10 Components of a Successful Backup and Recovery Strategy

Backing up your organizations data sounds like a fairly simple thing to do. However, it’s often not until something can’t be retrieved that it’s discovered that the backup strategy was badly designed to the organizations goals, or has been poorly implemented. With organizations increasingly relying on their data and IT systems to operate on and service their clients, this is a level of risk that should be reviewed and minimized.  The ten components below should be kept in mind and approached proactively to ensure that you can restore that file you need when you need it.

  1. Classify your data – When considering a backup strategy, it’s useful to remember that not all data has the same value to you or your company. Losing the company picnic photos or an employee’s music collection versus a database powering your main Oracle ERP system are completely different things and would have equally different impacts on your business, and clients, if the data was lost. To have the most efficient back-up, classify the data into different groups, and treat them differently from a backup standpoint. One classification may even mean that the data is not backed up at all.
  2. Understand your data – Once your data has been classified, it is time to establish a recovery point objective (RPO) and recovery time objective (RTO) for each data class. This will determine the frequency of which backups are conducted along with the extent and method of backup required. The answers to other questions such as what level of security needs to protect the data, how often a restore is likely to be conducted and how long the data needs to be retained for, will also impact the selection of the solution to be put in place.
  3. Don’t forget about mobile devices – with more and more enterprise users utilizing mobile devices as their main device for conducting business, protecting the data held on those devices- from contacts and emails through to spreadsheets, documents, photos and personalized device settings- becomes more and more critical to business operations. No longer does the loss or failure of a device simply mean that only a couple of phone numbers have to be reentered into the new phone; critical data can be lost!
  4. Choose the backup strategy and method – different data sets may require different solutions in order to optimally meet the goals of the business and its data sets. Tiered recovery known as Backup Lifecycle Management or BLM is the most cost effective approach to storing data today. In most companies, more than 50% of data is older, of less value, and should cost less to protect. By setting up the correct strategy, you can align the age of your data to the cost of protecting it.
  5. Assign a responsible party for ensuring successful backups – just because a backup strategy has been implemented, doesn’t mean it’s going to run successfully every time. Contentions, lack of storage media and timing issues can occur and need to be dealt with in a timely fashion to make sure the data is protected. To ensure this happens it’s recommended that responsibility is clearly assigned with making this happen.
  6. Secure your data – The backup data whether that’s held on tape, disk or in the cloud offsite, should be protected both physically and logically from those who do not need access to it. Even for those that are actively managing the backup process, it is often not necessary for them to work with the data in its raw form, but rather they can manage the process with the data encrypted, adding another level of security and privacy. Although the best practice is to encrypt the data while it is in flight and at rest on the backup media, it is often not put in place due to the extra time required to encrypt the data during the backup process and as such increasing the backup window required. Ideally, look for 256 bit AES encryption.
  7. Conduct test restores – it’s always more preferable to find an issue proactively than reactively when there is no hope of restoration of data or time constraints are in place. So conduct periodic test restores of data to ensure that the process is working as planned.
  8. Keep track of your backups and document – documentation is key for control of the process and security around your data. Ensure that the backup process, methods, goals and ongoing operational status are documented both for internal purposes as well as to comply with any 3rd party audit requirements such as FDIC, HIPAA or PCI.
  9. Destroy backup media appropriately – whether you are handling HIPAA, Credit Card or “regular’ corporate data, it is a best practice to ensure that you are sufficiently keeping track of the backup media through it’s useful life all the way through to physical destruction. As common practice and to minimize any data leakage, this life cycle should be documented both from a process perspective and an actual traceable activity standpoint.
  10. Things change, review your strategy and implementation on a regular basis – if there is one thing in business and technology that holds true, it is that change is constant. With this in mind, a regular review of what is being backed up (or not) and verification that the business requirements around the data are consistent should be conducted.

In a world where the volume of data to be backed up is increasing substantially year over year and the complexity of the IT systems is not decreasing, proactive planning, management and execution is becoming ever more important. I hope these ten components to having a successful backup and recovery implementation helps guide you towards tackling that challenge head on.

