Planning a backup strategy: Part two

This is a second part of the three-part series of articles from AgileCloud, designed to assist you with your company's backup and restore planning and objectives which can also be used as a check list.

Determine where the data is located

Now that the types of data in the environment and the storage needs of each data type are known, one must determine where the data is located. This information is critical in determining the technologies needed to implement the backup strategy. For example, in a geographically distributed environment, with servers located across the country - or the planet - a centralised backup solution could result in flooding the networks with backup data. This could have a potentially serious impact on business productivity. In such a case, a localised backup solution may need to be considered, perhaps in an automated mode to reduce cost.

Many companies are finding that a lot of valuable company business data is located on mobile personal computers. This can be a difficult situation for IT because attempts to backup desktop computers en masse are usually cost prohibitive. When more and more of these client personal computers are mobile laptop computers, the situation grows more complex. A recommended best practice is to direct all personal computer users to store company business data on targeted servers, which are backed up regularly.

Note: Fortunately, technologies are becoming increasingly available that allow users' data and settings to "follow" them whenever they move from location to location, thereby increasing productivity. Taking advantage of such capabilities should be a high priority for more IT organisations.

Determine projected data growth

Another critical piece of information needed to develop a backup strategy is estimating the projected growth of data by data type. IT should make sure that the backup strategy developed is not quickly outdated. Future plans about the projected number of users and what type of data they create should be considered. If the company is planning to hire 100 new employees, the amount of user and business data will grow accordingly. Prepare for the future and build in the required capacity.

Determine backup and restore performance requirements

Information Technology (IT) Operations need to determine the performance requirements for backups, restores and recoveries. These requirements should align with the business needs as well. During the course of developing SLAs, specific service level objectives (metrics) regarding backup, restore and recovery performance are defined, negotiated, and agreed to between the different business units and IT. Note that these service level objectives must be monitored for compliance with SLAs to ensure that both IT and customer commitments are being met.

Determine the Database Backup and Restore Needs

A company's most pertinent, critical data resides in databases. Each database is different; be certain to take advantage of the tools offered by database vendors for backing up, restoring, and recovering data contained in their different databases.

Most of the major database vendors provide the ability to back up their databases online, without shutting the database down. They typically provide tools that can generate lists of files that need to be backed up and ensure that control files, archive logs, redo logs, and table spaces are backed up appropriately. Some tools even provide event-driven archival capabilities that automatically execute archiving data when a volume exceeds a predetermined capacity.

Determine Time Tables for Backups and Restores

Determine how often the data needs to be backed up per data type. For example, users' working files may be backed up on a daily basis, system data on a weekly basis, and critical database transactions twice a day.

Determine the allowable timeframe for performing a backup.

For instance, user files can be backed up any time users are not working on them, while some transactional databases may only have a few hours available for backup. Evaluate the amount of data needing backup, the existing infrastructure, and the technologies to use to estimate the time required for each backup. In the case of offline backups, all these factors can affect users' access to data. For this reason, calculations for backup time requirements should be compared to specific business requirements. If the business demands that users have access to data 22 hours per day, a four-hour offline backup will not work; another solution would need to be found (for example, online backup, SAN, and so on).

The allowable timeframe for data recovery on a per data type basis must be known. For example, it might be perfectly acceptable to take two days to restore some user files, while company business data might have to be recovered in two hours. When determining allowable recovery time, remember that this includes a combination of the time needed to access the storage media plus the time required to actually restore the data to disk. The clearest example of this is when a full system recovery is required and media must be obtained from offsite storage. This information is used to determine the specific backup schedules enforced by operations.

* Determine data archiving (offsite storage) requirements.
* When developing the requirements for different data types, also plan - for each type - how the storage media, should be secured and maintained. For instance, high business impact data should backed up regularly, and periodically stored offsite. User data, if backed up at all, will not require offsite storage. Security restrictions for data both onsite and offsite will also have to be gauged. Again, the data classification can help determine the security needs.
* Also determine the length of storage time per data type. For example, user files may need to be kept for only three weeks, while information about company employees may be need to be kept for five years.
* Consider the following types of data and information when planning for offsite storage:
* A full backup of the entire system, done weekly.
* Contents of the Definitive Software Library.
* Documents required to support an insurance claim, such as hardware and software inventory records, and copies of purchase orders or receipts for computer hardware and software.
* A copy of information required to reinstall and reconfigure network hardware.

Next week, Part 3, our final article in this series, will cover: identifying the constraints, defining backup and restore policies and analysing your company's backup and restore requirements.