Backups...Why They Should Be Your Top Priority
Brian Moore - RemedyWave Senior Linux Admin
When conducting data center assessments for RemedyWave one of the first things I ask customers about is the status of their current backups and what backup strategies they are using. It's always surprising how many companies, both small and large, have very limited data backup routines when it comes to one of the most important assets of their company...their data. Companies will fortify their network firewalls, install all the latest server hardware, but then neglect to upgrade their backup strategies.
Here is a quick high-level overview of some of the key elements I have customers review when advising them on a backup strategy.
Risks to Your Data
Your data is always at risk. The facts are that: computer systems occasionally fail, cyber-attacks are on the rise, and viruses and ransomware attacks occur on a daily basis to companies all around the world. Of course you can also take into account: possibly natural disasters, fire, theft, or just employee operator errors. The list is almost endless, but the bottom line is that your data is always at risk from some type of threat.
What Is Your Data Worth?
Putting a monetary value on your data is essential. Do you store valuable customer financial or medical data? Are the software applications and data on your systems easily replaceable, or will your business be wiped out if those items are gone? If you are running extensive machine learning algorithms then maybe you can afford to rerun the programs to regenerate the data. On the other hand, if you are running an ecommerce site that stores customer financial data, this data must be protected.
What to Backup
By evaluating what your data is worth helps you decide what exactly you should backup. Often essential data only makes up a smaller percentage of your systems, so backups can target that specific data. If you have limited backup capacity, then backup the data with the highest monetary value.
If you are an app developer, the data on your development servers should be considered very high value. If your entire business runs through a website then the entire web and app framework is considered high value.
Backup Strategy Options
A backup strategy can mean different levels of RAID, local versus cloud-based backups, or local versus off-site backups. This part of the RemedyWave data center assessment normally takes the most time since there is no exact solution that will apply to all customers. Every company has its own set up unique requirements.
You may opt for third party cloud storage from: AWS, Google, or Microsoft. A popular hybrid solution may also involve some data backed up on-site, with the remainder utilizing cloud-storage backup options. The chosen strategy will also be influenced by storage location compliance.
Data Retrieval Time
Your data retrieval time requirements should take into account the amount of time you can spare while the backups are retrieved versus the potential money that is lost while waiting for the backups. There are generally lower costs associated with long-term backup storage but retrieving this data may take days. Long-term storage is best for non-essential data or programs.
Off-site backups that can be retrieved immediately will cost the most and are best for essential data. Of course you can also have on-site backups. Then your retrieval time will be determined by any limitations of the backup system you are using.
I like to recommend a combination of on-site and off-site or cloud-based backups, since this will generally give customers the most flexibility at the least cost. The RemedyWave technical support experts are quite good at helping you build and maintain a backup strategy for your systems and can help take the confusion out of these decisions.
Storage Location Compliance
If you are in a country that has strict data laws, you may not be able to store backups with third party out-of-country cloud-service providers. If you are in Europe, Europe's GDPR has some very strict requirements regarding data privacy and security. The same applies if you are storing medical or financial information.
The laws regarding the type of data you are storing and where it can be stored will vary from the country you do business in and the type of data being stored. Here I always recommend seeking legal advice regarding data compliance laws before deciding on an off-site or cloud-based backup location.
Backup Verification Tests
Finally I always recommend periodic retrieval of essential backups and verifying they are correct and functional. It may take longer to verify backups but it's always better to know your retrieved data, or programs, will be functional during a test opposed to finding out the data is corrupt during an actual incident requiring the backups.
In the future I will write a more technical post about some specific cloud backup configurations that are possible. Until then, I hope this high-level post gave you something to think about. By the way, when was the last time you backed up the computer, tablet, or phone you are using to read this post? Don't remember, or never backed it up? Well then maybe it is backup time!