Ideally, alerts should be generated when backups are in danger of going out of window so that work can be carried out to reschedule the backup and keep it within the required window.
Backups Must Be At The Right Level
Backups are often run at different levels on different days, with ‘full’ backups containing all of the data required for a restore and ‘incremental’ backups relying on data from the previous full and subsequent incrementals for a restore. Incremental backups are popular due to the decreased time taken to complete and lower storage requirements. However, there is a subsequent cost on the recovery side as the time and number of tapes required to carry out a full restore increases with each incremental, as does the risk of a bad tape preventing a complete restore.
A policy covering backup levels needs to be put in place within the DPM product that provides details of either how often a full backup should run or of the maximum number of incremental backups can between two full backups. A policy on the maximum number of tapes required for a restore or the length of time between full backups should be put in place and enforced through automated checks.
Backups Must Cover The Entire Application
Backup systems work at the level of the filesystem or server rather than at the level of the application or business unit. An application that can be described in business terms as “the customer web portal”, for example, may actually consist of multiple servers, databases, filesystems, etc. that have no inherent relationship. Unless all of the pieces of each application have been backed up there is a risk that it cannot be restored if needed.
It is important that the DPM product is able to display a consolidated application-level view of data protection. The restore point for the application is going to be further back in time than the last successful backup of any part of the application, but how much further back? If there is a site failure then from when will you be able to obtain a restore of the entire application? Equally important, how long will such a restore take? Due to the often manual nature of restores it is hard to get a highly accurate answer to the latter question, but a good estimate is a very useful number to have.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.