Time to restore from backup: Do you know where your data is?

You’ve got a regular backup regime, but now it’s time to restore. But do you know where your data is? And can you access and use it?

This should be well-understood IT and data infrastructure practice, but sometimes the obvious needs to be restated.

So, given some recent data loss events, such as at Gitlab and the Australian Tax Office, it is time to revisit some fundamental backup topics.

Some will say the creation of backup or protection copies is more important than restoration, because if you don’t have something from the past, how can you recover in the future?

Others will say that restore is more important and should be the focus. If you can’t recover, why have backup or point-in-time protection copies?

Protect and restore is a chicken-and-egg kind of thing. Without a protection copy (backup, snapshot, CDP, version) from a point in time, what do you have to restore with?

Likewise, if the focus is on making a protection copy, how will that impact or enable subsequent restore or resume activities?

Let’s add another element to the equation to provide some balance between protection and restore – management and testing.

What good is recovery if you don’t know whether protection copies contain what is needed and are consistent and readable?

Part of managing backups and restores includes testing to make sure that what you think is being protected is, in fact, consistent and covers the desired data.

This means ensuring that intended data is, in fact, contained in the protection copies. It also means making sure security copies (and backup data) are consistent with a particular point-in-time that it can be read from, and that it is saved to some other media.

Testing also means going at least one step further – to move beyond restoration to ensure your applications can use the data.

You might be able to check the box saying data was recovered, but what happens when an application tries to use the data? Are security certificates, permissions, access control and decryption applied? Is the software that packaged or formatted the protected data also available? Can you randomly test different protection copies at various points-in-time to meet recovery point objectives (RPO) and restore to an alternate location for complete testing without causing a disaster?

Managing restores also means having insight and awareness into what is working, as well as what is not working.

For example, it means knowing whether protection copies are being made on time and include relevant data to comply with RPOs, RTOs, SLOs and other service needs.

Having insight and awareness also means knowing what resources you have. This includes servers and storage as well as applications and systems to protect them, along with Copy data management (CDM).

CDM, along with reporting and insight management tools, can also help provide awareness of how many copies of data you have, where they are, and what type and versions exist.

Key backup and restore tips:

• Remember the 4, 3, 2, 1 formula, which is an extension of 3, 2, 1 (aka grandfather, father, son or, if you prefer, grandmother, mother, daughter generations). This states that there should be at least four copies of protected data, with at least three or more versions (points-in-time), of which at least two are on different servers, storage, media or systems and, and at least one of them offsite (online or offline). 

• Apply data footprint reduction, including compression, data deduplication and other techniques at the source, as well as the target destination. 

• Review your data protection strategy, including what you are protecting, when, where, why, how often, for how long, what is protected, and to what granularity (full, image, file, object, database). Keep in mind that everything is not the same within datacentres, the data infrastructures, environments, organisations or even applications. Don’t expect to treat all applications, data, settings and configurations the same when it comes to data protection. 

• Gain insight and awareness with tools that can provide analytics. Automate the functions to discover as well as display the number of backup copies, various versions, where they are located, retention, disposition and other policy information.

So, when asking which is more important, backup or restore, I say testing and management is at least as important. What good is a restore if you don’t know if the data protection copy is good?

What good is restored data if your backups, snapshots, replicas, and so on are corrupt, damaged, infected or at the wrong point-in-time? With world backup day on 31 March, when did you last do a test restore, and when will you do another one to verify if everything is complete?

The final thought and question before we wrap up this discussion is: keep in mind that only you can prevent data loss. .............................. ................................................................................................