind customers are retail and other small to midsized businesses that use Shopify, QuickBooks, and other platforms for customer interface and keeping other essential data. While major platforms have good cybersecurity protection, none is immune from a hack attack. But beyond that, a business using a SaaS platform may not realize that its own account remains vulnerable to data loss. When a data loss occurs, the affected business must decide whether this constitutes a data breach, and if so, whether data breach regulations require immediate and usually expensive remedies.

A backup copy can help determine the cause of a data loss, whether from bad actors or accident. It’s a starting point to discern what went wrong and how a repeat can be avoided. It may lessen the impact of a ransomware attack if the data held hostage is available to the business anyway without paying a ransom to recoup the data.

When engaging a backup copy provider, a business should consider whether the provider has ample privacy protection for its business. A shaky backup vendor would represent a second vector for hack attacks. A business should vet companies that provide such services. Effective ones will offer services that include keeping data on servers within jurisdictions that have data localization requirements, having funds to afford first-rate cybersecurity protections, offering a 24/7 hotline, and providing excellent customer support.

Tips from Mike Potter to businesses on how to keep essential data private and secure when using SaaS platforms:
1. Make sure to use a password manager.
2. Use two-factor authentication.
3. Vet third-party apps before installing them about their strength and capabilities.
4. When you add teammates, make sure they receive the minimum level of permission needed.
5. Have a backup available.

If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

Show Notes

Mike Potter | LinkedIn
Rewind Backups | The Top-Rated Backup Service for SaaS Apps.

What is Data Privacy Detective?

The internet in its blooming evolution makes personal data big business – for government, the private sector and denizens of the dark alike. The Data Privacy Detective explores how governments balance the interests of personal privacy with competing needs for public security, public health and other communal goods. It scans the globe for champions, villains, protectors and invaders of personal privacy and for the tools and technology used by individuals, business and government in the great competition between personal privacy and societal good order.

We’ll discuss how to guard our privacy by safeguarding the personal data we want to protect. We’ll aim to limit the access others can gain to your sensitive personal data while enjoying the convenience and power of smartphones, Facebook, Google, EBay, PayPal and thousands of devices and sites. We’ll explore how sinister forces seek to penetrate defenses to access data you don’t want them to have. We’ll discover how companies providing us services and devices collect, use and try to exploit or safeguard our personal data.

And we’ll keep up to date on how governments regulate personal data, including how they themselves create, use and disclose it in an effort to advance public goals in ways that vary dramatically from country to country. For the public good and personal privacy can be at odds. On one hand, governments try to deter terrorist incidents, theft, fraud and other criminal activity by accessing personal data, by collecting and analyzing health data to prevent and control disease and in other ways most people readily accept. On the other hand, many governments view personal privacy as a fundamental human right, with government as guardian of each citizen’s right to privacy. How authorities regulate data privacy is an ongoing balance of public and individual interests. We’ll report statutes, regulations, international agreements and court decisions that determine the balance in favor of one or more of the competing interests. And we’ll explore innovative efforts to transcend government control through blockchain and other technology.

If you have ideas for interviews or stories, please email info@thedataprivacydetective.com.