Share this
by Sean Curiel on Sep 6, 2017 5:00:13 AM
You’re feeling pretty confident about your backup strategy. You’ve carefully considered what data is most important, how often it changes, storage availability, and how fast you’d need to recover. You’ve looked at every angle, studied backup strategy creation, and gone through the process of configuring backup jobs, data retention, and reporting to the best of your ability.
Your backup jobs are working, and you have data being sent offsite to adhere to the 3-2-1 backup rule. You understand and have carefully documented the restoration objective of your important data and machines.
Everything should be smooth sailing. You think.
While you may have thought about a number of scenarios, have you played a little game where you assume the worst? Just like in Game of Thrones, you need to consider every morbid possibility for hardware, software, and even personnel. I’m not saying the printer is out to kill you, but maybe it is… ;)
Let's Play a Game
Let’s cut through a couple of worst-case scenarios when it comes to dealing with backups.
- A NATURAL DISASTER STRIKES
A hurricane, flood, fire, tornado, earthquake strikes, or a car crashes into your building at the perfect spot to hit the servers:
- How and where will you recover to?
- Do you have any financial/regulatory exposure?
- What does insurance cover? - YOUR COMPANY FACES A ROBBERY SITUATION
Thieves get into the office and clean it out:
- What authorities need to be contacted?
- How do you determine if any personnel were involved? - YOU ARE HIT WITH A RANSOMWARE VIRUS
Ransomware or Malware removes access to data:
-How will you determine how deep the infection goes?
- How did it gain entry?
- How can you recover and make sure that there are no remnants of the infection on your network?
- Do you have any financial/regulatory exposure? - YOUR DATA STORAGE COMPANY GOES OUT OF BUSINESS
Your offsite location or vendor closes shop
- What happens to the data that is offsite already?
- What is your next quickest option to get data backups offsite?
- If you can’t access that data do you have any regulatory exposure? - NO IT SUPPORT IS AVAILABLE
Your entire IT team including yourself is incapacitated or eaten by zombies
- From a company perspective, business must go on. Will the documentation that you have produced be easily interpreted by another competent IT group? - MANAGEMENT MOVES TO THE CLOUD
Key stakeholder quits and the replacement wants to put everything in ‘the cloud’ and dictates that nothing will be on-site and everyone will use iPads for everything!
- Assuming that this is not even feasible in your business and you cannot convince management any differently, you should have something in your backup plan for how to react.
Now that we have you thinking about the extremes, let’s schedule those activities that must be on the calendar to keep us regularly improving upon our backup strategies:
1. Doing a full re-inspection of the backup strategy annually
2. Updating the backup strategy quarterly
3. Testing full recovery of business-critical services/data quarterly (Schrödinger’s Backup concept)
4. Testing full recovery of the entire site annually
5. Rotate used media out at half mark from manufacture warranty
6. Reevaluate cloud storage usage annually
7. Reevaluate storage needs for backup usage annually
It might seem silly to consider morbid or wild scenarios, but data loss is no laughing matter. If the actions leading to data loss came in an expected, straightforward manner, then nobody would lose data. Stay watchful, expect the unexpected, and build it into your backup strategy.