• Call Us: (800) 897-4470

3-2-1 Automatic Backup and Recovery Method

Jeff Platt
  • 0

Your data needs to be protected. If you are reading this, chances are that it probably isn’t entirely safe. And you probably haven’t thought about what you need to recover your data, let alone how long that will actually take.

Whether business data or personal data, the threats are similar but with different repercussions. The most common threat is simple human error: “I was working on this file and made some changes, but I want to revert back to an older version,” or, “I accidentally overwrote the real version of the file with my unedited copy.” Human error can also result in virus infection, including the new cryptolocker strain of malware. Getting files back from before the infection may be the only way to recover from some computer viruses. There is also the outside threats, such as fires, floods, natural disasters, theft or zombie apocalypse. One of the more frightening things is the belief that you have a backup in place, but it has never been tested to actually work.

The “3-2-1 Backup” method isn’t new, but I believe should be updated to “3-2-1 Automatic Backup and Recovery Method.” Here are the key points:

  • You need to have at least three copies of your data.
  • Your data should be on two different types of storage.
  • One copy of your data needs to be offsite.
  • Backup should work automatically.
  • Proper backup requires a known and regularly tested recovery plan.

The general picture of your backup should resemble this diagram.

321 Backup Diagram

You have a designated place where you actively create and edit data. A copy is made on a continuous schedule (as created, every hour, etc.) to a nearby (locally attached or connected through network) storage device. Finally, that storage device is replicated offsite.

In a typical corporate setting, a person creates and edits data that is centrally stored, like a network server. That data is then copied to a dedicated backup device on the network. From there, the backup is replicated to an offsite location.

For a SOHO (Small Office Home Office) user, a person creates and edits data on his or her local hard drive. That data is then copied to an external drive, typically through USB or over the network. And as above, the backup is replicated to an offsite location.

Point: Three Copies
Copies need to be in three different places. Creating two folders on the same computer doesn’t count. Instead, one copy on your computer, one copy on a backup on the network, and one copy in offsite storage. If your organization has good habits and files aren’t stored locally, then one copy in the official storage location, one copy on a dedicated backup device, and one copy in offsite storage.

Point: Two Types of Storage
We have always considered a hard drive and a DVD as two types of storage. With advances in solid state drives, Network Attached Storage, SAN (Storage Area Network) devices, and cloud storage, we have to revise our definition of media to include these different formats. Technically your network attached storage may be filled with traditional hard drives, but consider it as its own type of media. What we are trying to avoid is having two hard drives on the same machine, each with a copy of the data. If the machine is infected with a virus or stolen, both of those drives are gone.

Don’t confuse having a RAID array, web service or other single device that creates its own redundancy with a backup solution. First example to consider would be the use of a Drobo device to store data. A Drobo uses many hard drives so that if any one (or two) hard drives fail in the Drobo, your data is protected. That gives you an extremely reliable place to store data, but it is still only one copy. (It’s the same idea with RAID storage.) Just because you have an extremely reliable place to put your data doesn’t mean you can skip steps in your backup solution.

The second example is Dropbox, a cloud based file synchronization service. At first glance, Dropbox appears to give you multiple copies on multiple machines in multiple locations. In reality, there is one single file in the cloud that is accessed by all of your devices. We’ve heard clients self-engineer a solution that sounds like, “I’ll just install Dropbox on a bunch of computers, store the data there, and then I will have a bunch of redundant copies.” The magic of Dropbox is the file synchronization, so the moment you change a file in one place, it updates all of the other copies in unison. Dropbox gives you lots of availability or access to the same file from many locations, but if one of those many locations corrupts a file, it replicates that corrupt file everywhere. Dropbox is great, just as long as it is used as intended.

(FYI, Dropbox Pro and Business customers can purchase an add-on service called Packrat, which gives you file deletion recovery and version history.)

Point: One Copy Offsite
An offsite copy protects against something happening to your location, like a fire, theft, network spread malware, security breach, or zombie attack. This offsite copy is safely stored outside of harms way. Offsite storage will typically have some lag time, anywhere from a few minutes to a few days, depending on how the systems are configured. (Daily is a good balance.) If you need this third copy, you may lose some work from the potential lag time, but you won’t lose your entire business. Your offsite storage should also include a certain amount of data retention time, so you can restore files that aren’t the current version. This would allow you to restore to a point before data was infected with a virus or malware.

Point: Backup Automatically
Simply put, your backup strategy cannot rely on a human to switch tapes, exchange drives, take something home, or otherwise do something to keep the backup process running properly. Backups need to be running on the computers or servers on a defined schedule that doesn’t require a person to be at the machine or logged into the machine. Computers are good at repetitive tasks and computers don’t forget to do something because they were pulled into a meeting late in the day. It isn’t a bad practice to take a copy of the data to another physical location, as it may give you an advantage in the speed of your recovery, just don’t consider this as the principal offsite solution since it isn’t automatic.

Point: Recovery Plan
Don’t wait until you need to recover to figure out how to recover and how long it will take to do. When planning out how the backup system works, the method for recovery needs strong consideration. To start, backup systems store data either file by file or as a drive image. If you just need to grab a file or folder from a backup, file by file works great. To rebuild the system entirely including the configurations, drive images are best.

Next, your offsite matters for several reasons. Consider the time it takes to download the data from your offsite location. Will it take several days to download the data before you can even start the restore? Will the offsite provider overnight ship you a hard drive with the data? Or perhaps the offsite can even serve as temporary infrastructure while new hardware is provisioned.

Another part of your recovery plan includes which elements are needed to recover your key systems. You may have the SQL database, Exchange data, or line of business application data, but do you have access to the software itself if you need to reinstall or reconfigure a new server.

Finally, consider who is qualified to recover your data. These are different people whether you need to get a file or folder back, compared to reconfiguring your entire infrastructure. That means that you may need to have the contact numbers and account information stored somewhere and with people that can act on the information.

When reviewing your recovery plan, ask the following questions:

  1. How long can my business afford to be down?
  2. What is my plan to recover from a zombie attack? (Fire, theft, natural disaster)
  3. How do I recover a single file or folder?
  4. How do I restore a machine for one person?
  5. How do I restore one server or service for the whole team?
  6. How long does each of the above take to do and who knows how to do it?

Just like a fire drill, your recovery plan needs regular testing. Random file restores are a good way to be sure that backup systems are running properly, in addition to review of log files. Backup software is designed to ensure that the backups are working properly and files are valid. Software will test the integrity and notify if there are problems. However, manual checks are required to prove it. Your frequency of testing should be at least quarterly, or monthly for the more concerned. Backups are only as good as the last time you tried to restore.

Cost to Recreate the Data

Just imagine for a moment what you would need to do if you couldn’t get your data back. Different organizations create, edit and store different types and amounts of data and for different reasons. Not all data has the same value. Photos of your children cannot be recaptured, but perhaps your music library can be downloaded again. Most people never consider the real cost to recreate their data. That said, good backup systems and practices aren’t hard or expensive.

The 3-2-1 Automatic Backup and Recovery method is a modern version of the traditional approach to protecting your data.

Learn More about Kokua Lifeguard →

AUTHOR

Jeff Platt

All stories by: Jeff Platt