In our modern world where data has outgrown and outpaced our means to protect it, we are finding that Backup and Disaster Recovery Strategies often require a cold war mindset.
What does this mean?
During the Cold War the USA had to design a strategy which “guaranteed” enough of the country and its people survived to carry on and rebuild post nuclear war.
This required a logical selection process which would have divided families. This even included children and spouses of top ranking government officials!
So what does this have to do with Backups?
Simply put… we generate A LOT of data! This very fact requires an organization to classify data by importance and then it undergoes a selection process in the disaster recovery plan. Depending upon the size of the organization and / or data these recovery plans can be very complex.
Some data will be considered mission critical and backed up frequently and in full and perhaps so important even backed up transactionally.
Other data will be considered less important and the organization will determine the level of acceptable loss for this data.
Then there will be data that falls in between and may use a hybrid approach that could be protected using a hybrid approach.
The reality is organizations do not have unlimited storage, nor unlimited budget which means there will be loss. Depending on the data source, the loss might be greater than anticipated or planned for; such as with a large and highly active database where transactional data is lost before committed.
Disaster Recovery Implies Downtime
When you are in a recovery situation, whether from hardware failure, user error or Ransomware incident there will be downtime involved.
The overall financial impact of downtime varies but typically falls into 2 categories known as measurable and unmeasurable.
Measurable Financial Impact
- Employee salary costs from not being productive. This varies based on what can be done without access to their devices and data
- Added salary overtime costs to compensate staff post incident to “catch up” on lost time
- Added costs for IT and temporary or 3rd party workers to help mitigate the disaster.
- Lost revenue from any department unable to prospect, sell or service customers
- Lost revenue from credits given due to SLA being violated
Unmeasurable Financial Impact
- Employee morale and overload which strains the mental and physical health of your staff. Disasters usually require everyone to “step up” and perform more to make up for lost time. This is especially true when data is lost and staff must start over.
- Downtime and data loss affects customer confidence and trust. This can have wide sweeping effects on current and future business.
Take a moment to glance through this article from INAP on backup sizing and cost strategies.
In their example 800GB of business data is used in their calculations. We also see in their example that the variables set are relatively modest. They may be adequate for one industry (maybe a pastry shop), but wholly inadequate for another (maybe a medical office). Either way, their calculation is 5,620 GB, or 5.6 TB.
So we see here how backup size and costs can balloon considerably. We could end up with 100x the storage needed to backup depending on retention and compliance policies.
These numbers tend to persuade companies in categorizing their data loss acceptance.
No one wants to lose any data but hard decisions must be made to find an acceptable level of risk vs cost.
Backups Struggle With Attacks and “Newer Data”
After an attack, disaster recovery and continuity of current business is not usually possible. The reasons are:
- “New” data is at the highest risk of becoming unavailable. This isn’t Ransomware specific but a side effect of our “backup as quickly as possible from everywhere approach”. Nice in theory but exponentially hard and expensive in practice.
- “New” data which is what you are creating and consuming “today” is important to the day to day operations currently underway. So the data you need most “today” is also at the highest risk.
- “New” data often uses a transactional storage scheme. In theory this is great but when those transactions are interrupted or compromised then corruption occurs ; and as such no recovery is possible.