@ddbrown

Posted in Asigra, Backup, Datavaulting | Tagged , , , | Leave a comment

Colocation – is it just space, power and bandwidth?

Colocation, that outsourced datacenter space, can on the surface appear to be much the same between providers. It’s just space, power and bandwidth, right?

Well, no, not quite.

While the basic services provided by any two given datacenters may on the surface appear the same, how those services are delivered to the client and managed behind the scenes can be completely different. In short, colocation is not a commodity. The infrastructure supporting the facilities themselves can be vastly different from a capacity, redundancy and configuration standpoint alone. When considering partnering with a colocation company, you should think about everything from the physical construction to how they are maintained and managed.

Starting with the obvious datacenter staple, power and bandwidth (or connectivity), facilities need to have redundant feeds from the main power utility with automatic fail overs to backup sources of power from generators and UPS systems through to redundant power feeds to the client cabinet and cage areas. Even the smallest items, like cable management, can tell a lot about how a facility is managed.  When you’re looking at a datacenter, look and see if the cables are labeled, clearly coded and organized. This small thing is indicative of how the rest of the datacenter is run and managed.

Now, you need to be aware of some of the not so obvious differences in datacenters.  Proactive monitoring is one of the top ways to evaluate the value of a datacenter.  To start, look for a datacenter partner that will proactively monitor all manageable network hardware and firewalls 24 x 7 x 365.  Make sure that they also have a notification system to let you know about any potential network or infrastructure outages that may cause a disruption or down time to your IT systems or services.  You not only want someone to monitor the hardware and firewalls, but you also want to find a partner that proactively monitors everything from the environment, to physical security and down through to your specific energy consumption. At Datotel, our systems allow our team to track the current status and overall health of the facilities and client specific environments.  In addition, our data repository allows us to conduct capacity planning, forecasting and what-if analysis to ensure that we’re best prepared to meet the changing demands of the facility.

Datacenter Infrastructure Management (DCIM) is becoming more important these days when considering the complexity of managing many thousands of servers, cables and environmental sensors. DCIM is a new form of datacenter management that is merging facility management with monitoring, capacity planning and asset tracking.  Essentially, this platform now gives the datacenter a comprehensive real-time view of the resources and systems within the facility.  At Datotel, we utilize a comprehensive DCIM platform from CA Technologies that not only provides us with a holistic view into the physical elements of the facility, from the UPS systems down to rack level servers, but is used to help reduce risk and provisioning time as well help with intelligent capacity planning.

Finally, when looking for colocation, the people make a difference.  Do they provide support 24x7x365? What extent do they have technical capabilities to support you? Is just the basic coverage of the environmental factors of the facility, or can they go beyond the basics and assist you where needed with trouble shooting, dealing with carriers, through to strategizing on how to grow your infrastructure?  Look for the extended services they provide.  Can they help you with penetration tests, risk assessments, DR and BC plans?  In addition, if you‘re in a business sector with compliance intensive requirements, such as healthcare, banking or the credit card industry, you will have certain regulatory and legal obligations covered by SSAE16, HIPAA and PCI.  Making sure both the provider and you understand who has responsibility and control over what aspects of the solution and can clearly demonstrate the supporting policies, procedures and practices that are in place is critical.

Colocation has come a long way from just space, power and bandwidth.  Make sure your vendor is a true partner and is up to date on the latest in DCIM, is audited regularly and is someplace well managed with comprehensive support.

@ddbrown

Posted in Colocation, Industry | Tagged , , | Leave a comment

Behind the scenes update

We’ve kicked off a great new year; before another month goes by I wanted to take a minute to thank the loyal support of our clients and the hard work and dedication of the Datotel staff. As I look back to 2012 and we set our sights to reach ever higher in 2013, it’s awesome to recap some of the big milestones that Datotel achieved in 2012…

Have things seemed a little faster lately?

This fall we were very busy behind the scenes at Datotel updating our SANs, Firewalls and Core Network Infrastructure, the completion in late October was a very exciting day for us. What this means to you is higher availability, higher throughput and ultimately, faster service.

