Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

5/10/2010
02:45 PM
George Crump
George Crump
Commentary
50%
50%

Knowing That Your Data Recovery Will Work

Probably no single process has had more software, hardware and infrastructure thrown at it then the backup process. Despite this continual investment many of the IT managers that I speak with express doubt in their ability to recover the right data in the right amount of time. What do you do to know that your data recovery will work when you need it to?

Probably no single process has had more software, hardware and infrastructure thrown at it then the backup process. Despite this continual investment many of the IT managers that I speak with express doubt in their ability to recover the right data in the right amount of time. What do you do to know that your data recovery will work when you need it to?When there is doubt in the ability to recover data it often leads to an overprotection problem that we have seen for years now and as we first reported in our article "Solving the Data Protection Puzzle". Essentially if you don't have confidence in your current data protection tasks you try to protect the data in as many ways as possible. Similar to driving with two seat belts and a helmet. You are hoping that in the event of a failure one of the data protection tasks will bring you back up. As the book says, hope, especially when it comes to data protection, is not a strategy.

To know you can recover requires focus on two areas. First, make sure you have a workflow that keeps your eye on the right ball at the right time and second, trust your workflow but verify it often. The first area, workflow, is really about creating a data protection management system and ironically isn't as much about recovery as it is backup. While this conflicts with the popular phrase from backup software vendors, "it is not about backups its about recoveries" the truth is if you don't get that backup completed successfully, there is nothing to recover. Clearly both are important but in my mind completing a successful backup comes first.

This first step then, the evolution of data protection from a series of unrelated tasks to a smooth workflow, is critical given today's environment. The IT team has too much data to protect given the current staffing levels. They have to be able to have tools that will give them laser beam focus on the data that really matters. Laser focus on only the critical data sets requires a shift from the conventional thinking that every backup must work every night strategy to only the backups that really matter must work when they need to work. This is not advocating that you stop protecting data every night but that when you are faced with a list of failed backup jobs, along with your normal IT tasks, you need to know what to work on first. From a backup perspective this means knowing what failures put the most business critical data at risk and fixing those first. Essentially the data protection process becomes a way to help you prioritize what to do first each morning.

Developing a process involves knowing what data protection resources you have, what policies are in effect and probably most important establishing realistic service level agreements (SLA) with the owners of data. Once those are known then the focus shifts to managing the SLAs instead of tracking every single backup job. If the management system highlights not every failure but the most critical failures they are putting SLA attainment in jeopardy.

The next step is the verify stage. While there are many ways to verify backup jobs there is only one acid test; recovery of the full system. In our next entry we will talk about verification and how to accomplish full verification with requiring 100 additional IT personnel.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25789
PUBLISHED: 2020-09-19
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
CVE-2020-25790
PUBLISHED: 2020-09-19
** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our secu...
CVE-2020-25791
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
CVE-2020-25792
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair().
CVE-2020-25793
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.