Developing a Data Backup Strategy
Whether it has been natural disasters or hacking incidents, recent
crises have served as a dramatic reminder that it takes a lot to get
back in business following a disruption. Complete disaster recovery
means setting up a fully functioning physical or virtual infrastructure,
establishing all necessary network connectivity and capability, and
getting the enterprise up and running in the amount of time required by
the organization’s strategy. One of the first steps to recovery is
restoring data, applications and services from backups.
For many years, tape was the primary medium for backing up data and it
remains an effective and affordable method, especially for lower-tier
data that is less than mission-critical. It is also the most economical
and secure medium for long-term preservation, archival and compliance
requirements. Because they are offline, tape backups will be uninfected
in the event of a widespread ransomware, malware or other cyberattack.
And, when all else fails, tape is often a reliable backup. That was the
case in 2011, when an update of Google’s Gmail storage went awry,
erasing more than 150,000 user accounts while also rendering Google’s
redundant cloud-based copies unavailable. Fortunately, Google was able
to restore users’ data from physical tape backups kept offsite.
But the logistics of transporting tapes between production and recovery
facilities, the one-to-one relationship of tape devices to data streams
and the time delay in retrieving and mounting tapes to put them to work
have sent businesses looking for faster alternatives.
This has led to considerable reliance on the cloud. However, a common
and risky misconception has developed among executives that cloud
backups alone will allow them to quickly resume operations following an
interruption or disaster. Perhaps this idea comes from their personal,
day-to-day experience with the cloud and the impression it creates of
services and data that are always on, always available, and accessible
from anywhere. Or maybe because providers of cloud-based
backup-as-a-service products store multiple backups in different
locations, it has given customers a sense that their data will be
available immediately when needed, even if they have never taken steps
to actually use the backup.
The risk in this thinking is that, while backing up to the cloud can be
fast and automatic, recovering from the cloud may not always be. Just as
with tape, a backup in the cloud can only help you get back in business
if you have specifically planned how to use it in a recovery. In other
words, you need to know exactly where that backup will go, on what
media, and how soon it can be implemented to recover from a disruption.
Additionally, do you have the network capacity to download all of your
enterprise data to your primary or recovery data center? Even if you can
afford the monthly charge for a one gigabit-per-second internet link,
retrieving just 10 terabytes of data would take more than a day. Absent
such network capacity, your cloud provider may have to deliver massive
amounts of data on disk or tape, either to your headquarters or to your
disaster recovery services provider. This means that, even with the
cloud, there could still be a delay of hours, days or weeks.
Another consideration is finding skilled support to carry out your
recovery. If you rely exclusively on staff to execute a self-managed
public cloud solution, what will you do if they are personally impacted
by the disaster and unavailable to perform such duties on a timely
Of course, today’s advanced cloud-based offerings include the
comprehensive managed resilience of disaster-recovery-as-a-service,
which allows customers to restore business operations in hours or even
minutes, with minimal to no data loss. Cloud-enabled managed failover
services that can enable the switch from primary systems to backups
promise the fastest possible disaster recovery solution, increased
resilience and near-zero downtime for mission-critical applications. It
is a flexible approach, often outside the public cloud, that allows
companies to design and frequently test separate backup and recovery
schemes for different databases, applications and services.
While the cloud can do all this, there is tremendous risk in assuming
that a contract for cloud-based software, infrastructure or backup is
the same thing as disaster-recovery-as-a-service. There is also still a
risk that an entirely cloud-based service could fail. In April 2011, for
example, a network change resulted in the failure of a large number of
Amazon EC2 cloud services that disabled some high-profile sites for days
and left many customers with permanent data loss.
Whether you are considering or already using the cloud as a part of your
strategy to achieve the fastest possible recovery from a disruption,
you still need effective redundancy in your backup and disaster recovery
solutions to assure that the data required will be available when you
need it. The cloud has transformed much about the speed, flexibility and
cost of doing business, offering new options for backing up critical
data, replicating complete systems and helping to orchestrate a
successful disaster recovery. But no matter how much they may improve,
virtual backups alone are not enough. That is why tape should still play
a role, along with on-site disk backup and physical or virtual
cloud-based storage and recovery infrastructure, as part of a hybrid
backup and recovery solution.
With this, companies can go from backing up their data to being back in business.
Marc Langer is the founder and president of Recovery Point Systems, a
company that helps customers resume operations following any
interruption in their IT environment. He developed the concept of the
Integrated Disaster Recovery Supplier, which enables clients to engage a
single vendor to provide an all-inclusive, economical suite of recovery