Bookmark with:

              

The first and more important thing that an IT guy (and not only him)has in mind , is how to store his system/network data, as to maintain a well organized and protected archive , in case of a disaster or if any kind of attack destroys infrastructures.

Backup however is not a simple procedure. Nor is a procedure that can be done by an administrator without proper guidance. It needs to be planed thoroughly and be done in such a way that it will be able to protect sensitive data , but at the same time provide the availability at any time for the administrator to recover data in hours or at the latest in a day or two.

How to backup

The ways of backing up data vary. It always depends on the amount of network or system load-traffic-amount of data changed per day. For instance if you are a simple user, a good way to backup is to use a recordable media (cd/dvd/usb hdd) to store your data and feel safe if a system or hardware error occurs. If you think that you need additional protection then you can use an encryption program and re-code all data in your media, in such a way so you would be the only person who would have access on it.

Simple user backup

1. CD/DVD disks.
Most users prefer to write their backups in those media as to have access on them everywhere and on every terminal they might be using. However limitations come forth when we are talking about amount of data over 7-8GB, which are not able to be stored on only one disk. Blue ray disks will give an ability for over 20GB , but if we really think about it, when we are talking about simple users, the data in question are videos, pics, mp3s and so on. Usually they could be over 40-60GB!!! Now if you are going to keep a dozen Of DVD-RW to do your job, I have to remind you, that besides the difficulty of trying to find and restore something from them you also have to consider, life time limitation. Most disks of such kind, after numerous times or write/erase are going to give several problems in reading from your drive and eventually a total failure. Add possible scratches, or marks on their surface which might lead to a heavy loss of data. So, try to use disks of such kind only for data that you do not need to change or use so often. Think of it like a permanent storage. Write once and keep it in your library just for safe keeping reasons. What I would choose to store on these kind of media, would be docs ,which are final and not need to access them often (once per year maybe). Avoid pics, mp3s, movies etc. which you will be playing or change often.

2. USB Drives and sticks.

Second case is about using USB external drives. Some of them can reach up to 250GB of data storage. This is a good way to store multimedia data (movs, pics, mp3) which are going to give you a moment of pleasure while being at work or at home. Backups are easily made on these disks. There is plenty of space on them and they are easy to be carried around and have access to them wherever you want. They are now quite fast in speed data transferring and can be a major assistance when we are talking about backups.
So what is wrong with them? Well 2-3 things are possible to happen so I think I should mention them. First is that the bigger the disk is, the larger the amount of data you are risking. As all HDDs those drives can easily fail and give you a much harder time to restore data from them. Especially if it is a USB stick then you can forget everything on it, if it fails.

Second… they are very good items to steal!!! Imagine an external drive of 1-500GB of data available (out of the box - plain sight) to any malicious person who can lay hands on them. Some USB sticks of 512MB offer a biometric or encryption protection but there is nothing out there for a 120-500GB external USB drive. Be very carefully about leaving them in open view and go out when you are in office or other public place. External USB drives almost every time, contain highly sensitive and personal data. From personal pictures or even contracts worth a lot of money.

3. Images of HDD.
Although they are the “new fashion” of backing up data … I really hate them. Most users prefer to use imaging drives as it is a very fast way to backup. However if the image gets corrupted into a single reading sector … then you are done!!!!

Second disadvantage is that you will have to restore the whole drive, just to get a single document or other digital file, since there is no indexing in images. Imaging first become available to co-operations which wanted to install and maintain multiple terminals without having to do a number of repeated actions for customizing procedure to each and every comp in their network. They used a single HDD which had all appropriate specs and drivers for their systems and then install the thing over network. Software Companies however thought that this is a nice solution to simple users to do it clean and fast. Believe me, there is nothing more frustrating than facing a corrupted image with all you’re backed up data in it, not being able to restore or even retrieve specific files from it. My advice? do not rely on it. Keep an image just in case but do not consider it as you main backup solution.

Network backup.

Taking under consideration that there are many administrators who visit our site, I am going to try and provide some advice on how to estimate and how to provide a viable solution when it comes on backing up data in a networking infrastructure.

Backup Specs

The purpose in any network is to have all sensitive and important data maintained according to the “classic triangle” of CIA (Confidentiality-Integrity-Availability). So selections on which data should be stored and who would have access on them is an issue that no admin alone is able to handle. Managers and users tend to exaggerate and if asked (about which data to backup)they are going to say…”We want them all”… and of course done by the admin only and without their participation on this.

THIS IS NOT POSSIBLE TO HAPPEN!!! Make this very clear in management first and then to the personal of the company. Such a demand would need a huge digital library to keep. If for instance total backup data of the company terminals and servers , reaches up to 1Terrabyte , then you are going to need at least 10-100Tera storage area , just for a period of one month. Present this to your management along with a cost estimation to such a task and you will soon find out that they won’t bother you again with those demands. The question still though remains. What to backup? My experience showed me that you will need to create a plan on which data , how and when to backup.

A simple way (not applying to every case) is to follow the next procedure.

Make a weekly program of the working days and arrange those weeks in a monthly schedule.

