Monday 16 January 2012

Backups Should Be Bare Metal and/or Virtually Test Restored Right?

We provide a service to all of our clients for a fixed monthly fee where we rotate their backups for them every two weeks for local clients or FedEx the backup drives back and forth.

Every quarter we do a full bare metal or virtualized restore of their backup. A _FULL_ restore of their server or servers onto our own systems. We are then assured that the backup technology being used is working as it should.

For image based backups like StorageCraft or Acronis products is very important to note, “Garbage in, Garbage out”.

We do this so that we know the following:

  1. The backups are good.
  2. We will not be stressed about the backups if things do blow up.
  3. The backups are good.
  4. The client will not be _as_ stressed about their data and getting their business up and running after a catastrophe.
  5. Their backups are known good.

The above service and mantra comes via many years of experience with that experience containing some extremely bizarre failures in that time. This blog accounts some of them in more recent years.

Disaster Recovery Planning

Disaster Recovery Planning should be one of the conversation steps for new clients and a semi-frequent nag for existing clients that have not studied and implemented a disaster recovery plan for their business.

The “It won’t happen to me” attitude does not wash . . . at least not in our experience.

One of the most amazing presentations I have ever sat through was with Jeff Middleton of SBS Migration sharing his experiences trying to decision make and get ready for the oncoming Hurricane Katrina to a group of us on one of his visits.

Up here we may not face hurricanes but we certainly do have enough to consider:

  1. Break-in with servers removed.
  2. Disgruntled employee data destruction.
  3. Weather related disasters.
  4. Power related equipment failures.
  5. Fire.

Cloud Vendors and Data Preservation

Now, it seems that larger Cloud vendors are finding out the hard way that backups need to be fully test restored in order to certify their validity:

Obviously we are talking about a scale way beyond a single USB drive or High-Rely unit with a few Terabytes or 10 worth of data backing up a few standalone or clustered servers.

However, we believe that it goes without saying that at some point, preferably sooner than later, a Cloud Services Company, a larger Enterprise, or an SME/SMB company would schedule and go through a full restore of their backups to verify that things would work when needed.

With the advent of mainframe style computing, what we are now calling Cloud Computing or Cloud Services, there is a particular need to pay attention to all Cloud vendor’s SLA with particular attention on who is responsible for the data.

  • Microsoft O365 SLA
    • No clear mention of data rights and responsibilities.
  • Own Web Now SLA
    • Backups and Archives - Customer is solely responsible for all data on their servers, mailboxes, databases and other storage mediums. While Own Web Now Corp provides means and mechanisms for customers to perform backups, customers are responsible for establishing policies, monitoring backups, data restoration, and retention intervals. Customers data is customers responsibility, under no circumstance shall Own Web Now Corp provide drives or other media nor send them to a data retrieval facility.
  • Google Apps SLA
    • No mention of client/customer data.
  • Google Apps for Business (Online Agreement)
    • No mention of client/customer data.

In the end, where nothing is explicit in any agreements, the wording uses legalese, or the wording is just all-around vague it is up to us to provide a solution that protects the client’s data integrity.

Philip Elder
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.


Mike said...

Philip: You would be the last person I would think is still moving drives back and forth. Using ShadowProtect continuous and image manager, they could be sending you the incrementals over the web. Are you doing that? What's your loyalty to waiting 2 weeks to get data offsite?

Philip Elder Cluster MVP said...


We live in a province that spent a lot of money to run fiber to every place there were aggregates of population.

One would think that bandwidth would be fast and heap like it is for our US counterparts but it is not.

More than 1Mbit up is extremely expensive. More than 5Mbit down is likewise unless covered by cable which most businesses are not.

So, we live in the Internet Dark Ages ... or at least we almost do. ;)

Point of clarification: we get the one back from current, so the client has current connected to the server with the next to most recent off-site within immediate reach if there was an emergency.



Philip Elder Cluster MVP said...

Heh, typing on the phone: heap = cheap. :)