Lost Password? No account yet? Register
  • Increase font size
  • Decrease font size
  • Default font size

WWW.BS25999.COM

Sunday
Jul 06th
Home arrow Content arrow Technical arrow Seven Deadly Sins of Backup
Seven Deadly Sins of Backup PDF Print E-mail
The large and complex part of good business governance that is data protection often relies on policies generated by technical staff with little or no understanding of the business they are attempting to protect. This results in the data protection staff focusing unduly on ensuring data protection results on a day-to-day basis rather than ensuring that data protection fits with the business policies.

Below are seven common acts carried out by data protection administrators to improve their base success rate that endanger the business’ data protection policy.

 

Disabling ‘Bad’ Clients

“We have lots of machines to back up, and some of them keep failing.  We tell the owners of the machine to fix it but they don’t, so what can we do?  Well, what we do is remove the client from the schedules and send the owners an email asking them to tell us when they fix it.  After all, we don’t want it failing every day and reducing our success rates when it isn’t our fault.”

Disabling ‘bad’ clients effectively makes the client vanish, as there is no repeating reminder of the fact that the client needs to be fixed.  Without such reminders it is easy to forget about the client entirely, resulting in massive business exposure.

Recycling Backups Early

“We were expecting a new shipment of tapes but they didn’t turn up, so we recalled some of the tapes that were due back soon and used those instead.  They were going to be recycled in the next couple of weeks anyway.”

Recycling backups early results in data that should be available for regulatory and business purposes being unavailable, and can be as bad as failing to protect the system in the first place.

Altering Protection Schedules

“Sometimes there are not enough hours in the night, and with data growth what it is we need to move some of our backups around to start earlier or finish later so that we can fit it all in.  As long as it runs outside of business hours what does it matter?”

Altering protection schedules is a sure way of failing to protect the right data.  Some systems cannot start their processing until the normal business day has ended, others start many hours before the normal business day.

Destaging Backups Prematurely

“We backup all of our data to disk to begin with, then after a week we stage it down to tape for long-term storage.  But our disks are starting to be full so we solve that by staging the data a little bit early.  It’s not like we’re deleting it or anything, it’s still available but just in a different place.”

Destaging backups prematurely significantly increases the time taken to carry out a restore of that data, possibly breaching restore time objectives and incurring business and financial penalties as a result.

Prioritising Failures Inappropriately

“We get ten or twenty new failures each day, not including the ones that we didn’t get around to fixing the day before.  We start with the ones that are easiest to fix and once those are out of the way we’ll move on to the harder ones.  After all, backup is a numbers game isn’t it?”

Prioritising failures inappropriately, by ease to fix rather than importance to the business, often results in the most important failures going unfixed for multiple backup cycles while systems of no real importance to the business are fixed first.

Altering Protection Levels

“So we used to run full backups during the weekend and incrementals during the week but the weekends were so busy we had to change things around.  What we do now is spread the full backups over four weekends rather than one.  Every machine still gets a backup and we’ve reduced the tape usage, so everyone is happy.”

Altering protection levels can change the risk of being unable to restore data if required, and also the time taken to restore such data even if it is recoverable.  This may result in businesses not being able to restore data to meet internal or external requirements.

Ignoring Open Files

“We know that we sometimes miss files because users have them locked open. If we counted every backup that missed files as a failure we’d have way too much to deal with and anyway most of the files are spreadsheets and the like.  The backup software says that it succeeded except for these files so that’s as good as a success for me.”

Ignoring open files may feel like a minor issue but means that business-critical data can be missed during a data protection operation, resulting in unacceptably high business risk.  This situation is made worse by the fact that it is often the business-critical files that are consistently open and hence unable to be protected.

 

 

  

Avoiding the Seven Deadly Sins

Data protection administrators commit the above sins with the best of intentions in an attempt to ensure that they meet their daily protection targets.  However, by focusing on success rates for each day rather than the data protection policy as a whole they cause problems that are less visible, though no less real, than the ones they try to avoid. 

In fact the problems created in the situations above are more dangerous as there are no alerts raised, no reports generated and no knowledge at the business level that these problems exist at all.

To avoid these problems it is imperative that the business defines data protection policies that clearly state items such as backup schedules, retention periods, available windows, maximum days between full backups, etc. to match risk and regulatory profiles.  Clients must be associated with their respective policies, confirmed that their present actions match the policy and constantly monitored to ensure that any changes that take place do not result in a policy breach.

Conclusion

There is a gulf between the requirements of the business and the reality of the operator within data protection that needs to be addressed by both sides to ensure that data protection activities cover both immediate and longer-term backup policy objectives.  By ensuring that both groups are aware of, can monitor and report against such policies everyone can be sure that their actions do not cause inadvertent breaches with the subsequent increased risk profile.  A well-defined and well-understood policy also ensures that items such as hardware and software upgrades, success rates and service level charges can be discussed with reference to a single framework, uniting the technical and business sides of data protection to their common cause of reducing business risk.

 

Author: McDonald, Chief Technology Officer, WysDM Software  

WysDM Software Ltd is exhibiting at Storage Expo 2007 the UK's largest and most important event dedicated to data storage. Now in its 7th year, the show features a comprehensive FREE education programme and over 100 exhibitors at the National Hall, Olympia, London from 17 - 18 October 2007 www.storage-expo.com

 

 

Comments (0)add
Write comment
smaller | bigger

security image
Write the displayed characters


busy
 
< Prev   Next >
[ Back ]