Backup and Recovery Basics

No matter how large or small your business is, databackup and recovery needs to be a vital part ofyour IT planning. From basic tape backup to complex multiserver SAN environments, many technologiesand techniques are available to meet the needs of corporatedata-protection administrators. However, the core conceptsand best practices of data backup and recovery apply toevery computing environment.

One important first principle is that a backup andrecovery plan is not a replacement for a disaster recoveryplan. A backup and recovery plan defines a business's databackup and recovery needs and specifies the workflow thatmeets those needs. A disaster recovery plan defines howthe business will get back up and running after any kind ofcatastrophic event. Data backup and recovery is part of adisaster recovery plan—not a substitute for one. (To walkthrough the steps of creating a disaster recovery plan foryour business, see Ben Smith, “Surviving the Worst,” June2005, InstantDoc ID 46289.)

Let's look at the fundamentals of building a backupand recovery plan for your organization. Then, I'll take youon a quick tour of the most popular backup and recoveryhardware.

Start with a Plan
Typically, the first step in backup and recovery is creating abackup and recovery plan. However, for most businesses,the actual first step is determining what funding is availablefor implementing data protection. It does little good to createa detailed plan that you can't afford to implement. If fundingfor backup and recovery isn't a problem for your business,than you're already at step two—creating the plan.

Regardless of how simple your backup and recovery needs are, a written plan is a necessity. In any business larger than a sole proprietorship, the possibility exists that the person who knows how to back up data or recover lost files won't be available when he or she is needed. (In an enterprise-class business, that's not a possibility—it's a guarantee.) A detailed written plan that describes how data is backed up and recovered guarantees that you'll be able to recover data when you need do, regardless of your IT staffing circumstances.

Two Plans in One
I've been referring to “a” plan, but in reality, your data-protection strategy should comprise two separate plans—onefor data backup and another for recovery. Depending upon how complex your business is, the plans might be simplesets of instructions that describe how to back up and restoredata in one location and from one or two applications, orthey might include multiple sets of conditional instructions for backing up specific data in certain locations, fromcertain applications. Both plans in your data-protectionstrategy will depend to a certain extent on the software andhardware you've chosen to meet your business's backupand recovery needs. “Designing a Backup and RecoveryStrategy,” on page 49, outlines the steps to building a dataprotection plan for your organization.

The backup plan. Your backup plan needs to include a mechanism for ensuring that each backup will be initiated and completed. Similarly, the plan should identify a process for confirming that backups are capable of being restored. All plans should include a process for backing up new systems so that they can be quickly restored to a baseline configuration. The entire backup plan should be available as a complete set of instructions that provides the hands-on guide to your backup process.

The recovery plan. Recovery plans are necessarily more complex than backup plans. All recovery plans need to describe common recovery operations: for example, how to restore a single file, how to restore a directory, how to restore an entire computer. In more complex environments,recovery plans should specify system dependencies andthe order in which systems are to be restored. Bringing uprestored computers in the wrong order will keep applications from running correctly.

A common question about data recovery is whetherend users should be responsible for their own backups.Typically, giving users backup responsibility isn't a goodidea (beyond configuring your network backup to protecta user's home directories). However, many backup andrestore applications give administrators the ability toconfigure the system to give end users limited recoverycapabilities. Generally, user-restore capabilities areconfined to individual files or user directories; IT still maintains the responsibility for more complex restoration tasks (and documenting these tasks needs to be part of the recovery plan). Restore capabilities won't necessarily be provided to all users, so you need to document the policies and procedures for users to whom you don'tgive the ability to self-restore.

Backup and RecoveryHardware
Traditionally, the basic backup hardware istape. Simple, effective, and inexpensive, tapeis still a viable option as the primary backupsolution for many companies. The speed atwhich data is written to tape is the limitingfactor in tape's effectiveness; although tapedrives continue to become faster, they remainthe choke point for data backup. Only so muchtime is available for live data to be copied totape before other demands on the data or thenetwork make the backup process untenable.In a business operating 24 × 7, the window isusually exceedingly small, and that bottleneckcan become a significant problem. But even insituations where tape isn't the optimal choicefor live backup, it remains the medium ofchoice for offline backups.

