What is the best practice of backup?

by
What is the best practice of backup

Having a rock-solid data backup plan is one of the most important things any individual or business can do to protect their data assets. With the increasing threats of malware, ransomware, hardware failure, and natural disasters, it’s essential to implement comprehensive backup policies and procedures. In this 5000 word guide, we will explore the fundamentals of data backup and provide actionable best practices you can use right away.

Why is data backup important?

There are several key reasons why performing regular data backups is critical:

  • Avoid data loss – Backups provide you with a way to restore deleted or corrupted files in the event of an accidental deletion, malware attack, or hardware failure.
  • Recover from disasters – Whether it’s a fire, flood, or other natural disaster, having offsite backups ensures you can get your business back up and running quickly.
  • Meet compliance regulations – Some industries require maintaining data backups for a certain time period to meet regulatory compliance.
  • Provide data recovery – If you become victim to a ransomware attack, backups allow you to restore data without paying the ransom.
  • Archive historical data – Backups give you a way to retrieve and access older archived data that may no longer reside on your active systems.

Losing critical company or personal data can be devastating. Implementing a backup plan significantly reduces this risk and provides substantial peace of mind.

What data should be backed up?

While the specifics may vary between individuals and businesses, generally you’ll want to ensure the following types of data are backed up:

  • Files/folders – All personal and business documents, spreadsheets, presentations, projects, and other working files.
  • System image – A complete copy of the system disk with operating system files and installed applications.
  • Email data – Email messages, contacts, calendar appointments for email clients such as Outlook.
  • Databases – Database files from database servers or applications that use databases like Quickbooks.
  • Source code – Source code repositories for custom software development projects.

You’ll want to catalog all critical data that would be difficult or impossible to recreate if lost. Prioritize backing up your most important data first.

How often should backups be performed?

The frequency of performing backups depends on how much data you can afford to potentially lose between backups. For most small businesses and individuals, here are some general recommendations:

  • Files – Back up daily or even multiple times per day for critical file shares.
  • System image – Perform a weekly system image backup.
  • Databases – Database backups depend on how often critical information changes, but often daily or weekly.
  • Source code – Source code repositories should be backed up whenever significant work is checked in, often daily.
  • Email data – Back up email data daily if possible.

For mission-critical enterprise systems, backups may need to be even more frequent to limit potential data loss.

Where should backups be stored?

To provide maximum protection, backups should be stored in multiple locations. Here are common backup storage targets:

  • Local – Store backups on an external hard drive or network attached storage on premises.
  • Offsite – Use a cloud backup provider to store backups in the cloud or move backups to an offsite location.
  • Offline – Rotate through external hard drives or tape media that can be stored offline away from your systems.

A common best practice is to use a 3-2-1 backup strategy: Have at least three copies of your data, on two different media types, with one copy stored offsite. This provides both onsite and offsite copies across multiple media to minimize risk.

What backup methods should be used?

There are various methods available for performing backups:

  • Full – A full backup copies all selected files and folders each time it runs.
  • Incremental – An incremental backup only copies files changed since the last backup.
  • Differential – Differential backups copy all changes since the last full backup.
  • Mirroring – Mirror backups continuously mirror changes to a second duplicate volume.
  • Snapshots – Snapshots capture the state of a volume or files at a point in time.

A best practice is to combine multiple methods. For example, performing weekly full backups combined with daily incrementals and periodic mirrors or snapshots.

What media should be used for backups?

Here are some common media types used for backups:

  • External hard drives – Very common removable media, provide abundant and inexpensive capacity.
  • USB Flash drives – Small removable devices useful for backups of a few critical files.
  • NAS devices – Network attached storage can act as both local backup storage and cloud backup targets.
  • Tape – Tape cartridges provide inexpensive offline backups but require a compatible drive.
  • Cloud storage – Backup services like Dropbox or AWS S3 can reliably store backups remotely.

As mentioned in the 3-2-1 strategy, it’s ideal to use a combination of both local and cloud storage media for redundancy.

How can backups be automated?

