Backup and recovery are critical for anyone who is building a data-protection structure. From the earliest days of computing, setting aside a recoverable second copy of essential business data has made the difference between a business' survival and its painful death.
Studies by the University of Texas and the Small Business Administration assert that 93 percent of companies that sustain a loss of critical data go out of business within two years. No competent IT manager would assume that kind of risk. But businesses too frequently don't talk about making a backup copy of critical data until a disaster strikes. At that point, it may well be too late.
The data center cannot be the sole repository of mission-critical and business-critical data. It's vulnerable to threats from within and without. Natural disasters such as Hurricane Katrina or man-made catastrophes like the attack on the World Trade Center make extreme and showy examples. Less showy and more mundane examples include fire or water damage, human errors, and malicious attacks by viruses, worms or other malware.
As a result, offsite backups are less a convenience and more a necessity.
Below are five worthwhile tips regarding offsite backup and recovery.
A 1. Plan, plan, plan. The IT professional has an ethical mandate to safeguard the data with which he is entrusted. It is essential to secure data's survivability, and is by no means an off-hand consideration. The key planning consideration is a profound understanding of the data being managed. The question to be answered is: What data needs to be protected with offsite backup and recovery tools?
You must decide whether it's necessary to protect your operating system, word processing software, spreadsheet makers or similar application programs. If you no longer have the original CDs, backup will be vital to re-installation.
The records that you keep should have priority -- records are data objects that have either legal or business consequences should they be lost. These would include databases, including customer contact and ordering records, and inventory control materials. Financial software data files, such as essential spreadsheets for accounting and human resources, need that layer of offsite protection.
E-mail is a more and more important source of business records, and needs to be kept safe for both legal and operational transactions. Documents, including memoranda, work product text files, and other intellectual property should be kept under the umbrella.
A 2. Adhere to a schedule. Your data is only as secure as your last backup. Data important enough to be sent offsite needs to be protected on a predictable, repeatable schedule. If your HDD crashes and there has been no backup in four weeks, that time frame is your window of vulnerability.
Backup on a daily basis is commonplace, and is scheduled within a backup window that will not impact the ordinary daily operations and transactions of the network.
A 3. Offsite storage concerns. Transmitting data offsite requires a software solution that provides reliable and repeatable performance. Additionally, data that is going beyond your firewall should be encrypted against external inspection. Key databases with sensitive client identity information, billing records, tax records and payroll are favorite targets for network snoopers, identity thieves or greedy information brokers.
The stronger the encryption method, the more likely it is that data raiders will give up and seek less cautious prey.
A 4. Vendor selection. Selecting an offline backup software vendor can make the difference between an easy deployment and a nightmarish experience. At no time in the development of your infrastructure should you be more risk-adverse than in purchasing your remote backup system.
The vendor needs to be experienced; brand-new players are untested, and untested solutions are too great a risk for the data your business survives on. It also needs to provide sound pre-sale consulting advice and excellent after-sale support. Remote backup is nothing new, and established vendors can show a history of deployments covering a wide range of infrastructures and backup/recovery strategies.
A 5. Test, test, test. In an ideal world, there would never be a need to restore data from an offsite backup repository. But in the real world, both accidents and malicious conduct take place. The greatest mistake that disaster recovery planners continue to make is that they do not regularly test their plan.
You need to have a comfort level that testifies to the reliability of the restore function in the event of catastrophic data loss. Just like backup, testing the restore function should be done on a regular, scheduled basis. Too many businesses have attempted to restore files only to find them unrecoverable.
Data is recognized as an important corporate asset that wants safeguarding. Aside from the direct financial losses that can result from catastrophic data loss, there are indirect effects that range from loss of investor confidence to customer flight and lost opportunity costs. The drivers for protecting data are many: smooth corporate operations and transactions, compliance with an array of regulations, litigation support, and much more.
Business continuity, however, continues to claim primary share of mind when considering the assembly and deployment of an offsite backup and recovery operation. Businesses now operate around the clock, and depend on constant data. A well-planned, well-tested offsite backup and recovery infrastructure gets you back in business fast.
The alternative doesn't always bear considering, and hindsight will not un-ring the bell.
Mark Ferelli is a veteran storage technology expert and commentator.
