Search
  • Stuart Alexander

The what, why, and how of backups.

There are two types of storage devices: ones that have failed and ones that are going to fail.
Cybercriminals are now so fast and sophisticated that security experts say attacks are inevitable: plan for when, not if they occur.

 

If you deal with IT on a regular basis it won't take long to realize that we are a divisive lot. That's because there are multiple ways to design a computer network properly. However, no self-respecting technician will ever tell you to not include backups as part of your network no matter how redundant you have made your data storage. We agree on that much at least. A risky sales technician might make the claim to sell a product, but they will do so at the cost of their reputation. I would make the argument that proper backups are the most vital part of any computer network. Why? Because it is the single thing that will save your data from most any threat. Are they expensive? They tend to be. Are they annoying to deal with?

Server Room
A server room is pictured here. Servers will typically combine multiple storage devices into what is called a RAID array in order to provide storage redundancy.

You bet. Consume time that could be spent on production? Oh yes. Will they save your business when all other safeguards have failed? Working ones will.


According to the Economist the world's most valuable resource is no longer oil, but data. So why are you storing the beating heart of your company on a hard drive from 2007? Generally speaking there are three reasons why I see this type of behavior.


A Lack of Knowledge

Information Technology is often not well understood by SMEs. While larger corporations have dedicated employees in this sector that call these shots, in smaller businesses owners and managers are often wearing multiple hats and the IT hat is often not worn, or at least not well. In these situations backups are often poorly implemented or not implemented at all.

Budget constraints, and Risk Taking

Bad Advice



Samsung M.2
The M.2 flash storage device pictured here uses the NVMe specification making it between 30 to 70 times faster than a traditional hard-drive. Unlike spinning hard-drives flash memory very rarely give signs of impending failure. Photo is compliments of Samsung

Of the 20 some data recovery requests I handled last year only 2 of them had proper working backups in place. In one case I had to restore from a 2 year old backup, this resulted in over $5000 in losses, and hundreds of hours of labor. In another case I was about to give up and outsource to a data recovery lab, this would of costed the company tens of thousands in downtime and if the data recovery lab was unable to restore the results would of been catastrophic.


Advanced data recovery typically starts at around $1,000, and there will be a handsome fee if it is requested to rush the recovery. Even then there is not a guaranteed that the data is recoverable.

destroyed drive
I suspect more than accidental damage has been done to this spinning drive. I doubt even the NSA could retrieve much useful data from this! (Photo compliments of howtogeek.com)

This is especially important knowledge to individuals who cannot afford this. I hate to see people have to choose between $1,000 for a chance to get family pictures back or accept that they are gone forever. About one third of the cases I handle I am unable to recover the data for the client. My evidence may be anecdotal but my suspicions is that there is still much need for education surrounding backups for SMEs as well as for individuals.



 


We've discussed the why of backups now for the What and How. But before we dig in too deep let me start with a statement the whole world needs to hear: Cloud Storage should not be considered a backup in 99% of cases!


OneDrive logo
OneDrive is an amazing cloud storage tool but it should not be considered a tool for backup except for in special use cases

Thank-you for letting me get that off my chest. Non-proper configurations of Cloud Storage have been a recent bane resulting in data loss. Typically the data is technically still available but figuring out what exactly the Shadow IT did with it is a cause for grief and results in downtime. The myth that because the data is stored in the cloud it does not need to be backed up has been debugged by so many other technicians that I won't waste anyone's time by telling the reasons except to say data stored in the cloud is susceptible to most the volatility that locally stored data is.


So what exactly should be backed up, how many backups, and what type of backups? Some technicians will say everything needs backed up and to a degree I agree with them, but we already said backups tend to be expensive, so at what point should we say you are spending too much on backups? There is no one answer to this question. A critical and informed decision needs to be made by those in charge. A list of potential backup configurations is beyond the scope of this article, however the rest of blog post will be dedicated to implementing proper backups.


How much of your budget are you willing to allot towards backups?

The answer to this question will be the basis of how the other questions can be answered.

Are digital forensics required by law or otherwise in the event of a security breach?

Is your data critical to keeping business running on the day you loose access to it?

How far back may you need a different version of your data?

Those are a few good questions to be asked but as a companies specific needs are more understood there are more questions to be considered. Companies and individuals

Raid 1
Pictured here is a logical view of a mirrored redundant array. This is one of the two simplest RAID setups and creates a mirror image of data across two storage devices. If one device fails the other one is hopefully still good. Redundant arrays are often confused with backups but they are two different things. Picture has been provided by Seagate

with less complex needs should follow the rule of three which states data should be stored in three separate locations. A very typical implementation of the rule of three is one being your working data, one on an external device, and one in the cloud. What if your data is in the cloud you ask? This is still your working data and should be backed up to two different cloud locations or one cloud location and one local.



A simple diagram showing the rule of three. We recommend for most companies to consider hosting their data in the cloud as shown in the diagram.

There is a lot more that could and should be said, but I've already garnered a reputation for being too wordy when it comes to technology. Instead if anyone has further questions don't hesitate to reach out to me! Of course Tech Horse Electronics would love to take care of your backups for you, but we also like to see SMEs take care of their own backups so long as they do so properly. Small to Medium Enterprises are the back-bone of Canada and we need to work together!


We have not touched on privacy and regulation pertaining to Cloud Backups but those are massive subjects in and of themselves. Hey! Have you checked if your backups are working recently?









21 views0 comments