Backup as protection of an organization’s valuable data
The vast amount of data generated by the industry, the popularization of virtualization and cloud Backupsolutions generate new challenges in the IT world that require new solutions for data protection. In its most recent report, Gartner predicted that by 2018 40% of enterprises will complement its solutions with additional products or completely replace the systems that service their backup. On the other hand, Gartner predicts that by 2016 less than 30% of all data will be backed up.
It would seem that we are aware of how important that kind of security is for businesses to operate. However, the statistics are relentless. Every year, at least 25 percent of all computer users in the world experience loss of their data. Kroll Ontrack's experts say that in 56 percent of the incidents, the data loss is the result of hardware failure, and in 26 percent it’s human error. This data, as well as Comarch’s experience show how important backup systems are and how far we have yet to go. Business awareness on the need for data protection improves from year to year, but in relation to the amount of generated data it is still low.
The usefulness of solutions for data protection is often questioned, because people look at IT management including backup systems in the context of the generated costs and benefits which are difficult to prove unless something happens. So, when do customers decide to implement advanced backup solutions? Comarch's experience in implementing such projects shows that the most common reasons that determined the implementation of complex solutions in this area include a failure that caused the total or substantial loss of data or the appearance of sensitive data in the enterprise. The loss of such data would involve a high cost of repair or a long period of recovery, which would significantly affect the continuity of the business.
Backup in practice
Krzysztof Pułapa, Senior System Engineer: An example will illustrate the clients’ approach to the topic of data protection a bit more clearly. The example portrays a company in the telecommunications industry, but I know from experience that similar situations take place in companies regardless of their size or industry. A enterprise purchased an application along with hardware to operate its business. The investment also included a backup system. It was one server and a tape library with 24 slots and a single LTO4 drive. The application part consisted of 6 servers in the 3-tier architecture (web servers, application servers, database servers). HA cluster that supported a single database instance was implemented for the database servers. The company did not want to invest in an additional emergency facility, or in spare servers. The system was installed and activated by the supplier and then handed over to the customer. Full backup of all servers and databases was configured to be performed at night. As time passed, the database expanded and after a few years its volume increased more than sixfold. In the meantime, yet another product was purchased which resulted in the expansion of the database cluster by another two databases. All this was being handled still by the one LTO4 drive. The backup time for the first database increased to such an extent that the backup was still running during the day and then the other databases had yet to be backed up, so there was no possibility of making a copy of database archive logs (these are files in which the database archives data changes). And then an accident happened - a transport company employee passing through the corridor with a trolley hit a fire alarm button which caused the power to be turned off in the server room. All servers went offline. After turning the power back on, all servers were reactivated, but it turned out that none of the databases was.
Administrator, after an extensive analysis and attempts to repair them, diagnosed the file systems and databases to be damaged and decided on their cleaning and the restoration of databases from backups. It turned out that the restoration of the largest database from the last backup is not possible, because the power was turned off during the backup of the database. Finally, the database was recreated from a backup of the previous day, but the company lost data from about 24 hours and did not conduct any business activities for another 12h while the restoration was going on. After this experience, a third database server was bought and the Standby database backups were activated. Also, the library was upgraded to a newer model with two LTO5 drives allowing for shorter backup time - a few hours - and parallel back-up of all databases. The next few months were spent in determining what data was lost, and entering it again. The cost of the work performed by more than a dozen people, totaled more than 700h and with lost revenue exceeded several times over the value of purchased equipment.
Backup - comprehensive solutions
It’s not enough to just buy simple backup software or decide to choose data protection in the service model. The issue of backup requires a comprehensive approach within the enterprise. It is essential to choose a solution for the current needs of our business, but also to anticipate future needs in this area. Complex IT environments, which predominate in companies today, require the implementation of comprehensive solutions that allow for the protection of the various elements of the IT infrastructure such as applications, databases or mobile devices. It should be remembered that the implemented solutions - software with the hardware platform - must form a coherent whole. This is the main guarantor of success, which is why modern backup systems used in industry should be characterized by multiple functionalities to adequately secure corporate data. Among the most important features, the following are worth mentioning:
- reliability, i.e. the ability to work in a cluster
- support for a variety of operating systems and applications
- the ability to simultaneously create multiple copies of data
- an extensive system of notifications / alerts for standard and custom events, e.g. information by
- email about the failure of the drive, or a full disk, the completion status of the backup, etc..
- extensive reporting system
- ease of use
- scalability of the system that allows easy expansion for business development
Due to the compatibility of data formats, it is rare that customers migrate from one backup system solution to another. The only such a situation is the migration of the entire IT environment, but that means maintaining two parallel backup systems for some time. This shows that the investment in solutions for data protection is a long-term investment. It is important to carefully analyze it, not only from the perspective of the available budget, but also in context of what and how we want to backup.
Minimize the risk! It's the golden rule that should guide all those who are serious about their businesses. How? For example by regularly investing in backup or guaranteeing backup systems operators access to quality training and technical assistance. And most importantly – cutting back in the IT field never ends well, and can only increase the risk of losing our data.
Małgorzata Zabieglińska, Product Manager, Comarch ICT