It's time to recover data. Do you know where they are?
Backing up data is just the beginning. You need to make sure that the backups contain the necessary data and are compatible with the applications that will use them.
So, you regularly back up , but once you have to restore data. Do you know where they are? Can you use them?
')
Answers to these questions should provide procedures for the use of IT and data infrastructure, but sometimes it is useful to repeat what seems obvious.
Keeping in mind the data loss incidents in Gitlab and the Australian tax authority, we will once again turn to basic backup aspects.
Some experts argue that backup is more important than restoring, because it is impossible to restore what is not saved. Other experts are convinced of the opposite. If data cannot be recovered, then why back them up?
This is reminiscent of the argument that the primary is an egg or a chicken. If you do not have a backup copy, CDP copy or data version for a specific point in time, what are you going to restore? If you pay attention only to copying data, then how do you guarantee the possibility of their recovery?
In order to achieve a balance between protection and data recovery, we will introduce additional variables into the formula - control and testing . Why perform a restore if you are not sure that the backups include all the necessary data, are readable and free of errors?
One of the tasks of managing backups and restoring is to check the integrity of backups and the availability of the necessary data in them. When testing, it is necessary to verify that the backups and their data correspond to a specific control point and are located on a different medium.
Testing involves another step - checking the availability of data for your applications. You can recover data, but what happens when your application tries to use it? Will security certificates, permissions, access control and decryption be applied to data? Do you have access to the software with which the protected data was packed or formatted? Can you check the backup compliance with the requirements for recovery points and restore data to other places for complete testing without disabling the system?
In order to manage the recovery, you need information about what data is available for use and which is not. For example, you need to know whether backups are being made in a timely manner, whether they contain the data specified in the requirements for recovery points, RTO, SLO and etc.
You also need information about available resources: servers, storages, applications, their protection systems, as well as means of managing data copies . Copy data management tools, reporting tools and information management tools help determine the number of copies of data, their types, versions and locations.
Some important backup and restore recommendations:
When people ask me what is more important (backup or restore), I reply that testing and managing backups is no less important. What is the benefit of recovery if you are not sure that the backup data is all right?
Why restore data if backups are damaged, infected, or created at the wrong time? On the International Backup Day, March 31, remember the last time you tested backups, and schedule your next test.
Finally the last point: remember that only you can prevent data loss.
So, you regularly back up , but once you have to restore data. Do you know where they are? Can you use them?
')
Answers to these questions should provide procedures for the use of IT and data infrastructure, but sometimes it is useful to repeat what seems obvious.
Keeping in mind the data loss incidents in Gitlab and the Australian tax authority, we will once again turn to basic backup aspects.
Some experts argue that backup is more important than restoring, because it is impossible to restore what is not saved. Other experts are convinced of the opposite. If data cannot be recovered, then why back them up?
This is reminiscent of the argument that the primary is an egg or a chicken. If you do not have a backup copy, CDP copy or data version for a specific point in time, what are you going to restore? If you pay attention only to copying data, then how do you guarantee the possibility of their recovery?
In order to achieve a balance between protection and data recovery, we will introduce additional variables into the formula - control and testing . Why perform a restore if you are not sure that the backups include all the necessary data, are readable and free of errors?
One of the tasks of managing backups and restoring is to check the integrity of backups and the availability of the necessary data in them. When testing, it is necessary to verify that the backups and their data correspond to a specific control point and are located on a different medium.
Testing involves another step - checking the availability of data for your applications. You can recover data, but what happens when your application tries to use it? Will security certificates, permissions, access control and decryption be applied to data? Do you have access to the software with which the protected data was packed or formatted? Can you check the backup compliance with the requirements for recovery points and restore data to other places for complete testing without disabling the system?
In order to manage the recovery, you need information about what data is available for use and which is not. For example, you need to know whether backups are being made in a timely manner, whether they contain the data specified in the requirements for recovery points, RTO, SLO and etc.
You also need information about available resources: servers, storages, applications, their protection systems, as well as means of managing data copies . Copy data management tools, reporting tools and information management tools help determine the number of copies of data, their types, versions and locations.
Some important backup and restore recommendations:
- Remember the formula "4, 3, 2, 1" - an extended version of the formula "3, 2, 1" (" grandfather, father, son " or "grandmother, mother, daughter"). Its meaning is that you need to have at least four copies of protected data at least three versions (recovery points), of which at least two are on different servers, storages, storage media or systems, and at least one is in a different environment ( connected or not connected).
- Reduce the amount of data on the source and target systems by using compression, deduplication, and other methods.
- Review your data protection strategy: what, where, when and why you protect, how often you back up, how long you keep it, and what level of backup details (full copies, images, files, objects, or databases). Remember that processing centers and data infrastructures, environments, organizations, and even individual applications have their own specifics. Do not attempt to apply the same data protection rules to all applications, data, settings, and configurations.
- Collect information with analytical tools. Automate the functions of detecting and displaying the number of backups, their versions, locations, retention periods and other service information.
When people ask me what is more important (backup or restore), I reply that testing and managing backups is no less important. What is the benefit of recovery if you are not sure that the backup data is all right?
Why restore data if backups are damaged, infected, or created at the wrong time? On the International Backup Day, March 31, remember the last time you tested backups, and schedule your next test.
Finally the last point: remember that only you can prevent data loss.
Source: https://habr.com/ru/post/334742/
All Articles