SSAE 16 SOC1 Completion

As part of our ongoing commitment to protecting your company’s data, Datotel has successfully completed the SAS 70 process annually since 2006.  This summer, Datotel completed the process of obtaining the updated standards of SSAE 16. This extensive process included risk assessments, penetration testing, third-party audits and a comprehensive review of our disaster recovery procedures and processes.  This commitment to security and reliability should give you the peace of mind that your information is safe and protected.

We’re Watching

In 2012, we enhanced our network monitoring systems which provides point in time visibility as well as historic trending and forward looking forecasting abilities; all allowing us to better manage the health and wellness of your network.

Giving Back As one of our core values, giving back to the community is a priority at Datotel.  This year was busy as our team volunteered or sponsored events with the United Way, Alzheimer’s Association, Catholic Charities, Emmaus Homes, St Patrick Center, St. Louis Area Foodbank and the Shoeman Water Project to name a few. In addition, Datotel was a finalist in the St. Louis Business Journal’s Healthiest Employers Awards and was recognized with a Circle of Excellence award for our work with sustainability during the St. Louis RCGA Green Business Challenge.

2012 is just a beginning as we have even more hope and expectation for 2013. As amazing as 2012 was for Datotel, we know we can top it. Thank you again for your support and looking forward to a fantastic 2013!

@ddbrown

Posted in Community, Company Info, Core Values, Green Initiatives, Managed Services, Security | Leave a comment

Cloud Based DataVaulting

After the recent Hurricane Sandy, I started to play out the scenario if we would be able to continue “business as usual” in the event of a super storm or major power outage.  I’m happy to say that we would be OK, primarily due to proactive planning, risk assessments, disaster drills and our cloud based back-up.  But not every business is that prepared. Forrester recently reported that nearly 40% of small and mid-sized businesses plan to employ a cloud based backup within the next two years.  While it’s great to hear they are preparing to go to the cloud- what are they using today?

In business today, data is king. Access to records, files, data and reports are the backbone of almost every business.  Over the next decade, the amount of data will be 44 times bigger than it was in just 2009 (IDC 2010 Digital Universe Study). And while we depend more and more on our data, data loss can literally shut you down.  A study by the Ponemon Institute showed that 84% of respondents expressed increased concern or anxiety due to the loss of data. It seems unnecessary for businesses today to worry when a solution is available – Cloud Based DataVaulting.

In Cloud Based DataVaulting, you eliminate the conventional notions of changing out tape that were associated with data vaulting of the past. Cloud Based DataVaulting is designed to offer backup efficiencies unavailable with traditional backup architecture by allowing you to store less data — reducing the amount of backup assets you buy, manage and maintain.  This holistic data management solution encompasses traditional and innovative technologies in a single common platform, protecting everything from laptops to data centers. By utilizing the cloud for your backup, you eliminate the need to install, manage and upgrade multiple point solutions to ensure your data is protected and easy to recover.

Besides peace of mind, the advantages of cloud based data vaulting are plentiful.  It’s completely scalable, so as your backup needs grow, you don’t have to implement new solutions or buy equipment, you’ll find improved reliability and speed of recovery, reduced costs, higher security and encryption, more efficient use of IT resources, stronger compliance safeguards and your data is available- regardless of your location.

Before you make the switch to a cloud based back-up solution, there are some important questions to ask: How often is the data backed up?  Is the data compressed before transmission to help reduce bandwidth expenses? Is the back-up done efficiently?  This efficiency means that you are only continually backing up new and changed documents.

I only hope more companies realize the benefits, especially in a time of a major weather event or disaster, of cloud based solutions.  The 84% who are worrying could breathe a little easier.

@ddbrown

Posted in Cloud Computing, Managed Services | Tagged , , , , , | Leave a comment
  • New Look. New Logo!:

    Here at Datotel and the Globe Building, we’ve recently completed some updates that we’re excited to share with you. First, we are excited to share with you the revamped Datotel logo. As our company has evolved and grown over the … Continue reading

    ...more
  • Admin Terms of Use Contact Us