So in plain words… You will get a full data backup in Monday and Thursday , preferably at the end of the working shift.
Set “verify backup” option and for days Monday, Tuesday, Wednesday use tape no1.
For days Thursday, Friday use tape no2. This will give you the benefit of having an option if one of two tape fails.
Every end of the week , get a fully archived backup of almost everything you have chosen. From PST files on users terminals to Mailbox Information store, Library Data, Drivers, Documents… almost everything!!!! This special archived tape should be protected with a password and if possible an encryption that only you (the admin) and the management will know. Do not reveal it to anyone! This is your digital treasure. And as such treasure it should be kept in a mail or bank deposit box, physically allocated away from your building.

Mark these tapes like week1-week2 and so on for at least 6 months (6x4=24 tapes). Remember that this limit of 6 months is only an example and may decrease/increase depending on the parameters I mentioned at the start about traffic/data/availability.

One very important hint… install a box as an isolated (no network)server to test on it. It does not matter where it would be as long as you would be the only one accessing it. Once a month, get a random tape from the weekly archive and try to start a restoration procedure. This will give you a nice precaution measure , as to make sure that your backups are ok and you will not face a damaged data archive when in need to restore. Do not forget to do this. “Verify backup” option is not always working well and logs do not always appear if something goes wrong , when backing up. Restoring data on an isolated server (no network) is going to ensure that your backing up job was well done.
At the same time , when asked by a user or manager to restore a file , remember that you will be able to do it , if the file was unchanged for the last 2-3 days (depending on the tapes) at that same time, or if needed ask for a day or two to get from the remote deposit box the tape and restore from the weekly backed up archive.

Availability.

This bring us to the next phase which is availability of the restored files to the users/managers. Most of the times , users tend to change, delete or in any way change documents in wrong ways. Their first attempt is to close the document and try to restore it , by re-opening it again, with no obvious results of course.
Their next step is to call you to recover if possible or restore it from a backup. These are now the things that you absolutely need to mention to them. Backing up files in a network , means that it is being done for a pre-defined directory in their computers and not for their whole drives. Usually everything contained in “Documents” or “/user dir” is backed up. Nothing however is taken from Desktop directory. So if they choose to save their files there, then there is no copy to restore from backup.

MAKE THIS VERY CLEAR TO THEM… TRAIN THEM IF YOU HAVE TO.
NO FILES ARE BACKED UP , if are not in specific and pre-determined directory on their comps.

Same goes for their mailboxes. TRAIN THEM to use .PST files. It is safer , it is faster and easier to restore and backup. They can have as much space they need for their mailboxes and of course have a special backup if Exchange or other mail server fails.

So no1…. You are only to restore , what is contained in their pre-defined folder ,set to be archived.
No2…. Backed up files are several hours or days old. You are going to restore the newest taken, but the closest it will be , is at least since last night. All changes from that point on , are not there.
No3… Restoring files might take from 1 hour to 1-2 days. Do not promise instant recovery. You do not know when the file was last accessed or backed up. Restoring a file takes some serious time.

Lost emails

Why a separate chapter for them? just from my experience. 90% of the "trying to recover" case would be a lost email from their mailbox (PST) file , erased accidentally. However restoring a mail is somehow , tough case. Especially if there is no PST file taken.

If you do have a PST taken… when recovered the PST file, do not overwrite it on the users existing one. This might cause a loss of the new ones arrived (period since last erased mail message), into his mailbox. Move the restored PST to an alternative directory on their hard drive, under another name. Locate the mail lost and move it , to the existing PST (original one on HDD). Then close and remove/delete the recovered PST file. Tough process but since I run into it , too many times it would be a nice job for an admin to know it, via teh easy way.
What happens now if there is no PST file?... Besides of making it VERY CLEAR TO THEM , that this is to be done for the LAST TIME!!! (cause of the parameters i mentioned before), you can proceed if the email is very important (e.g. contract) to a full restoration ,on the stand alone server and from there with proper actions locate the users mailbox and retrieve their lost mail to a PST file as to input it to their mailbox. However restoring a Mail Server with mailboxes , is a highly advanced task and I recommend to have an expert helping you on this one.

PHYSICAL DISASTER - RECOVERY.

Last case but very possible to happen is a possible natural disaster. Fire, flood, earthquake , etc. are not something that you can predict and shutdown machines or have time to backup. You wake up in the morning and in the news , is announced that your company is a bunch of ruins now. If you have not pre-scheduled this with a consultancy team , on how to recover and what to do now, you are sure going to face too many problems. Your first action as backup operator is to call your manager. Ask him for a server or terminal , even in your management’s home as to have a place to restore data.
Get proper hardware and last tape from that deposit box. Restore everything. Most possible thing is that your DNS and MAIL server will be offline and several other things won’t work well. But you will have all documents and PST files saved and accessible to your employees.

Conclusion.

So backup is not just a procedure for saving data. It is a highly advanced method of storing, archiving, provide data availability and the creation of a security feeling to your network.
It is a method not to be taken lightly and of course , not to be done in a simple and plain way. Backing up data is something as important as maintaining or building a network and of course demands planning and enough skills to organize.

I hope this helps you out..............