Posts

Cloud Backup/Recovery: The Same, Only Different

/in


This blog post is the second in a series on Data Protection issues and practical solutions.

Data Protection Series

Backup and Restore, the most basic form of data protection, has been a standard IT practice since teams or Operators managed racks and rows of tape drives and tapes for early mainframe computers.  Borrowing from proven audio technologies, tape backups protected programs and data from the fickle failings of early disk drives.

As computers became more interactive, and more personal, the need for backup and restores services expanded.  Yes, your hardware might fail.  More likely, however, an assistant would “save as” over the boss’ most recent masterpiece.  Computers were new, and human error was inevitable.  Then came viruses, poorly written applications, spyware, bots, and the Internet (the ying and yang of all things good and evil).

As we move into the cloud, some of the reasons for backup/restore remain, and some new ones emerge.  

For those of us running Google Apps for Business, Education, and Government, Google’s highly redundant, multi-tenant infrastructure protects us from nearly all risk of data loss or corruption due to hardware or system failure.  Understanding the other risks to our data lets us decide when and how to better protect ourselves.

Third Party Applications

While domain-level access for applications is usually restricted to administrators, users often have the ability to run and connect third party applications to accounts.  Whether global or individual, poorly written third party applications can wreak havoc with your data.  Applications that need write access to docs, email, calendars, or contacts, can overwrite or delete content.  Determining the scope of a problem, and recovery, can be nearly impossible without reviewing all of your data.

User Error

Recent research shows that data loss within Google Apps is due to user error 63% of the time (0% is caused by Google).  As with any new system, unfamiliarity can bring unintended harm.  Ill-placed pastes, mistaken deletions, and save instead of “save as” are some of the ways data may be lost.   Even more complex, mistakes using Manage Revision settings, and permanently deleting items, can make recovery impossible.

Willful Misconduct

Protecting your data from the employee (or soon to be ex-employee) intent on doing harm is nothing new.  In Google Apps, as well as any other system, employees with access to sensitive information often have the ability to damage or destroy that information in ways intended to harm your business.

Security Breach

Google Apps is one of the most secure public cloud services in the world.  Even so, no system is ever completely safe from user identity theft or corrupt systems with access. A mal-ware infected computer running Google Drive can allow damage to data in Google Apps as easily as with a computer connected to a Windows server down the hall.  If a user — knowingly or as a result of social engineering — shares his or her identity, hackers and others can damage your data.

Google Error

While Google has never had errors resulting in permanent data loss, and Google’s systems are designed to withstand multiple points of failure, a very, very small chance still exists that a software or hardware error could corrupt data.

All of these cases are, and have been, reasons to run a backup/recovery service.  But at what point do you add backup/recovery to your?  For most, the answer is as simple as the answer to the following question:

If you had this data on a server in your computer room, would you back it up?

If the answer is “Yes”, than you should protect the data where it lives — even in Google Apps.

For others, it is one of critical mass.  When the cloud is considered a secondary data store, some wait for usage to reach a level “significant” enough to warrant the additional cost of backup/recovery services.  Unfortunately for some who “wait and see”, the significance is often measured by the pain of a data loss event.

—–

Read more

Tuesday Take-Away: Think in These Terms About Backup

/in

In last week’s Tuesday Take-Away, I wrote about understanding requirements before thinking technology when it comes to backup, restore, and recovery.  The number of emails and questions I received was rewarding.  So, I thought I would take this time this week to define some terms and answer questions that I received in response to last week’s post.

Retention Period versus Retention Point

The Retention Period is the time period during which data is available to restore or recover.  A Retention Point is a point in time from which you can select to recover or restore your data.  Some backup solutions limit the retention period; others limit the number of retention points.  Be sure you understand how long data will stay in your backups if it deleted by a user.

Better solutions give you the ability to set both the retention period and the number of retention points for each backup set you create.  Great solutions offer Continuous Data Protection, where the system backs up files every time they change.

Off-Site versus Online Backups

Off-Site Backups are those in which the data is kept off-site.  While in some cases, off-site backups run between a company’s locations and data centers, off-site backups include backups to hosting companies and cloud-based providers.   In many cases, off-site backups provide for a local backup to disk that is then copied to an off-site location.  For some off-site services, the on-site backup history is complete, the off-site backup history is limited and intended for recovery more than restore.

Online Backups are those in which the data is backed up to an online service.  Better online backup services offer local backup copy options.   Online backup services will keep your full backup history in a vault; the local backup copy can be a limited set or a full set.

Online versus Disk-Based versus Vault Recovery

While every off-site and online backup solution gives you the ability to restore over the Internet, methods for recovery differ.

As the name implies, Online Recovery is over the Internet.  You restore your system to the point that you can start recovering files from you backup.  This is easy and reliable, but will be painfully slow.  Online recovery times are limited by your Internet bandwidth.

Disk-Based Recovery is when you recovery your files from a local or temporary disk drive.  Many off-site and online backup solutions will place your files on a DVD or a USB drive and ship it to you.  For some services, however, you need to send them the media first, adding to your RTO time.  Other services perform the restore, so your data is no longer encrypted when they send it to you.

A Vault-Based Recovery occurs when your online or off-site backup service ships you a complete vault — a computer with your encrypted data and the vault control software.  The backup software recognizes that the vault is now local and recovers your data securely at local network speeds.  Once on-site, recovering data from a vault is the fastest options, as data transfer rates are much greater than via the Internet or slower media such as DVDs and USB drives.

If you have more questions or comments about the in’s and out’s of backup solutions, please comment below or send me a message.

Next week, I’ll answer the question: “Is VDR a Cure?”


Iron Mountain Customers Stranded in the Wild?

/in

In an interesting turn of events, Iron Mountain announced it was getting out of the digital records management business.  Selling its business lines to Autonomy, a European technology services firm, Iron Mountain returns to its roots as an efficient off-site records management firm.

Never profitable for the company, Iron Mountain Digital, always seemed like a sideline business for the firm.  While those working in the unit were dedicated professionals, their pricing, offerings, and technology did not always stand up well to the competition.  And, the company was never able to convey an integrated approach to hard copy and electronic records management.

The sales leaves current Iron Mountain customers somewhat stranded.  While Autonomy will no doubt continue operations for a period of time, one must expect that at some point in the future customers will be asked, encouraged, or forced to migrate over to Autonomy’s systems and solutions.   Also unclear is what will happen to local support.

Fortunately, customers can take the initiative and explore their options.   With minimal overlap of services, customers can migrate to other online backup solutions that offer more features at a lower cost.

Companies interested in learning more can click here for a no-obligation assessment of their backup/recovery and archive requirements.