We as humans live in a very dangerous world, full of unexpected risks. Now imagine a world, where danger hides around every corner, you can’t make any mistake, otherwise, you are gone. In the world, I just described, live all of your company data. You can influence this world by providing your data with adequate protection. The First step is creating a comprehensive backup strategy. In this article, I will guide you through points you have to have in mind while creating your organization’s backup strategy.
What is the backup strategy?
A backup strategy is a tool, you as an administrator can use to make sure all essential data in your organization is protected. That is one sentence explanation, but let’s dig a little deeper. A backup strategy determines which actions to take in case of a disastrous situation. These actions serve you to ensure your business’s continuous performance. To prevent losing precious data, you’ll need to back it up regularly, store it securely, and know-how to recover it in case of a disaster or any event of failure.
Why do you need to back up your data?
But what kind of failure can happen to you? Well, we would say – infinite list – but the most common are human error, hardware failures, cyberattacks, natural disasters. We have described them in our 6 common threat vectors and how to protect against them article.
What data you need to protect
Together with your organization growth, grows the number of devices, services, and generated data. You should determine what kind of information is the most crucial for your organization. Simply – which data you need to keep your business working. Then, create a backup plan that will include all critical data from your endpoints and servers.
Don’t forget to include in your backup strategy all SaaS services that provide your business with useful features and…generates or store data. Do you use Microsoft 365 suite (former Office 365)? Consider Exchange, OneDrive, and Calendar backup.
That’s a lot of data you need to backup already. There is one more thing to remember. Your co-workers probably use more than one device to work – remember to protect them all.
All the data you’ve chosen to be backed up need to be stored somewhere. This somewhere is your choice, but first, you need to know a few things about available options.
Backup storage
There is a very wide list of storage possibilities – local, cloud (public or private), hybrid or multi-cloud – just to mention few. You need to consider which option is the most accurate and efficient for your organization.
- You can make backups locally on various storage devices, including local servers, USB disks, NAS (Network Attached Storage), or SAN (Storage Area Network). Locally stored backups are fast, convenient, easily managed, maintained, and secure. However, local storage is sensitive when it comes to physical threats and natural disasters, i.ex. flood or fire. Additionally, if all servers and devices are kept in the same place you can lose access to all your critical data.
- You can also send you backups to the cloud (public or private) – including Azure, and AWS. Cloud-based backup storage is a more flexible and affordable option, and definitely more safe one – there is barely any possibility to lose backups from professional and redundant data centers. Those providers are resistant to any physical damage. Minus? You need to have a stable and fast internet connection for backup to perform adequately fast as in case of local storage.
Each solution has pros and cons, so choosing the best one for you might be tough. How to make a decision? Listen to the old but good one, the 3-2-1 backup strategy.
The 3-2-1 backup strategy stands for:
- Having 3 copies of your data.
- Having them stored on 2 different storage types.
- Having 1 copy of the data offsite.
While choosing where you want to store your backups, you also need to have in mind RTO’s and RPO’s, because they may vary when it comes to data storage.
Recovery Time Objective and Recovery Point Objective
A good backup strategy has to have a well-thought disaster recovery plan that will eliminate downtime and guarantee business continuity in case of any event of failure. What you need to do first is to define the two most important parameters – Recovery Point Objective (RPO) and Recovery Time Objective (RTO). What do they mean?
Recovery Point Objective defines what is the maximum time that you are willing to lose data from, in case of an incident. It can vary between various systems in your company, for more critical data, you might want to be able to recover data from no more than an hour ago. But for less important systems the 24h period for RPO will be sufficient enough.
Recovery Time Objective defines how fast you can recover your data, to get your systems working as they were intended. To shorten the RTO, you will need faster storage, faster network, and overall more expensive technologies. But it can help your company minimize losses that come with your system being down.
Few more things to have in mind while creating backup strategy
While creating your Backup Strategy, you will also have to consider, having your backup scheduled for your needs. You probably want different priority data, backed up at different schemes. Creating a backup schedule correlates very closely with how you set your company’s RTOs and RPOs.
Another thing you need to have in mind is how long you want to retain copies of your data, and how many versions of them you want to keep. Whether you want to keep copies for a year, or a month, you need to have it thought out.
Many factors are influencing what your backup strategy should look like. And you probably don’t want to worry about running those backups with all those factors in mind all the time. So it might be good to create backup plans that will run according to your set schedules, and take care of all factors that might clutter your head when it comes to data protection. Your backup solutions should enable you to set a backup plan once (or choose a predefined one) and chill out knowing your data is protected, accessible and recoverable.
Testing your backup
So you set up your backup plans, probably performed a couple of backups already, and you think your data is secure. And now a disaster strikes, all your data is gone, but you have a backup. Surely you can recover all of it. But you made a small mistake while creating a plan, and your data is now impossible to recover.
All of this can be avoided if you test your backup regularly. Make sure your recovery process is working properly in controlled conditions. So when a disaster happens you will be ready to recover your system properly.
Creating a backup strategy with Xopero
In the Xopero ONE Backup&Recovery solution, you can create automatic, policy-based backups.
Choose data and devices you want to protect, storage(s) where you want to keep them, and backup execution manner. Add many devices to one plan or one device to many plans. Take advantage of a wide range of enterprise-class features that let you easily customize your backup policy.
And here are some of those features, you can use to meet your company’s backup plan needs:
- Physical environment and SaaS backup: protect your Windows, Linux, or macOS-based devices (endpoints and servers) or take advantage of the most intuitive Microsoft 365 backup (former Office 365 backup)
- Smart File or Image Backup: schedule automatic file-level or image-level backups (full, incremental, differential) whether you need to protect chosen data or the entire system.
- Set it and forget it: set your plan once and the backup will perform automatically according to defined schedule, retention, and frequency.
- On-premise or cloud storage: local, SMB, NAS, AWS, Azure, or all – use your local or/and cloud storage, safe money, and do not invest in additional IT infrastructure.
- Flexible Versioning and retention allow you to easily adjust versioning and retention settings according to what you need. Store all versions, define the number of copies, or the time a given copy should be kept to optimize storage capacity. GFS, FIFO – choose your rotation scheme.
- Military-level encryption: to encrypt your data we use different alterations of the AES algorithm. The time needed to perform a backup will wary depending on whether you chose to encrypt your data using OFB 128, OFB 256, or CBC 256 version of the AES algorithm. The last one of those being considered, to this day, unbreakable.
- Multiple recovery options: almost instantly recovery of chosen files or entire systems. Both physical machines or Microsoft 365 data. Take advantage of Smart Disaster Recovery technologies and granular, cross-user, point-in-time recovery features.
and much more…