Overview

Backups are essential!  Your information, systems, infrastructure and other resources are the core resources of your office.  Backups help protect all those resources by allowing recovery from accidental or malicious events.

The backup part and process are often overloooked.  They are essential and very important during recovery but otherwise are simply background maintenance processing nearly unobserved by most staff.  It is important to understand what and how the backups are functioning.  It is equally important to ensure they continue functioning to provide the necessary safety and security.

Failure can occur at several levels and hence several strategies should be used to provide appropriate available recovery.  This document will describe the various types of failure and recovery and the tools and strategies used to provide the backup, archive or image data used to fulfill those recovery requirements.

Disasters

The term disaster infers a large and catastophic event.  However with regards to data even a small event like deleting a file or email can escalate to a larger one quickly.  A single email or Todo going missing may later prove significant or costly.  Disasters hence can be a single person deleting a single piece of data or it can be as large as a full site wide event such as fire, theft or other form of destructive event. 

Major Disaster

A Major disaster strikes when an entire office or a significant portion of an office is no longer accessible.  With respect to computer systems this often means the server itself has been lost.  Fire and theft are the most common ocurance. Errors, bugs and unchecked or simultaneous hardware failure can also cause a major disaster.

Recovery from this level of disaster usualy requires recovery of the entire server or sometimes several servers.  Downtime until full recovery is usually measured in days or sometimes a week or two.  This depends on the extent of the damage and the ability to acquire replacement hardware or parts and then to restore the data.

Recovery from a major disaster requires a full systems recovery backup set - often kept offsite.  It may also require rapid delivery of additional hardware.

Minor Disaster

This category covers the little disasters.  A single workstation failure or even deleting a single file.  A minor disaster generally causes no other downtime other than those directly affected by the lost resource.  Depending on what sort of resource has become lost a variety of techniques are used to recover.  Generally most minor disasters require little or no extra hardware and are recovered the same day or within 24 hours.  Backups stored at the site or even live on the server are used to restore files.  spare equipment kept in an office can be used to recover workstations.

Recovery from a minor disaster requires backups that stay onsite and/or spare computer equipment be onsite.

Within a minor disaster we include the subcatagories of user error and hardware failure.  While recovery from both these types of failure are different they are both usually quick to resolve and are usually restored to normal operation within a day or two.

Classifications

There are several classificatinos that relate to backups and more generally replication of data.  The most traditional and simplest is a standard file backup.  In addition to this backup technologies broadly cover redundant drives, database replication, archiving, images and synchronization.  Each technique offers it's own form of protection against specific types of disasters.  A combination of techniques generally provides the best overall protection from all kinds of disasters.  For example a Small Business Server as is usually found in small businesses will often use file copying, drive redundancy, database replication, archival and images and perhaps also synchronization too.  The selection of backup technologies is mostly dependant on the types of data and types of services operating in the office environment.  Combining services offers the best overall protection and ensures the data is secure.

File Backup
 
File backups or file replication is quite simple.  This can be a manual process or use some automation.  it simple requires that all files in a single location are copied to another location either manually, on a schedule or immediately when written.  Microsoft operating systems have a flag called and archive bit that is changed whe na file is changed.  Using this bit a backup program can automatically find the changed files and update the replication copy.  This is the simplest process for backing up information. 

Drive Redundancy

Drive redundancy is a method of writing data to multiple disks at the same time within one machine.  This removes the possibility that if one hard drive should fail then all the data is also lost. Mirrored drives simply mean that two drives contain exactly the same information.  RAID (Redundant Array of Inexpensive Disks) uses 3 or more drives to share the information.  Though an advanced technique it maximizes the amount of space and provides better performance over the disks at the same time.  Note that this technique only protects the existing data from the failure of the disks themselves.  It does not provide any other protection.

Database Backup

Databases are files that are opened and stay open on the server.  An open file is usually locked by the program or service that uses it. Locking a file prevents the normal backup process from copying or moving the file.  Often these database programs are activly reading and writing information to the file.  Hence to backup data within the file the backup software needs to communicate with the database software and request the data.  Usually the database has a mechanism within it to service backups of it's data.  However, the backup programs will need an interface to access this mechanism.  Not all backup programs have written these interfaces into their software. Usually the services will continue providing the usual service while the backup is taking place. 

SQL Server and Exchange Server on Microsoft Small Business Server 2003 provide these backup services and several programs take advantage of this to capture data within the data or mail servers.  The database continues to be accessible and email continues to flow during the backup process.

Archive Backup

Similar to either a file backup or a database backup.  Archive backups are used to not only copy but also manage data.  Data may be set to remove after the archival has copied it from the primary location.  Often the archived copy is availalbe on a secondary system but is removed to keep the primary system running at optimal performance.  Archiveal is thus much like a backup process but instead moves the backed up data elsewhere.  This is normally used specifically for certain files or data that require a small data structure to operate well.  Email is a typical example.  The archiving process is usually provided by specific programs or may be incorporated into the service software.

