The starting point with any IT solution should be to clearly understand what outcome you are expecting to achieve. For example, what is your backup solution expected to deliver? Generally, it will be the last resort for recovery of data. Most modern IT architecture will have levels of resilience, replication and redundancy built in. Some of these design features will deliver not only hardware resilience but should deliver quick and effective data recovery points.
I believe the following 5 points need to be understood in detail when considering a suitable Backup solution.
1) Restore Options
If you are unable to recover your data at the speed or granularity that the business or application owner requires, you will be on the back foot from day one. Often the Backup method and selection(s) dictate how and what features are available for the recovery. As an example, most infrastructure today has an element of virtualisation. Protecting VM’s can be very quick and efficient but you must understand what level of granularity the recovery process is going to give you. If for example, the VM contains databases you may need to clearly understand if you have the ability to recover and replay transaction logs or if a full VM recovery is more effective.
Microsoft 365 and Cloud Apps are an everchanging canvas, you should understand any limitations in backup or restore that the application may have. For example, are all the objects that are protected able to be recovered back to the primary application or are there limitations where certain objects can only be exported or recovered to a sandbox environment? Clearly understanding what restore requirements you, the business and others have should ensure no one is disappointed.
2) Security of Data
It’s likely that there will be some pressure to protect ALL your data types in some form or another. Production, Development and Test data all have value to someone in your business. It’s likely that the backup method and retentions will vary depending on the data classification. Production data may be protected several times a day with the backup application triggering snapshots, where development data may be captured once in a 24hr schedule. Often the security implications remain the same for all data types. We therefore need to ensure the data is encrypted at each step of the protection process, in flight and at rest, and in many cases should be immutable to protect from ransomware attacks. Unfortunately, the reality for organisations is no longer if we get hit by a ransomware attack but when we get hit by a ransomware attack. Therefore, with ransomware now being the biggest external threat to your data ensuring you can recover from an attack with a good copy of data is critical.
If backup is the last resort for recovery, the security of this data, while still in retention, should be a high priority.
3) Reliable Protection
As this backup solution is likely to be the last resort for recovery of data, a reliable protection process is therefore imperative. We need to have confidence that the success rates for the configured protection policies are close to 100%. There should be proactive ‘pre-flight’ checks to ensure servers, resources and applications are in good shape before protection is attempted. Two of the most common reasons for backup failure are:
Resource unavailability, this can be down to lots of reasons, so we need to check they are there and ready
Resource limitations, be it network bandwidth, service accounts, target storage, licensing, CPU, or memory.
These should be checked prior to the protection process starting. Some backup applications pick a time when resources are less busy to start protection, where others specify a window where we plan for the resources to be available.
Whichever route the backup application takes, having reliable protection is a must. We can’t restore what hasn’t been backed up!
Nothing is more true than ‘Your data will grow’. I have been in the Storage and Data Protection industry for more that 30 years, some of the kit I worked on back in the day can now be found in museums. I have heard many, many times organisations and individuals suggest, with best intentions, they will be reducing their structured and/or unstructured data with various levels of data cleansing or archiving, which generally means moving data around, freeing space on primary data systems. Often there is still a requirement to protect this data in some form or another.
The facts are in 2010 there was 1.2 Zettabytes (1.2 Billion TB) of NEW data created. In 2020 it was predicted there would be 35 Zettabytes (35 Billion TB) of NEW data created and by 2025, wait for it….175 Zettabytes (175 Billion TB) of NEW DATA created! Yes some, or a lot of this newly created data will be transient, will be seen once and then expire, as in the world of SnapChat and other social media platforms, but with more and more data sources and analytics, your data will almost certainly grow.
Understanding the scalability of your backup solution while maintaining performance and reliability is likely to be very important.
5) Administration and Management
Generally, if you are looking to protect your data in a limited number of ways, with limited retentions/SLA’s, with a very standard configuration, the majority of backup applications will deliver this in an uncomplicated fashion. As soon as we start to look a little wider and a little deeper into various protection methods such as application and database aware backups, frequency of transaction logs, protection of the active node within a cluster, cloud applications and M365 etc. the administration and overall management can become very time consuming. Add to this applying service patches, updates, licensing, configuration changes, capacity management as well as escalation of issues to the vendor support team, the time required to manage the backup solution can go from hours per week to days per week. In addition, the Administrator or Admin Team become key technical resources. These skills and knowledge must be shared out within the organisation and this can be a challenging to implement, if you’re not successful you are likely to become very dependent on specific individuals.
As a data protection service provider, when speaking to customers these are the 5 areas we always focus on.
Within your organisation are you confident you have these points covered? If not, why not get in touch with us to hear how we ensure our customers’ backup strategy meets defined criteria and gives you confidence that your backup data is secure and available for restore when needed.