If you are an IT professional that has been around for a long period of time, and if you had or still have to manage endpoints (workstations and laptops). You know of at least 1, if not more, fantastic stories about end-users losing their computer.
This could have been the traditional way, such as actually losing it somewhere (train, plane, hotel…) or the computer has broken down (I have no idea what happened… It just suddenly stopped working…).
But most likely you have some good (or funny) stories also. Sometimes end-users try to hide what really happened, not knowing we don’t believe a word of it, other times they are just plain honest. One of my favorite stories came from a user that brought in his laptop because his little daughter had colored the entire laptop. And when I say the entire laptop, I mean the entire laptop: Screen, keyboard, case… the works. This of course was an easy one to fix as the laptop still started and with an attached external screen we were able to recover all the data and place it on a new, clean (no pun intended) laptop.
But most situations were not so easy to solve. Broken laptops, stolen laptops, lost laptops, coffee drenched laptops and so on were a much bigger challenge to get the data back.
Every story has an issue that needs to be solved. Everyone has at least one piece of (extremely) valuable information that needs to be saved. No matter how many rules you have in place, and policies stating that all data needs to be stored on company file servers it will always happen. So you need to fix it.
Maybe less important (at least from the company’s perspective) but certainly very important for the end-user is the fact that they also store personal data on their devices. Whether it is pictures and videos of the family, or documents for the sports club where they participate, it doesn’t matter. To them they are very important files. And I know it is not our core job, but being able to recover those documents makes them very happy and pleased with the IT department, and that is also very important within the company.
So what can we do?
There are many solutions we can implement. And as always, it will be a combination of different protection techniques. Combining those techniques (or layers as I like to call them) will deliver you a good and effective data protection solution for endpoints.
Here are a few techniques that you should look at:
Roaming profiles, offline files and folder redirection
OneDrive & Dropbox for business (and others…)
If you can combine a few of the above (I know, there are more) you will already have a rather effective protection solution. Most corporate files will be redirected when connected, if something goes wrong the profile is saved. You might consider some cloud file system solutions (with control of course) and through the use of Group Policies you can force settings upon the user such as the default save location and more.
So why endpoint backup?
If you implement the above techniques, why would you still want endpoint backup? In an ideal world, all of the important files should be saved on the corporate file servers now and you can take a backup of that server.
Unfortunately, we don’t live in an ideal world.
Users aren’t always connected tothe corporate network and data is been modified / created during those times
Even with folder redirection and offline folders, users succeed in storing dataon places that are not redirected
Solutions such as OneDrive and Dropbox for business are not always used (even when we force them)
Users still save private data but know not to save it on places that sync with the corporate environment
And so on…
As a last defense, it is always a good idea to still put endpoint backup, with bare metal recovery (BMR) possibilities on your endpoints. After all, if they can manage to recover files when you are not around (or sleeping) that will be highly appreciated. Not to mention you will be the hero if you can quickly recover their personal files also…
Even when you have an imaging solution that can quickly rebuild a user’s laptop or desktop when it is totally broken or lost, being able to do a BMR in some cases (remotely helped for example) will come in convenient at some times.
Conclusion: Protecting corporate data (and personal) on endpoints is a matter of multiple layers or solutions. Endpoint backup is part of that approach and can not only protect those files that otherwise will fall through the maze, but also help you as an IT administrator to fix issues or help them when they are abroad, offline and so on…
Mike Resseler is a Product Strategy Specialist for Veeam. Mike is focused on technologies around Hyper-V and System Center.