For example Microsoft Outlook has an internal archive process that allows the software to move emails and other data from the primary files to an archive file.  an add on program then allows this archived file to copy to a remote location for safe keeping.

Image Backup

Copying files and pulling information from databases is all well and good. However the drives themselves also contain information that is not within the files on the system.  Image backups capture this information and potentially much more information.  The Image programs treat the entire hard drive as one large file and backup the system block by block.  Smart image programs only backup the parts of the disk that have active information.  Complete Images backup every piece of data on the drive even if it's not part of a file.

By using an image of the disk - even deleted files and missing information may be recovered from the image. 

A distinct advantage of images is the rapid recovery to the same or even different equipment.  The image contains so much information about the entire system that changes can be made during the recovery to allow full recovery and installation of necessary device drivers sliped in.
Image backups do have a problem when backing up live active data - hence usually when running an Image backup it is advised to shut down database programs for the duration of the backup.  Hence Image backups are mostly encouraged to run on systems and servers that do not have SQL Server or Exchange Server running.

Synchronzation

Files and data can also be synchronized to remote services and locations via services that send the data either as it's written or periodically batches.  Synchronization generally does not require a data storage location per se.  It uses remote storage at another site or at a internet resource to maintain the information and distribute it as needed. Syncplicity is the primary source for this - however other online internet backup strategies also provide this type of service.

Software

Different backup programs generally provide different backup techniques. Each backup program we recommend provides a different strategy for backups.  In some cases one backup program is sufficient - but in most cases a combination of backup technologies are required to ensure systems and data are well protected.  Given the wide variety of disasters it is best to ensure protection from as many as possible.

There are two significant backup prorgrams that ellwood assoicates have recommended to all our clients.  They are Backup Exec currently offered by Symantec and Acronis True Image Echo currently offered by Acronis.

Backup Exec

Backup Exec has a traditional history as being one of the most robust and well designed backup programs in the marketplace.  It has provisions and add-ons for nearly every type of backup imaginable.  ellwood associates typically recommend this backup tool for servers that have multiple services running.  Backup Exec has excellent file and database backup techniques.  It is also exceptionally good at backup of SQL and Exchange databases - providing granular restore of even a single email, contact, calendar entry or tasks.

We generally use backupexec to provide tape and nearline backups of a servers primary data and use it to recover from accidental deletions and other minor disasters.  Backups are usually up to date within 24 hours and can also be used in conjunctino with full image restores to provide the latest file data.

Acronis True Image Echo

The Acronis product line has steadily improved over the past several years.  Currently it is the image backup software of choice by most IT professionals.  It is very flexible and very robust.  The Aconis product line is contunially growing and we test each product as it comes on the market.  Current ellwood associates uses Acronis True Image Echo to create full images of servers and some workstations periodically.  It works best in an all files environment with no exchange or SQL servers.  However it can work with those servers by shutting off the databases during the backup.  However this causes several hours of downtime that is generally unacceptable.

Acronis true image echo server image software is best at creating full images that can be used in major disaster situations.  It is also very good at providing a solid roll back of systems and can be used to restore a persons existing desktop to alternative hardware.  Users can be up and running again very quickly with the aide of acronis software.

Given acronis has more difficulty with granular restores we tend to not recommend it where that is required - such as with Exchange Servers and SQL Servers.  We aosl tend to shy away from granular restore of just files as the search capability for small files is not as robust of it is with Backup Exec.

Other backup software we uave used in the past have fit certain budget requirements or met with other requirements which seemed more appropriate at the time.  They are listed here as honorable mentions in addition to the main packages listed above:

Norton Ghost

This software was in directino competitino with Acronis software packages - however Acronis is now significantly better for abiout the same cost.

BackupMyPc

This is a very inexpensive backup software that we often deploy for desktop users.  However again for about the same price the Acronis Workstation edition covers and backs up and recovers far better with greater easy and simplicity than BackupMyPC.

Syncplicity

This is a relativly new product we are reviewing.  It is a file backup only but it does have two advantages over traditional backups.  First is it is constantly backing up the data.  As information is changed the new version of the file(s) are within minutes transferred to a remote internet server service.  Secondly a different computer at a different site can be used to download a second copy from the internet service.  Hence sharing the backed up files within two locations.  While this is all very cool it is not very efficient and inappropriate for any firms with more than 5 employees.

In addition to the software programs above - all servers specified by Ellwood Associates always include at least some form of drive redundancy or RAID configuration.  This is standard practive among all servers in the computers industry.

Strategies

Ellwood associates deploys custom data protection strategies for each firm depending on the types and size of the data requirements for each office.  Generally we advise that there be a combination of onsite and offsite backups.  This provides a balance of security and flexibility for recovery from minor and major disasters.  We also advise that any systems with significant data have a backup strategy in place.  This includes primary workstations, notebooks and netbooks and even handheld PDA devices.  The technologies used vary but may include any of the following:

RAID Drives

Most servers come with reduntant array of inexpensive drives also known as a RAID system.  RAID protects the server from immediate failure of one of the disks.  Given they do tend to fail every 3-5 years this is an appropriate protection against this kind of failure.  This is not necessarily a backup strategy but it does provide immediate recovery with no significnt downtime.

