The terms backup and Disaster Recovery (DR) are often misused and misunderstood when discussing the growing need to protect data and IT systems. As security breaches become more commonplace it is important to understand the difference between the two.
Having a backup strategy is not the same as having a DR strategy. In basic terms a backup is having a copy of your data, while DR is the strategy to recover your essential IT environment in the event that it is compromised. If you don’t know the difference your business could end up paying a heavy price.
Let’s take a look in more detail:
What is backup?
A backup is a copy of your data on another device or in another location. This could be in the form of a tape drive or on separate storage in your data centre or in a completely separate geographical location.
Backups are typically performed on a daily basis. That day’s data is copied and stored away from the original data. This can be done manually by someone physically changing tapes or remotely and automatically in the cloud.
Having a backup copy of your data means you should be able to restore it to the original source should there be a problem.
Planning a backup routine is pretty simple. You decide what you need to backup, how long you need to keep it for and how often you need to back it up. The complications come with things like how much data needs to be backed up, what kind of data needs to be backed up, what kind of infrastructure you are backing up from, what is your budget and last but not least, how quickly do you need it back. The answers to these questions will dictate what type of solution you will choose.
There are a host of different backup solutions all offering different approaches to solving the problem and it’s possible that no one solution will address all of the issue in one environment.
The different types of backup:
backup schedules and data to be protected are set up via a web-based control panel and the backups are copied to a secure location across the Internet. This solution can be quite flexible but relies on a good Internet connection.
This model is similar to the traditional approach but each incremental is automatically added to the previous backup and is verified to ensure it is complete and can be restored. The advantage to this approach is that a fully verified backup is always available and can be restored rapidly. The disadvantage is it requires computing resource to reconstitute and verify the data, which can drive up the cost.
To back up a system a file has to be copied from one medium to another. To do this a program must be running that can check what files have to be backed up, check what files have changed and copy them to the backup location. With an Agent-based solution the program is running on the system that has to be backed-up and with an Agentless solution the processing is on a central server that has visibility of the file system that is to be backed up. Both approaches have advantages and disadvantages.
This approach usually means an initial full copy of the data is taken and each subsequent day only the blocks of data that have changed are copied over. Often this data is written to tape and this is stored offsite. The key advantage of this approach is the price (tape is cheap). The key disadvantages are the time it takes to restore - you have to restore the original and then all the incrementals; and peace of mind - if the full backup or any of the incrementals are damaged you don’t have your backup.
According to Gartner half of tape backups fail to restore. Even a successful backup means you have a copy of your data but it doesn’t guarantee you can access it as quickly as you might need to. That’s where a Disaster Recovery plan comes into its own – when it’s time critical.
What is Disaster Recovery?
Disaster Recovery is much more than having a backup. It is about having a plan and technical solution in place that will keep the core components of your business functioning should a disaster strike. Although the technical part of the DR is vital, it is only one part of the plan.
To create a DR plan you must first identify what key systems are required to keep your business running in the event of an incident that takes your normal infrastructure offline. This could be a natural disaster like a hurricane, flooding, a fire or even malicious behaviour like a DDoS or Ransomware attack.
Obviously one solution is simply to duplicate the infrastructure and replicate the data in real-time, and in the event of a disaster just switch. This approach can be very effective for some of the threats but comes with a hefty price tag.
In most cases, you should:
- Identify the key systems the business cannot function without
- Decide how long the business can function with each of the key systems offline
- Decide how much data the business can afford to lose (if any)
- Decide how a DR system would take over (manual/automatic)
- Decide the DR system’s hand back
DR solutions can take many forms, ranging from restoring systems from backups, to a system that automatically takes over when the primary system is lost. The backup solution would be appropriate for systems where they don’t need to be on-line quickly and you could afford to lose some data. The automated solution is appropriate for something like an e-commerce company where the loss of availability has a major financial effect on the business and cannot be tolerated.
It’s likely that budget constraints will play a part in DR planning and compromises will have to be made. The final plan is likely to incorporate a range of technologies addressing particular issues at different price points.
Don’t forget, Disaster Recovery can be useful not only in the event of a ‘disaster’ but in other situations as well:
- For testing – a good DR provider will provide you with a virtual private cloud where your testing won’t affect your live environment.
- For hosting applications and services during planned maintenance or migration
- In the event of a data loss where you don’t want to send huge volumes of data back to your primary data centre
- For providing an all-in-one backup and DR solution
Believe it or not but most DR situations are caused by human error – someone accidentally deletes a server or replicates a corrupted file making it impossible to recover. A backup system means you can only refer back to a designated point in time. DR gives you back all your live systems as close to the time of failure as possible.
Disaster Recovery allows you to rebuild and run your entire IT system until your primary environment is back working. Ultimately it gives you the perfect response when you hear the words “all systems down.”
A backup strategy in tandem with the right approach to Disaster Recovery, managed by the right people, means you will have your Business Continuity covered.