Fri Apr 8 06:51:40 PDT 2016
Redundancy: Backups: What is backed up and how often?
Options:
Option 1: Never backup anything.
Option 2: Backup critical information when you feel concerned about losing it.
Option 3: Backup everything periodically.
Option 4: Create and maintain different backup processes and schedules for different information based on its criticality.
Option 5: Continuously and automatically backup everything all the time.
Decision:
Backup strategy is suggested as follows:
| Situation | Strategy |
|---|
| Data that has no substantial business utility and possession
of which could be problematic such as cookies from distant Web sites
and temporary files from compilations OR Standard content such
as copies of standard operating environment distributions at every
endpoint and copies of common software loaded automatically on
rebuild. |
Never backup anything. |
| Individual content where the individual stands to lose but the enterprise does not stand to lose significant value. |
Backup critical information when individuals feel concerned about losing it. |
| Systems and content that are not centrally managed and do
not have standard configurations and with medium or high consequences
of loss of availability |
Backup everything periodically. |
| Enterprises with a multitude of different content and systems |
Create and maintain different backup processes and
schedules for different information based on its criticality
and utility. |
| Financial transaction, credit card purchases, real-time data
related to safety mechanisms, and other similar real-time transactions
with no other record and which can have significant negative impact if
lost. |
Continuously and automatically backup everything all the time. |
What to back up and when
Basis:
Never backup anything.
Some things should not be backed up because they unnecessarily
consume space. This includes standard distributions of operating
environments where there are many existing backups and a standard
regeneration process and other similar collections that are readily
recreated. Other things not to backup include data that is for
temporary use only, like authentication codes used on specific
transactions (e.g., credit card present digits), cookies for systems
where there is no desire to retain long-term state information,
temporary files such as those used in processing other data, data on
kiosk machines in lobby areas, and other content that has little or no
utility after its initial use. In the forensics arena, there are also
cases where backup is not permitted, for example under court orders
relating to making copies of certain content, and in cases where old
copies may create confusion or legal issues associated with discovery
limited backups or automatic overwrite of backups with newer data may
be used.
Backup critical information when individuals feel concerned about losing it.
This strategy is used predominantly by enterprises that do not
have a standard approach and by individuals who may wish to save their
own work but where that work has little impact on the
enterprise. Examples include computers operated by students and
professors at universities, personal computers used by individuals at
home, and research computers used for experiments but not part of
operations.
Backup everything periodically.
This generally only applies to systems with medium or high
consequences of failure and in cases where these systems do not have
standard configurations or other methods for rapid recreation. This is
common in systems designed for special purposes, research and
development systems, and for enterprises in which there are relatively
small numbers of individuals working on independent projects. The most
common approach is a monthly compete backup with annual permanent
storage, weekly incremental backups kept for a month, and daily
incremental backups kept for a week. As disk-to-disk backup has
replaced tape and other media backup, backups to file servers has
become increasingly dominant.
Create and maintain different backup processes and schedules for different information based on its criticality.
In most enterprises, there are enough differences between systems
that a mixed strategy is applied using many of these approaches
depending on the specifics of the systems involved.
Continuously and automatically backup everything all the time.
In transaction systems or increasingly in resilient
infrastructure systems and to a lesser extent in systems with built-in
incremental backup systems, like Apple's "Time Machine", backups are
done either immediately or with frequencies high enough that almost
everything ever done is recorded.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved
|