Our typical strategy is composed of a series of backup sets.  Each backup set is assigned to rotate and be reused over specific amounts of time.  Generally this is a week or a month or a year for easy tracking.  We also use backup sets that are write once and archive.  This provides a longevity and historical copy of the data.  The combination provides protection against a variety of minor and major disasters as follows:

Daily Backups

We encourage every firm with significant daily data changes to have a daily backup.  We usually suggest that this backup be stored onsite.  The backup set is often stored on a hard drive directly attached or inside the server itself.  The set of backups may rotate over 1 or 2 weeks depending on the size and the space required.  This provides best protection against minor disasters of a file or record being deleted.  The onsite backup does not require searching for media.  THe recovery can take only a few minutes and generally can be done via remote access.  Clients are happily restored usually shortly after requesting the lost data be recovered. 

Offices that have Microsoft Exchange or SQL based programs may also have real time backups that copy the transaction data and allow for instant rollbacks or roll forwards to return the database to a state required.  This is an advanced technique that most offices do not require.  Recovery of a single record is more commonly accomplished with a granular recovery rather than a full database rollover.

Weekly Backups

When a major disaster occurs it is imortant to have a recent copy of the data.  Every week a backup should go offsite to ensure the data is at most a week old.  Weekly backups are usually much larger and a complete backup of a server.  Should a office lose a server this backup is typically used to recover all the data.  Weekly data is usually rotated over the course of a month so that multiple tapes can provide and ensure at least one or several are good copies of the data.

Monthly and Annual Backups

Monthly backups extend the recovery period for loss of data.  The best example would be a staff member leaving an office.  Their accounts are frozen and later removed from the server.  much later information contained in their accounts becomes important for whatever reason and recovery is necessary to obtain that information.  Specifically the information saved in an Exchange Serve email database is purged when a user is removed from the network.  Without a monthly backup that information may be lost.  The monthly archive could be restored and looked at again.  This provides a recovery point for data that may have been deleted.   

Monthly backups are usually saved to Tape and taken offsite to an archival location.  We recommend this be a different location from the Weekly backups for further security.

Annual backups are an extension of the Monthly backups - however annual backups are stored forever and not rotated back in.  This provides a longest term back history of archival data.  given technology changes if these archives are ever needed again it is occationally necessary to move the data from the old media to new media - specifically if the old media can no longer be read from because of a technology change.  for this reason it is often advantageous to write to a long term media like DVD or CDR.

Periodic Image Backups

We also suggest taking a periodic backup using an Image backup of servers.  Image backups are a complete copy of the server and allows complete recovery to that point in time.  The Image may not need to be current as it provides a launching point from which another backup can build.  The significant advantage of an image backup is the rapid deploy and compatability with more hardware. 

With Acronis True Image Server Echo discussed above it is possible to recover a servers state to a new hardware platform.  The data then can restore from an alternative backup and the server will be ready to go within hours.  This advantage allows the server to restore faster than having to secure hardware replacements that match the downed server.

Onsite/Offsite

It may not be entirely clear why we use s acombination of onsite and offsite backup locations.  This may clear the difference and reasons for using both.

Onsite or nearline backups provide a restore location that is already connected and already availale to the server.  This means we can usually initiate a restore process within minutes.  The restore itself may take hours - but it would certainly take longer trying to locate and return media to teh server.  Loss of productivity is minimized and minor disasters are handled efficiently and effectivly.  While this onsite backup storage provides significant security with minor disasters it provides no safety or security against major disasters that may affect the server as a whole - including the onsite nearline backup storage.

Offsite storage provides the significant security and safety against any major disaster.  The data is physically located elsewhere and usually is not affected by the same disasterous event.  Offsite storage can thus provide the added security for the data by keeping it distant from the source.   Against the minor disasters it is less effective but still may be used.  The downtime of having to return the media is the only major drawback. 

Monitoring

Havign all software in place and all stragies prepared is wonderful.  Backups are notorious for running into problems.  Ellwood associates monitors your backups through email alerts on a weekly and/or periodic basis.  When any major event occurs on the backup systems send an email.  We capture those messages and we also ask someone in your office to read them too.  Your staff are firstly and lastly responsible for the backups.  We are here to help and check overall.  We expect and are willing to train an onsite staff member to monitor the backups.  We would then expect that staff member to alert us when a significant backup problem occurs.  A good Montoring system more than anything is often the point where a backup strategy will fail or succeed.  Please check and make sure your backups are running smoothly.  Or consult with our technicians regarding how to maintain good backups.

Wrapup

We hope this provides you with an insight into the backup strategies and effective methods we strive to have at every firm we support.  If you have any questions or concerns please contact us and we will be more than happy to provide information or advice.  Remember, computers break, hard drives fail, things get lost or go missing.  Protecting your systems and services from disasters is a must!  May your busines thrive in spite of murphy's law!