Seven Characteristics of a Successful Backup Strategy
In the late nineties I met a gentleman at a conference who was passing out copies of “The Tao of Backup”* and sharing that “to be enlightened, one must master the seven heads of Backup.” In the handout, and the subsequently published online version, the author identifies the seven heads of backup to be mastered as Coverage, Frequency, Separation, History, Testing, Security, and Integrity. I took this to heart, and while so much has changed in the available tools, methods, and “Best Practices” related to data backup, those seven principles have guided me in how I evaluate backup and disaster recovery strategies and implementations ever since.
So, let’s take a look at each of those seven ‘Heads” or characteristics of a successful backup strategy.
Your backups should include all of your data, programs, settings, and the operating systems of your many devices in a format where, in addition to single-file restore, a complete copy off all can be easily restored in the event of a loss or disaster. Your servers and systems should all be protected by a “bare metal backup’ which allows for a complete recovery rather than only recovering documents and data after having to re-install operating systems and programs.
Your backups should be performed regularly (continuously is preferable). Nightly (or less frequent) backups allow for the total loss of up to an entire day’s work (or more) by all your staff if your only point of recovery is the night prior (or longer) to the data loss.
Your backups should be separated from your data. Multiple, redundant, and off-site (co-located if possible) versions of your backup increase the likelihood of recovery. If your backup data remains in the same location as your live data, what recourse do you have in the event of a disaster (Theft, fire, flood, etc.) that destroys both your live data and the backup data that were not separated.
Your backups should include many versions on your data spanning several days (if not months) of time. Often you don’t discover lost data immediately, and if your only backup is hours or days old, you cannot recover a version of your file(s) from before they were deleted, destroyed, altered, corrupted, or otherwise rendered useless.
Your backups should be tested REGULARLY! The more frequent the testing (and remediation if required), the more reliable your strategy is, and your chance for recovery after loss or disaster in greatly increased.
Your backups, just as your live data should be protected from exposure to unauthorized access or theft. Backups should be physically protected as well as encrypted, password protected, and restricted as to the ability to recover and restore to alternate locations.
Your backups are a copy of your live data. If your live data has been corrupted by chance or encrypted by an attack, you must include in your strategy a solution for recovery that can address these issues. A continuous backup to cloud account that does not separate datasets can be disastrous if you are hit by an encryption/ransomware attack and the files in your backup are just as encrypted as your live data.
There are many very strong solutions in the market today for backup and disaster recovery that include redundant on-site and cloud storage as well as both local and cloud-based virtualization features that can reduce data loss to minutes rather than days and virtually eliminate downtime.
As always, we are here to get you on the right path!