e-fort : The solution for Data Protection and disaster recovery risks
Requirements of an Effective Strategy

The ideal protection strategy is one where all data is constantly replicated to multiple targets (both local and offsite) with multiple logical recovery points and no production system downtime at any stage during this process.

Recovery should, as much as possible, be restricted to only that which requires recovery and should not require a server or service to be completely rebuilt unless absolutely required (as a last resort).

Your data protection strategy should deliver;

  • Minimisation of data loss-related business risk,
  • Multiple snapshot points to allow granular recovery from a known good point in time, or to a specific day/date for evidentiary purposes,
  • Absolute minimal service disruption during all aspects of the protection process,
  • Off-site secondary data storage with both geographic and logical separation from primary data store,
  • Application awareness to maximise efficiency and ensure protection completeness.
  • No change required to the security and access policies of protected systems,
  • Minimise the potential for operator error,
  • Performance that is as fast as the business processes dictate,
  • Scalability to grow with business data requirements.

Point-In-Time Protection (Snapshots)

Being able to take a snapshot of information systems at multiple points in time, and most importantly, being able to recover these snapshots quickly and accurately is of the utmost importance.

While the complete failure of a key piece of infrastructure, such as a server, is often thought of as the main reason why data protection is required, this is only one of the many events that may result in the need to recover data.

Data corruption through partial hardware failure, software bug, conflict or malware infection, data deletion through errant or malicious user activity or theft/loss of equipment can all require a partial or complete recovery of data from a previous state.

Dual-Stage Protection with Off-Site Secondary Storage

An effective strategy should incorporate the following model;

  • Primary protection of critical information systems to a logically-separate resource on your own premises (potentially located outside the main computer room if local facilities permit),
  • Secondary protection which involves the constant replication of data to a secure data storage facility by a secure transport mechanism.

Critical data must be located at a secondary location to ensure that it remains unaffected by any significant local event, such as fire, flood or theft.

Application Awareness

Information within your ICT systems is not all of the same type, and this means that it cannot all be effectively protected in the same manner. Some applications, particularly those that are predominantly single-user and rely on a flat data file, are relatively easy to protect simply by making static copies of the data files. Microsoft Word and Microsoft Excel are good examples of these types of applications.

More advanced business applications, particularly those that support multiple users concurrently and rely on more complex database-driven back-ends, are typically transactional in nature and require a more complex protection solution. Microsoft Exchange Server and applications that utilise Microsoft SQL Server (such as many common finance and ERP applications) are common examples.
 
Collaborative environments like Microsoft Sharepoint further complicate the issue by utilising a combination of flat files and SQL databases to store information.

To effectively protect information systems like those mentioned above, the data protection engine needs to be application aware. In other words, it must know how each application stores and accesses its data, be able to effectively replicate the data, create multiple recovery points and then be able to seamlessly recover the application from a critical state.

Many legacy backup solutions still in place today simply do not comply with this practice. Indeed, some legacy solutions still rely on complex data export procedures which require uninterrupted access to the information system data store.

Storage Media

The most long-standing technology involved in legacy data backup strategies is magnetic tape. Although there has been significant technological progress made since the birth of reel-to-reel tapes in the 1950s, modern magnetic tapes are still burdened by the shortcomings of their predecessors.

Some common problems with magnetic tape media include;

  • Limited lifespan or media,
  • Relatively low capacity when compared to modern data storage requirements,
  • Can be affected by heat, humidity, sunlight and magnetic fields,
  • Linear (sequential) data access,
  • Poor seek/read/write performance when compared to disk,
  • Significant human cost involved with handling and storage,
  • Can be expensive to constantly retire and refresh media,
  • Poor cross-compatibility between devices and media.

In addition to the reasons above, the cost of disk-based storage has significantly decreased in recent years, all but rendering tape systems obsolete. Indeed, most major vendors of legacy backup hardware and software are shifting their focus to re-invent their offerings around disk-based storage, with tape as a secondary or teriary option.

Testing

Many operators of legacy backup systems only discover that their strategy is flawed or their equipment faulty when it comes time to perform an urgent restoration of data.

This can arise because of the lengthy backup and restore windows that are necessitated by legacy systems, in that production systems must be taken completely offline in order to perform effective testing.

Any effective data protection strategy must be able to be tested regularly, without impacting the production environment.

Windowless Protection

If a data protection strategy requires long periods of exclusive access to your production data in order to work effectively, then it can quickly become counter-productive.

Indeed, many legacy systems in use today are configured to ignore large portions of potentially critical data, simply because the nightly time window does not permit complete, effective protection.

Protection of Metadata

In a Windows environment, the file system stores critical information about the data it contains. This metadata includes important information such as the data’s creator, and those users who have permission to access it.

The use of a data protection system that is not able to accurately maintain all associated metadata can easily result in the wrong access permissions being placed on critical corporate data, which can in turn lead to catastrophic results.

Business Continuity

An effective data protection strategy forms the basis of any Business Continuity and/or Disaster Recovery framework.

e-fort can assist in the development of a business continuity plan that addresses the types of risks that your organisation is most exposed to.