Revisiting a data backup regimen is admittedly not at the forefront of every organization’s day-to-day priorities. Yet with the majority of people now working from home amid the global pandemic, having a healthy data backup strategy and process in place is more vital than ever. Every organization – regardless of industry – should re-evaluate whether its backup regimen is providing what is needed, particularly in terms of timed backups whenever an IT function changes.
What is key for organizations is for staff and IT teams to be equipped with the skills and schedules to freely recognize when data backup checks should take place. A strategy is only useful if it is fully implemented and followed. In the first instance, there are two key threats that organizations should prepare themselves for.
Defending the data
No infrastructure is static, and humans are not reliable. New workloads can pop into existence at any time, which is incredibly frequent in virtualized cloud environments. When you’re busy and distracted, the issue of protecting this data may be forgotten. Even worse, when you need to restore this data, you discover that no backup has been completed. Therefore, a primary threat faced by all data sets is being left unprotected.
To prevent this, organizations must establish workload naming and location rules. For example, all accounting workloads could run in an accounting resource pool under an associated tag. Policies should then be created that will backup workloads based on a dataset’s location, name, tag and size. Alternatively, organizations should look to back up all containers – all workloads, on a host or in a resource pool – instead of backing up individual workloads. In other words, stop chasing infrastructure changes and let an autonomous backup product do the work for you.
The next biggest threat is the potential for data to be protected, but not wholly recoverable. The only way to know if data can be restored is to do a test restore. Even if the backup software performed well, there can be a number of issues preventing you from getting your data back. If the files of a machine’s system were corrupted, the restored machine won’t boot. If the malware has corrupted backup files, you won’t be able to restore. The list goes on. Restoring every backup manually is not a practical option for busy organizations. After each backup, a proper backup software can perform an instant test recovery, check the machine’s heartbeat, discard the machine and send you a report.
In an ideal world, organizations should also have recurring data recovery plan updates and testing. Firstly, create a calendar event for every quarter and update your disaster recovery plan by identifying stakeholders and their needs, and how their needs map to your infrastructure. Then, a proper backup solution should be used to set up and update disaster recovery workflows, which can then periodically test-restore a stakeholder’s service without interfering with production workloads. Of course, major infrastructure changes – such as employees switching to work from home – should trigger the above process as well.
BaaS and DRaaS services
If an organization prefers to engage with a vendor to provide data backup and restoration services, they should ask three key things. Firstly, instant backup verification should be confirmed. A business contracting backup as a service (BaaS) and disaster recovery as a service (DRaaS) should always have the ability to near-instantly verify not only the consistency of backups, but also the recoverability of data.
Secondly, the processes concerning the instant restore of machines, files, and application objects, in addition to disaster recovery, are important to clarify. Some questions in relation to the instant restoration of machines, files and application objects could include, ‘Can I instantly boot a machine from the backup, and can I get a single file or an application object, such as an email, without restoring the full back up?’. For disaster recovery, it is also worth asking whether you have the ability to set up recovery workflows and run non-disruptive recovery testing.
Apart from a failed restore, there are a couple of warning signs that your backup vendor isn’t up to scratch. For example, there may be a lack of support for the latest versions of platforms or operating systems, and there may only be a new feature release once or twice a year with a few useful additions. Furthermore, backups may be slow, and your vendor may also be spending too much time on backup administration. These are considered to be the initial alarm bells and it is important that such issues are rectified – backups are the last line of defense against malware and ransomware.
In our post-pandemic era where working from home has become the norm, there are additional considerations for organizations. First and foremost, they must ensure that backups are in tip-top condition, are regularly done, are accurate, and are quickly restorable. However, what is key with many staff working remotely, is ensuring you have a proper data protection policy in place.
Through this, organizations are able to stipulate that business-critical data should be protected once a day, tested once per week, and that all data travelling across WAN networks should be encrypted. A data protection policy involves the regular survey of different departments to identify and organize data tiers to immediately assign a corresponding data protection action. These actions can perhaps, include, a process to store the most critical data locally with a daily backup schedule, the enabling of backup encryption and a weekly testing schedule.
As our working environments continue to change, so will our approaches to data backup, safety and protection. However, one thing is for certain – backup must now be at the forefront of every organization’s agenda, regardless of the sector in which they operate. Equipping staff and IT teams with the correct skills to recognize how and when to conduct data backups is key, and they should now be able to do so whilst working in remote settings. If the internal responsibility of doing so is too much, data backup vendors are the next best support for ensuring safe and effective data backups before disaster strikes.
Veniamin Simonov, Director of Project Management, NAKIVO