This is the first in a series of posts discussing disaster recovery or business continuity planning for SMBs (small to mid-sized businesses). Today we're going to talk about backups.
What is a business continuity plan (BCP)? Businessdictionary.com defines it as:
Set of documents, instructions, and procedures which enable a business to respond to accidents, disasters, emergencies, and/or threats without any stoppage or hindrance in its key operations. Also called business resumption plan, disaster recovery plan, or recovery plan. See also business continuity planning.
Up until a few years ago we called them disaster recovery plans (DR), but CEOs were probably frightened enough by our worst case scenarios that they didn't also need disaster in the name of their recovery plans.
On-Site Technical Solutions provides free disaster recovery audits for businesses with more than 10 devices.
On-site Backups Are Not Enough
For small businesses the easiest and probably most important component of BCP is a backup of network data for the business. I don't care how you do it, but you must backup your data and keep it current and stored off-site. Ideally far enough away that a natural disaster will not destroy the existing network and the backup.
Even if all you're doing is backing up your data (weekly) to an external hard drive and taking it home. If the correct data is backed up, this at least creates the opportunity to recover from anything that happens at the office that doesn't affect your home. The most that will have been lost is one week of work entered into the network.
A valid on-site backup (not sent off-site) will allow recovery in case of
- A hardware failure
- Virus or other malicious activity
- A localized flood (as in localized to the network hardware but not affecting the backup)
- A localized fire (see 3).
- An earthquake, flood, tornado or other act of nature
- Fire
- Employee theft and sabotage
Like exercise regimens, the best backup process is the one that will actually be used. Once setup and configured, a good online backup process can almost be forgotten until needed. Almost.
The beauty of online or Internet backups is that they run automatically in time-frames selected by the business and also automatically store the data off-site in real time. These backups are also an example of cloud computing, which we talk about in other posts and documents. How a business utilizes cloud computing will also affect the way the business backs up data.
Ensure that any Internet backup vendor storing business backups is using at least a Tier 3 data center. In reality they should have multiple Tier 4 sites for redundancy. Anything less than multiple Tier 3 sites will not be providing sufficient insurance, protection and guaranteed uptime for Internet backups. As the market for online backups continues to expand, the difference in price between products using Tier 3 and Tier 4 data centers is becoming negligible or non-existent.
From Wikipedia:
| Tier Level | Requirements |
|---|---|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
At On-Site Technical Solutions we use a handful of vendors that have tools to manage multiple backups for our customers and price breaks for bulk storage. We include the cost of as well as the management of backups in our managed services offering. Our tools are typically not cost-effective for single business backups.
Here is a table with some of the more popular backup vendors. We have not confirmed the types of data centers used by any of these vendors, their customer service or how well their interfaces and scheduling work. Pricing for backing up SQL or other types of databases including Microsoft Exchange Server will probably be more.
Vendor
|
Annual price - Multiple devices & data size for 1 Year
|
| Carbonite | $229 for 250 GB |
| SOS Online Backup | $299 for 175 GB |
| Mozy Pro Desktop | $3.95 per month per desktop + $0.50/GB per month |
| Mozy Pro Server | $6.95 per month per server + $0.50/GB per month |
| iBackup | $499.50 for 50 GB |
| Crash Plan Pro | $349 for 100 GB |
Using the right vendor and creating the backups per that vendor's instructions will mean that a business will be able to take that backup and load it onto any hardware with the applications loaded to use the data. It will not include the applications - that's a completely different article! Not included here are cloud data services like Dropbox because they do not include sufficient automated tools for backing up and restoring data.
Configuring And Managing Backups
Backups should run at least every day that the business updates data. As an example:
Acme Manufacturing typically updates data Monday - Saturday from 7am to 6pm, although some employees may work late or on weekends. The backup is therefore configured to run late at night seven days a week. This ensures that if someone does work outside of normal hours, their work will be backed up off-site.
This also means that if Acme has a hardware failure late in the day on Tuesday, the last backup was the late-night Monday backup. Everything entered on Tuesday will be lost and employees will need to recreate that data. If this level of risk is not acceptable, additional backup steps must be taken, from 15-minute snapshots of data to 100% mirroring and real-time replication of data. These additional steps can be quite a bit more expensive and require a higher level of technical expertise to manage than the daily online backup.
Versions of the backed up data should also be kept so that, for example, a version of a file can be restored from last week that has been updated/modified and backed up daily since then. The ability to maintain a version history will vary by vendor. More complicated version control schema may increase the cost of the backups.
If Acme is using cloud-based applications for email, CRM, line of business as well as accounting and finance we will be backing up cloud data rather than on-site network data. Backing up the cloud data may be less critical than on-site data depending on the cloud vendor. Most of the standard online backup vendors do not backup cloud data.
The backups should be checked at least weekly, but preferably daily. Again, checking them weekly (or even less often) is simply a higher risk. Every technology decision is a business decision. The best decision produces the highest return at the lowest price with the lowest risk.
Restore Tests And External Hard Drive Delivery
In addition to confirming that the backups are completing successfully we conduct quarterly data restores from the backups. We don't restore the entire network, but a subset to ensure that we actually can if we do need a restore for any reason.
If large amounts of data are backup up online the business will want to ensure that the backup vendor will overnight a hard drive with backed-up data in case of a failure. Attempting to download many gigabytes or terabytes of data can be an extraordinarily time-consuming process.
Coming up: How to put a plan on paper including naming those accountable for activities in the plan.
Visit On-Site Technical Solutions for information on how you can move to Google Apps or other Cloud Computing applications. Call us for all of your network computing and business IT needs. We can also help with your data security and mobile computing. Follow us online below. Call or text me at 1-949-212-2168.
Coming up: How to put a plan on paper including naming those accountable for activities in the plan.
Visit On-Site Technical Solutions for information on how you can move to Google Apps or other Cloud Computing applications. Call us for all of your network computing and business IT needs. We can also help with your data security and mobile computing. Follow us online below. Call or text me at 1-949-212-2168.
No comments:
Post a Comment