Backup – Disaster or Disaster Recovery?

Afinety provides about two to three complimentary Network Health Assessments per week for Southern California law firms. One of the most common things we see – in over 50% of the reviews – is the fact that firms have only partial or no backups at all. This crucial part of any business is either minimized or ignored by a large percentage of law firms. If their clients knew the lack of attention that was paid to their data, they would probably switch to another firm immediately. I know I would if my data was at risk.

Think about what your procedures are for backup. Are you 100% sure you got a good backup last night? If you are, then you are in the minority. If you are not sure, then the following may give you some ideas on how to be confident in your backup integrity - a crucial part of your disaster recovery plan.

Right now, you have a number of choices for backup. These include disk based solutions, tape backup and offsite backup. The discussion below will cover each, give you some idea of how well these work and whether or not they are true disaster recovery solutions.

Disk Based Backup

This common solution is simplicity itself. You attach a large USB drive to your server and use one of the standard backup software solutions such as CA’s ARCServe or Symantec’s Backup Exec to run your nightly backups to the external drive. The benefit to this is low cost and speed. A one terabyte drive, which will accommodate most backups, is under $150.00 and thus you get a lot of capacity and speed for very little money. On the scale of cost, this is generally the lowest cost solution. The negative is that firms using this method often do not take their backup drives offsite. If they do, then it is common that this occurs once a week at most. Thus the firm’s partners have tacitly agreed that losing a week of data is acceptable.

There are also more robust solutions from companies like Dell, HP and others that are essentially a backup server. They consist of a machine and large disk array offering a self contained backup solution. The problem here is the same as above except you cannot take the array offsite. These solutions usually require a tape unit to accompany the main backup. The tape unit backs up the backup device and then a tape is taken offsite. This works well and offers an answer to the speed problem with tapes, however restoring in a disaster is a multistep process that requires all parts of the solution to behave as expected.

Replication

First of all Replication is NOT backup. These are two wholly separate things that are often mistaken for each other. For replication to be effective, a firm must have an offsite facility or a second office to which they can replicate. There are various software solutions available for this and so far, we have not seen a single small to mid-sized firm achieve this effectively. Most firms start out with a thought something like, “We’ll take these old servers and…” That simply won’t work. The biggest issue however is that replication is just that. If you delete a file, it’s gone. If you overwrite a file, it is gone. If you move something inadvertently and can’t find it, you can’t restore it either because it has moved on the cloned system as well. Replication is not necessarily a bad thing, but it should not be considered a backup.

Tape

Probably still the most common way to backup is tape. Tapes have the advantage of being easy to take home or store offsite and you can easily retire a tape to mark a fiscal period (month end for example). Tapes are relatively cheap and now have capacities exceeding 1TB on a single cartridge. A key factor in tape backup is achieving a full backup on a single cartridge. If you have a backup that requires two or more tapes, more than likely you have a very large problem. First, a two tape backup MUST be kept together. Without that second tape, you have no backup and crucial data may be lost if you need to restore. The second and equally important factor is speed. Tape units are very fast now, but they often take more than 10 or 12 hours to backup a large amount of data and multiple servers. The problem is that the tape can only backup one server at a time. With newer speedy tape units, the initial backup of the server in which the tape resides is indeed quite fast. However, all other servers are backed up over the wire and are thus quite a bit slower. We often see dedicated backup servers – which not only is a waste of firm money on a separate piece of hardware, but also slows down ALL backups. We commonly see tape units still running when the staff arrives for work, which means the users suffer a performance hit while the backup finishes.

Internet Based Backup

This is a fairly new trend in backup where firms use a service like MozyPro to backup their network online. For home systems we often recommend Carbonite which is a similar service at a very low cost, except that it does not support things like Exchange and SQL, like MozyPro does. The cost of these services is relatively low, but like anything else, you get what you pay for. Let’s imagine you actually need your backup some day, perhaps to restore your e-mail system after some catastrophe. A common Exchange database is in excess of 50GB, so as an experiment, go online, find a 50GB file and download it. By the time you have read the rest of this article you might see the ticker move up to 1% but most likely even that small percentage will take a very long time. What is the value of backup if it cannot restore data in a reasonable amount of time? In one case, a colleague of ours had to restore a home computer and it took 4 full days to download the backup. So the cost for this solution is reasonable and it does eliminate tapes, but it is simply unacceptable for the purpose of any sort of disaster.

CDP

This is not necessarily a new solution but it is beginning to mature and offers some significant advantages. CDP means Continuous Data Protection. An example of this is available from Sonicwall. A somewhat expensive rack mountable unit is installed at the firm which performs a continuous disk to disk backup. Thus within seconds of saving a file, it has been backed up, unlike traditional backup systems which would accomplish that in the evening, after working hours. The Sonicwall units are then capable of echoing the backups, again continuously, offsite to their secure location or to another CDP. So for firms with multiple offices, backups can be cross-pollinated creating a disaster recovery solution that allows one office to host a sister office in the event of a disaster. Like all emerging technologies this one is not without its challenges but once matured, this may be an excellent solution for multi-office firms.

Professional Backup and Failover

By far the best solutions combine local and offsite backup solutions with failover. Examples of this are Afinety’s Reserve and eVault. This type of backup is accomplished first locally “disk to disk.” Disk to disk backups are very fast since they can backup multiple servers simultaneously and are writing to very fast hard drives. Once the local backup is completed, it echoes the changes that have occurred since the last backup to one or more offsite locations. Common restores can be done locally and quickly, including a full server restore which can often be done within an hour in more sophisticated systems like Reserve. Should a firm-wide disaster occur where the office is inaccessible for some reason, the offsite facilities can ship a backup to a new location for restore, or “failover” to the offsite backup vault, allowing users to connect from their homes or mobile locations and run as if they are working on their office system. Obviously this is the best of all worlds, however the drawback is monthly cost. Generally these solutions run from about $2.00 to about $8.00 per GB per month depending on which one you choose.

Mixing Backup

We are often asked about mixing say a disk to disk backup with something like MozyPro. At first this looks like an interesting solution, however there is a major problem inherent in mixing backups. When your Exchange e-mail system is backed up, a log is created marking the time of the backup and its completion. If a second, different backup occurs after the first, it also resets this log and thus the log that the first backup is counting on to determine the backup state is now incorrect. Data will thus be missed or excluded from BOTH backups and neither now has proper integrity. This is true of many types of data so a mixed backup solution is not so much a clever solution as a disaster waiting to happen.

Choices

The biggest issue an administrator faces with backup is getting the partnership to understand the value of a proper, secure and reliable backup system. Once a firm has had a significant failure and lost data, they are generally eager to sign up for a professional backup and disaster recovery solution, but until that happens partners sometimes see their less effective backup solutions as “good enough for our firm.” Going back to our observations in the field, more than 50% of smaller firms would lose significant data if a server failed. Most would lose everything if a regional disaster occurred.

We find a good approach to this dilemma is to ask the partnership the right questions.

• How long can you wait for the firm to restore a deleted file?
• How long can the firm be out of business until a server is restored?
• How long can the firm be out of business in the event of a regional disaster?

Backup and disaster recovery solutions are all about time to recover vs. cost. Once you have the answers to these simple questions you can begin to formulate a backup solution that is right for your firm. If you check with your IT provider they will be able to offer solutions that fit just about any requirement.