Gauging Capacity
Keep in mind that the amount of backup storage you need doesn't have to equal the totalamount of storage on your network—it needsonly to accommodate the amount of datawithin that total that changes. For example,your business might have half a terabyte ofstorage in use on its network, but the majorityof that data is likely static, with perhaps lessthan 5 percent changing on a daily basis. Inthat case, your backup solution needs to beable to regularly accommodate not 500GB butonly 25GB, a capacity well within the range ofevery enterprise backup solution.

Although backing up a 500GB data set totape is inexpensive, restoring a single file ordirectory from somewhere within the twentyor more backup tapes containing that 500GBof data can be difficult. Usually, the file ordirectory to be restored will have been recentlymodified, which means it will be found in oneof the tapes in active rotation, not in offsitearchives. This situation reduces the time ITmust spend to find the data to be restored, butit doesn't eliminate the necessity of using ITresources.

Alternatives to Tape
Current backup technologies are moving inthe direction of disk-to-disk online backup—afaster, more reliable, and more secure mediumthan tape. In this environment, data is copiedfrom its primary storage location to an onlinehard disk system. Data can be transferredacross the network or over a dedicated storagemedium such as a SAN, depending on the corporate need and computing environment. Youcan move the data on the secondary hard diskstorage to offline archival storage or, if capacity is large enough, leave it on the secondarystorage. Most organizations will undoubtedlymove data to tape to allow for off-site storageof data as part of their disaster recovery plan.Disk-to-disk online backup solutions are moreexpensive than tape-only solutions, but entry-level prices are reasonable enough that evensmall businesses can consider these solutionsas part of their backup strategy.

If you choose a disk-to-disk solution asyour primary backup mechanism, you'll needto take into account the additional strain thesolution will place on your network backbone.Although it's unlikely that you'll seriously tax a100Base-T or Gigabit Ethernet network whilewriting to a tape device, using disk-to-diskbackup means that you can be writing dataacquired from multiple sources at speeds thatcan exceed the available bandwidth on yournetwork. In this case, you need to be careful inarchitecting your network. Dedicated networkconnections between servers and backupdevices might be required to get the most fromdisk-to-disk backup tools.

For small businesses, businesses with lotsof mobile or remote users, or businesses withmany distributed locations, a nontraditionalbackup methodology worth consideration isthe Internet-based backup service. Internet-based backup service providers install a small piece of client software on the target computer(which is any server or client you choose).You then determine what level of backup yourequire (e.g., file-level backup, folder-levelbackup, machine-level backup) and configurethe client software for the appropriate level ofprotection. Once the protection is enabled,you can perform a restore directly from a Webbrowser console. You can grant users whosemachines are protected the ability to performrestores in the same way.

The most significant downside associatedwith Internet-based backup technology is thelack of Internet bandwidth available to manyremote or distributed sites. Many businessesopt for cost-effective business cable modemor DSL service and forget about the asymmetric aspect of the connection; they might begetting 6MB download speeds, but the uploadspeed is well under 1MB. Consequently, ifusers of the backup service elect to protectentire computers, they will be attempting topush a huge amount of data through a verysmall upstream pipe. To get the most out ofInternet-based backup, initial configurationsneed to be staggered and backups scheduledto take place when there is no other use of theInternet connection for an extended period oftime.

Although it's less of a problem, restoringlarge amounts of data over the Internet canpresent difficulties. A definite limit exists tothe amount of data you can pull down fromthe backup service servers. Consequently,many service providers offer delivery of complete backups on DVD or tape, which can be aviable option if you don't need the backed-updata immediately.

Data Recovery Integration
Backup and recovery processes need to beintegral parts of the IT work flow. Starting witha basic needs analysis and delivering a backupsolution that accommodates the amount ofdata that must be protected and provides forworkable restoration processes, IT administrators need to develop a set of practices andprocedures that create and maintain a reliable,secure data protection environment. Settingstandards for backup and recovery and abidingby these documented guidelines can preventmany of the problems with data recovery thatadministrators too often discover when thereis no time to find solutions.