How good is your backup, really?
Set it and forget it is no way to treat a critical element of business resiliency
Backups are arguably the most vital component of an organisation’s tech setup. But as you don’t need them till things go wrong, for some organisations it is all too easy to set systems up and forget about them, which could be a recipe for disaster. What should an organisation be doing to ensure its backups are in fine fettle at the point when they’re needed?
With working from home now standard practice, are there any additional considerations for organisations in terms of ensuring their backups are in tip top condition, they’re regularly done and accurate, and quickly restorable?
Revisit, revise, repeat
The only way to be sure backups are fit for purpose is to keep a very firm eye on the regime. That applies wherever people are working – in the office, at home, or anywhere else. The basic rules of good practice don’t change.
In some organisations, those in charge of backups can find they are always fighting from behind. As Wes van den Berg, VP & GM at Pure Storage UK&I puts it: “Expectations for disaster recovery never equal IT disaster recovery capabilities.” That’s quite a pessimistic view, but the only way an IT team can be sure they can give their best selves when disaster recovery is needed is, he says, to “perform data recovery checks at least quarterly, bi-monthly or monthly if possible. The longer between tests, the higher an organisation’s risk over time.”
Peter Groucutt, managing director at Databarracks, agrees that if left unchecked problems can mount up over time. “If you have a large enough IT environment, there will be something that doesn’t work every day,” he says. “ In most cases, the issues are minor but they need to be checked and fixed or your most recent recovery point will be too old.”
Is your provider giving you what you need?
This is all very well, but the fact is that organisations rely on third parties to provide backup services and it’s vital that those third parties do the required job. For this to happen, an organisation must get the specifications for services right. In the best examples finding the perfect fit is a ‘double-act’, where the vendor advises the organisation, but doesn’t oversell to them, and the organisation understands its needs and buys what’s necessary. Both parties also need an eye on the future, so that the organisation’s general direction of travel can be catered for.
Key questions to ask a vendor include:
- Can the solution scale and if so, what’s the mechanism, how quickly can it be done and at what cost?
- How quickly are bugs and support issues dealt with? Are new applications supported quickly?
- How fast can data be restored, including full disaster recovery?
- What archiving services are on offer?
- How are backups protected from ransomware, data theft and other attacks? For example is there end to end encryption to protect any stolen data, and are backups properly isolated from the network?
While this isn’t an exhaustive list and organisations’ needs can and will vary, these five elements should be considered core to any backup strategy as if any of them should fail, it can be disastrous for individuals and the organisation. Groucutt puts it in simple terms: “No-one gets promoted when [the restore process] works, but you will be dismissed if it goes wrong.”
He adds that while “in an ideal world, backups would just happen silently in the background, in the real world, they fail quite frequently”.
Working from home doesn’t change the basics
Nobody knew this time last year that working from home would be the way almost all businesses that typically ran from an office would be operating. But organisations have had to factor a distributed workforce into their backup regime at lightning speed. This has not been without its challenges. Peter Groucutt says: “When the lockdown started, there was a massive uptake of cloud services like Office 365. As more people are using these services, they are finding the limitations of them. Accidental user deletion and short retention on the Recycle Bin are frequent issues.”
But it is now a fact of life that organisations need to be able to reliably store, access, backup, and restore files to remote users as a matter of everyday practice. With that in mind, Wes van den Berg gives some advice: “Businesses should look to backup vendors that make it easy to manage a product remotely and let leaders make changes quickly and with minimal disruptions.”
Servicing a home-based workforce may have allowed some key issues with organisations’ backup and restore processes to become visible, but perhaps those issues have been lurking for a long time, waiting to bubble up to the surface. Catch them early and deal with them, and they’re an opportunity. Carry on with the same old, same old, and sooner or later they turn around and bite you.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now