Posts

Changing the Focus on Backup Protection

Recovery-Point-Objective-RPO
As we’ve stated before, “Backup is easy; Recovery is hard”.  Every business should, at this point, understand the risks of poor data backup and protection. The risks come from the types and amount of data that is lost and, if it can be recovered, how long that recovery takes. And remember, recovery often takes more effort than simply restoring files from a backup set.

Perspective = Priority

When looking at how well your backup system is protecting your business, two factors should be top of mind:

RTO: Recovery Time Objectives — How long will it take to return to normal operations. RTO is not just the time it takes to load your data back onto your systems, RTO includes the time it takes to repair and recreate damaged information and data created or modified since the last backup.

RPO: Restore Point Objectives — Your RPO determines how much data you are willing to lose, or can afford to lose. Most small and mid-size businesses backup daily. On average, a system failure will result in half a day of lost data. For an office worker editing a report, this is traumatic and inconvenient. For a manufacturer or retail business, half a day can represent hundreds or even thousands of orders and financial transactions.

As always, quicker RTOs and smaller RPOs come with trade-offs.  Recovery methods like image snapshots, for example, can provide rapid RTOs and small RPOs. In exchange, you are likely losing granularity — the ability to recovery individual files.

Understand the reasons  you are protecting your data.  Protection from system failure, in which you need to recovery a full server, lends itself to imaging and other snapshot methods.  Recovery of files or data lost to program error, malware, or user activity, needs a solution with granularity.

Start with an understanding of the type of protection you need and your RPOs and RTOs.  From there, you can pick the solutions (yes, you may want or need more than one method) for recovering data and your business.


We offer  a range data protection solutions, with a range of products, for on-premise and cloud-based data. Contact us for a free assessment of which type of solution is best for you.


 

 

Should You Backup Data in Google Apps?

Hurricane Sandy
When running systems in-house, the need for backup/recovery and backup/restore services is clear.  Organizations must protect themselves from system failures and other events that can corrupt or destroy important information.  With Google Apps, however, the highly redundant infrastructure offers great protection from data loss due to system failures.

Why should you backup your data in Google Apps?

  • User Error: The most common form of data loss (~30% of all data loss)
  • Security Breach: A hacker gains access to your SaaS data
  • Third Party App Error: Any app downloaded in a Marketplace can have bugs – an opportunity for hackers to enter
  • Rogue Employee: User error that’s not accidental. Could happen with any disgruntled or former employee of your company
  • Software Error: Service outages and account suspension can happen

What can you do?

Deploying a cloud-to-cloud backup solution will protect your data.  Solutions  designed to backup specific solutions, like Backupify for Google Apps, provide enterprise grade features and services without breaking a budget.

Click here to learn more.

Cloud Backup/Recovery: The Same, Only Different


This blog post is the second in a series on Data Protection issues and practical solutions.

Data Protection Series

Backup and Restore, the most basic form of data protection, has been a standard IT practice since teams or Operators managed racks and rows of tape drives and tapes for early mainframe computers.  Borrowing from proven audio technologies, tape backups protected programs and data from the fickle failings of early disk drives.

As computers became more interactive, and more personal, the need for backup and restores services expanded.  Yes, your hardware might fail.  More likely, however, an assistant would “save as” over the boss’ most recent masterpiece.  Computers were new, and human error was inevitable.  Then came viruses, poorly written applications, spyware, bots, and the Internet (the ying and yang of all things good and evil).

As we move into the cloud, some of the reasons for backup/restore remain, and some new ones emerge.  

For those of us running Google Apps for Business, Education, and Government, Google’s highly redundant, multi-tenant infrastructure protects us from nearly all risk of data loss or corruption due to hardware or system failure.  Understanding the other risks to our data lets us decide when and how to better protect ourselves.

Third Party Applications

While domain-level access for applications is usually restricted to administrators, users often have the ability to run and connect third party applications to accounts.  Whether global or individual, poorly written third party applications can wreak havoc with your data.  Applications that need write access to docs, email, calendars, or contacts, can overwrite or delete content.  Determining the scope of a problem, and recovery, can be nearly impossible without reviewing all of your data.

