Deleted data by mistake? Here's how to get it back

Davey Winder offers some timely advice on what to do if you accidentally delete some important data

Data deletion can be caused by all sorts of unexpected, events: sudden hardware or software failure, malware activity and, perhaps most commonly of all, simple human error.

Some examples of the latter I have experienced have included accidentally reformatting a laptop drive, tripping over a wire that pulled the power lead out of a desktop machine and corrupted the data being written at the time, and - most common of all - deleting the wrong file or directory.

Avoiding human error is, quite frankly, all but impossible as we all make mistakes. Avoiding the potentially costly impact of deleting important data is not only possible but absolutely imperative in terms of business continuity.

Planning ahead is the most valuable mitigation strategy, and includes the obvious process of backing up your data. Quite apart from the immediate interruption to your business processes and stifling of cash flow, consider the cost in man hours of manually reconstructing the lost data.

Advertisement
Advertisement - Article continues below

So think of data backup as insurance, with recovery of your business information the pay-out after an accidental loss. And the best news: it's much more affordable than many businesses think.

Traditionally, there have been three main data backup options: tape, direct attached storage (DAS) and network attached storage (NAS). These days you can also add cloud to that list.

Tape still has a place as an off-site system for the less time-critical data volumes, and is relatively inexpensive when compared to DAS but positively exorbitant when sat next to the average cloud backup scheme. NAS is also still relevant, particularly for small companies, thanks to it needing less dedicated on-site IT resources. However, it could be argued SMBs can get the same benefit at less cost (and some would argue with greater resilience) by using the cloud.

Clouding up

The kind of data you have will determine your backup strategy as much as the size of your budget. Data, which changes by the hour, should be backed up by the hour. Data that is of vital importance to the business should be recoverable in as close to real-time as possible, and an organisation which is experiencing rapid growth should have a backup system that can be efficiently and economically expanded to accommodate it.

All of these things point increasingly towards the cloud, at least from the end user perspective. Your organisation will simply see a web browser-based interface for administrating the sending and retrieval of data to and from the cloud, but your data will be physically stored within a secure datacentre of the kind you are highly unlikely to afford to run yourself.

So the advantages of using the cloud for backup are obvious enough: if the office is closed by flood or fire, your server crashes and all seems lost, the cloud enables you to access your mission-critical data from a laptop and keep your business running as if nothing had happened.

From the cost perspective, there are no requirements to purchase and maintain any additional hardware infrastructure. But what about the downsides? Can you trust the cloud if disaster strikes? The question of cloud security has, for all intents and purposes, been answered in the affirmative; done with due diligence the cloud is as secure as any other data store.

There's also a good argument to suggest that because the cloud provider has invested in the kind of resilience at all levels, from power and cooling through to standby servers, there is less chance of hardware failure than within the average organisation.

Even if you don't consider cloud to be a fully blown disaster recovery solution, it does have another trick up its sleeve: as a 'hot and cold' file store. You can stack versioned copies of business critical files in the cloud and recovery them in real-time should an accidental deletion occur on the organisational hardware.

Advertisement
Advertisement - Article continues below

But what about when, for whatever reason, you don't have a current backup - even a hot and cold cloud copy? Is everything lost, both figuratively and literally? The answer is possibly, but probably not truth be told.

Data recovery is usually possible, although it doesn't come cheap if you need to outsource it to a specialist contractor with the kind of clean room facilities required when dismantling hard drive platters or the in-depth understanding of getting data from a damaged SSD drive flash memory chip. What you should, and just as importantly shouldn't, do in terms of data recovery depends entirely on the kind of mistake that has deleted the data in the first place.

If the human error involves the death of your storage drive, then a knee-jerk reaction involving downloading software to recover your files is almost always a bad idea because you quite simply cannot know the full extent of damage to your drive and to the data upon it. A little knowledge, in such circumstances, is a very dangerous thing; especially if you want a data rescue outfit to be able to recover anything meaningful.

There is a chance it may work, for sure, but if the data is valuable then that chance is not worth taking when balanced against the risk of corrupting it further. The single most important rule when faced with a drive failure is don't try to use that drive again, don't try to reboot it and - if it does mount - do not copy any data from it.

Any of these actions could compound the damage to the point where what is forensically recoverable isn't practically usable. Instead, best practice is to turn off the computer/server and swap the disk out at once before calling in the data recovery experts.

If your drive is perfectly functional, and the cause of data deletion is user error, then things become much simpler. For a start, there is a reason why IT security people place such an emphasis on the secure erasing of decommisioned drives; simply deleting, or even reformatting, a drive does not actually destroy the data, it just makes it less visible.

Time is of the essence, however, because while your data will still be there the filesystem will have given instructions that the space it occupies can be reused and there is every chance that chunks of your files will be overwritten quickly enough. Indeed, it's this over-writing methodology that is most commonly used to 'shred' data when disposing of a drive.

Overwrite the data enough, with appropriate amounts of new and random data, and the original becomes all but impossible to recover in any meaningful or affordable way. This is all good news because there is are a plethora of software out there that will do the reverse of the shredding thing, and pull your data out of the smoke and mirrors storage and make it visible again.

A scan of the drive or directory is all that is needed, and can take anything from a few minutes to a few hours depending upon the size involved, and a list of recoverable files will be returned. You are then just a mouse click away from getting your data back.

Whether it is returned to you in one piece or not will depend on what you have done between deletion and scanning for recovery. Just as the warnings about not using a damaged drive for fear of doing more damage, so the very act of installing the recovery software can overwrite some or all of the data you were hoping to recover.

Advertisement
Advertisement - Article continues below

There are two ways to avoid this face-palming scenario and that's to either use an online service which doesn't require installation or to have the software already installed. Both come back to a point I've made before: the real solution to recovering erroneously deleted data is to plan well ahead. Be prepared for when disaster strikes and you stand more chance of recovering what has been loss and less chance of having a stroke.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/back-up/29084/how-to-enhance-your-backup-strategy
backup

How to enhance your backup strategy

10 Oct 2019
Visit/data-loss-prevention/28864/data-recovery-why-is-it-so-important
data recovery

Data recovery: Why is it so important?

9 Oct 2019
Visit/security/29068/is-your-company-taking-enough-accountability-on-cybersecurity
Security

Are you taking enough accountability on cyber security?

14 Jun 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/business/policy-legislation/354282/boris-johnson-suggests-uk-will-side-with-us-over-huawei
Policy & legislation

Boris Johnson suggests UK will side with US over Huawei exclusion

5 Dec 2019