Manual backups are prone to human error and being forgotten. It’s highly recommended to implement automated backup procedures. Here are some options for automation:

  • Backup software – Specialized backup software like Veeam or Druva can automate complex backup jobs.
  • Cloud services – Many cloud backup services like IDrive or Backblaze have built-in automation.
  • Scripts – Write your own custom scripts to execute backup commands on a schedule.
  • Policies – Setup backup policies on devices like NAS boxes to copy files based on schedules or events.

Take the effort up front to setup scheduled backup jobs, service accounts, and scripts, and automation will handle backups reliably in the background.

How can backups be monitored?

Simply performing automated backups isn’t enough – you need to monitor backups to ensure they are completing successfully. Here are some ways to monitor job status:

  • Logs – Backup software and scripts log job activity which can be monitored or alerted on.
  • Status reports – Backup dashboards and status reports from services like Veeam provide an overview.
  • Notifications – Configure backup jobs to send email, SMS, or Slack notifications when jobs fail.
  • Tests – Test restores from backups regularly to verify their integrity.

Don’t “set and forget” your backups – have a process to review logs and reports regularly to confirm successful backups.

How often should backups be tested?

Testing backup integrity is a critical but often neglected practice. Here are some recommendations on testing frequency:

  • Full backups – Do a full end-to-end restore test quarterly or at least every 6 months.
  • Key files – Test restoring key files monthly or bimonthly.
  • Verify backups – Spot check backup contents weekly to verify recent files are present.
  • Offsite media – Cycle offline media back on a quarterly basis to ensure it remains valid.

Regular testing gives confidence your data can be successfully restored when needed.

What security practices should be used?

Physical security and cybersecurity are also important considerations for backups:

  • Encryption – Encrypt both local and cloud backups to prevent unauthorized access.
  • Access controls – Limit access to backup volumes with ACLs and strict credential policies.
  • Isolation – Keep offline media airgapped from networks in secure locations.
  • Geography – Store cloud backups in a different geographic region than your systems.

Treating backups as critical data and applying appropriate controls prevents your recovery asset from becoming a liability.

What is the best way to approach disaster recovery?

A complete disaster recovery plan goes beyond just data backups – it prepares you to restore critical systems and infrastructure in the event of catastrophe. Elements of a DR plan include:

  • Priority list – Inventory critical systems and data, with restoration priority order.
  • System images – Maintain system images to quickly rebuild servers and workstations.
  • Spares – Keep spare hardware available to get infrastructure back online faster.
  • Sequential roadmap – Have a step-by-step runbook detailing recovery procedures.
  • Offsite copies – Store backup media offsite at secondary facilities to survive site disasters.

A complete DR plan goes hand-in-hand with a solid data backup scheme to minimize downtime and data loss from disasters.

What are the limitations of backups?

While critically important, backups cannot entirely eliminate risk. Be aware of inherent limitations:

  • Not continuous – Backups capture discrete points in time and can miss activity between backups.
  • Gaps – Human errors and oversights can lead to blindspots in coverage.
  • Isolation – Airgapped offline media may be unavailable when disasters strike.
  • Restoration – Backups simplify but don’t eliminate the restoration process, which can be complex and time consuming.
  • Validation – Even if backups run, they may produce unusable data if not tested.

Mitigate risks by combining multiple backup methods and being diligent with monitoring, maintenance, and testing.

Conclusion

Implementing reliable data backups aligned with these best practices can help any individual or organization avoid catastrophe. Key takeaways include:

  • Use a 3-2-1 strategy for resilience.
  • Automate backups but still monitor and test regularly.
  • Store backups both locally and offsite.
  • Backup critical data on a frequent schedule.
  • Use full, incremental, and differential backup methods.
  • Encrypt backups and control access.
  • Have a complete disaster recovery plan.

While not without some limitations, following these backup best practices will provide substantial protection against data loss.

Example Backup Retention Policy Table

Backup Type Frequency Retention
Full Weekly 4 weeks
Incremental Daily 1 week
Database Daily 2 weeks
Email Daily 3 months
Source Code On commit Permanent

Leave a Comment