User Error

Recent research shows that data loss within Google Apps is due to user error 63% of the time (0% is caused by Google).  As with any new system, unfamiliarity can bring unintended harm.  Ill-placed pastes, mistaken deletions, and save instead of “save as” are some of the ways data may be lost.   Even more complex, mistakes using Manage Revision settings, and permanently deleting items, can make recovery impossible.

Willful Misconduct

Protecting your data from the employee (or soon to be ex-employee) intent on doing harm is nothing new.  In Google Apps, as well as any other system, employees with access to sensitive information often have the ability to damage or destroy that information in ways intended to harm your business.

Security Breach

Google Apps is one of the most secure public cloud services in the world.  Even so, no system is ever completely safe from user identity theft or corrupt systems with access. A mal-ware infected computer running Google Drive can allow damage to data in Google Apps as easily as with a computer connected to a Windows server down the hall.  If a user — knowingly or as a result of social engineering — shares his or her identity, hackers and others can damage your data.

Google Error

While Google has never had errors resulting in permanent data loss, and Google’s systems are designed to withstand multiple points of failure, a very, very small chance still exists that a software or hardware error could corrupt data.

All of these cases are, and have been, reasons to run a backup/recovery service.  But at what point do you add backup/recovery to your?  For most, the answer is as simple as the answer to the following question:

If you had this data on a server in your computer room, would you back it up?

If the answer is “Yes”, than you should protect the data where it lives — even in Google Apps.

For others, it is one of critical mass.  When the cloud is considered a secondary data store, some wait for usage to reach a level “significant” enough to warrant the additional cost of backup/recovery services.  Unfortunately for some who “wait and see”, the significance is often measured by the pain of a data loss event.

—–

Read more

Tuesday Take-Away: Think in These Terms About Backup

In last week’s Tuesday Take-Away, I wrote about understanding requirements before thinking technology when it comes to backup, restore, and recovery.  The number of emails and questions I received was rewarding.  So, I thought I would take this time this week to define some terms and answer questions that I received in response to last week’s post.

Retention Period versus Retention Point

The Retention Period is the time period during which data is available to restore or recover.  A Retention Point is a point in time from which you can select to recover or restore your data.  Some backup solutions limit the retention period; others limit the number of retention points.  Be sure you understand how long data will stay in your backups if it deleted by a user.

Better solutions give you the ability to set both the retention period and the number of retention points for each backup set you create.  Great solutions offer Continuous Data Protection, where the system backs up files every time they change.

Off-Site versus Online Backups

Off-Site Backups are those in which the data is kept off-site.  While in some cases, off-site backups run between a company’s locations and data centers, off-site backups include backups to hosting companies and cloud-based providers.   In many cases, off-site backups provide for a local backup to disk that is then copied to an off-site location.  For some off-site services, the on-site backup history is complete, the off-site backup history is limited and intended for recovery more than restore.

Online Backups are those in which the data is backed up to an online service.  Better online backup services offer local backup copy options.   Online backup services will keep your full backup history in a vault; the local backup copy can be a limited set or a full set.

Online versus Disk-Based versus Vault Recovery

While every off-site and online backup solution gives you the ability to restore over the Internet, methods for recovery differ.

As the name implies, Online Recovery is over the Internet.  You restore your system to the point that you can start recovering files from you backup.  This is easy and reliable, but will be painfully slow.  Online recovery times are limited by your Internet bandwidth.

Disk-Based Recovery is when you recovery your files from a local or temporary disk drive.  Many off-site and online backup solutions will place your files on a DVD or a USB drive and ship it to you.  For some services, however, you need to send them the media first, adding to your RTO time.  Other services perform the restore, so your data is no longer encrypted when they send it to you.

A Vault-Based Recovery occurs when your online or off-site backup service ships you a complete vault — a computer with your encrypted data and the vault control software.  The backup software recognizes that the vault is now local and recovers your data securely at local network speeds.  Once on-site, recovering data from a vault is the fastest options, as data transfer rates are much greater than via the Internet or slower media such as DVDs and USB drives.

If you have more questions or comments about the in’s and out’s of backup solutions, please comment below or send me a message.

Next week, I’ll answer the question: “Is VDR a Cure?”