1

Everything You Need to Know about

Backup and Disaster Recovery (BDR)

Wondering how backup services came to be? As a businessperson that manages or owns a small or mid-

sized business (SMB), you know data protection and business continuity technologies are essential, but

there are many types of BDR to choose from. So where do you even start? Maybe you're looking for a

beginner's guide, or a backup dictionary - either way, keep reading to explore BDR from A to Z!

Overview

At some point, all computer hardware fails. It’s a fact of life. Whether it’s from age or accident, data loss

is inevitable when hardware fails, and can cripple an SMB in a second and destroy profits just as easily.

This is why an effective Backup & Disaster Recovery (BDR) solution is essential to virtually every

business today.

There’s no way to predict the future; hard drives malfunction unpredictably, cyber-attacks are on the rise,

and natural disasters may strike with little to know warning. To ensure data is secure, it needs to be

backed up and quickly recoverable so downtime is minimal when the unforeseeable happens.

Backup and Data Recovery has come a long way. Long gone are the days of media-vaulted backup and

manual recovery methods. Today’s BDR solutions provide secure, fast, monitored, and continuous

backup and rapid data restoration through cloud-based architecture. A variety of methods and options are

available in the marketplace to cater to any business need.

The Evolution of Backup

Data backup began with tapes being copied in a machine and stored in a physical vault, typically offsite –

and that process didn’t change much for decades. On-site backup solutions are nearly as old as computing

itself; tried, trusted, and true. Whether it’s a database that needs backing up, unstructured files,

applications, or anything in between – there’s a backup solution out there that can get the job done.

The resultant backup may go to tape, or optical media, or to disk, but the result is the same – a collection

of backup media that gets put in a vault. To keep that media safe, on-site backup has always had an off-

site component, which has mostly consisted of somebody taking the media that was backed-up and

moving it elsewhere. While this is often called off-site backup, it’s more properly “off-site backup media

vaulting”.

2

During the past two decades, this vaulting form of off-site backup meant either moving media, or more

progressively, creating a storage repository at a remote site along the wide area network (WAN) and

tunneling the backup data over what were almost always lower-bandwidth WAN links after the backup

was complete. This either limited the time frame in which a backup window could occur or it limited the

bandwidth available to business users, and storage costs always soared in an era where storage was still

prohibitively expensive to anyone but the large enterprises. A decade ago, the evolution of backup

brought a new generation of off-site backup. With online backup, a solution provider backs up data to an

off-site, hosted platform, obviating the need for media transport.

That same evolution has merged backup with

cloud computing, taking that previous generation

into this generation. Over time, bandwidth has

increased, and it has become possible to use third-

party services to handle online off-site backup.

Hardware has simultaneously become abstracted

through virtualization. This combination of

increased bandwidth and commoditized

hardware, coupled with the natural evolution of

software, has enabled off-site backup solutions to

offer continuous data protection with the same

level of redundancy that was once the purview of

expensive systems like those from the former

Tandem Company.

Neither off-site nor on-site backup are enough in the event a disaster strikes, and that has been the big

driver behind cloud-based off-site backup. If a disaster happens, the data on backup media (off-site or on-

site) will not be enough to fully recover. Replacement computer systems to restore the data will be

needed, as will the networks that connect the systems.

Key Terms & Definitions

Backup and disaster recovery (BDR) is a combination of data backup and disaster recovery solutions

that work cohesively to ensure a company’s business continuity.

Remote data backup is the process of backing up data created by remote and branch offices (ROBOs)

and storing it securely. Businesses with ROBOs require backup and recovery solutions that can support

the company’s data protection policies and business service levels.

Backup window is the timeframe within which backups are scheduled to run on a given system. These

are often scheduled during times of minimal usage (i.e. after hours).

Recovery time objective (RTO) is a benchmark indicating how quickly data must be recovered to ensure

business continuity following a disaster or unplanned downtime.

3

Recovery point objective is a benchmark indicating which data must be recovered in order for normal

business operations to resume following a disaster or unplanned downtime. This is often based on file age

(i.e. all data backed up before date X must be recovered), and in conjunction with RTO can help

administrators determine how frequently backups should execute.

Disaster recovery is the area of security planning that deals with protecting an organization from the

effects of significant negative events. Significant negative events, in this context, can include anything

that puts an organization’s operations at risk: crippling cyber-attacks and equipment failures, for example,

as well as hurricanes, earthquakes and other natural disasters.

Cloud disaster recovery is a component of a disaster recovery plan that involves maintaining copies of

enterprise data in a cloud storage environment as a security measure.

Business continuity encompasses a loosely defined set of planning, preparatory, and related activities

that are intended to ensure that an organization's critical business functions will either continue to operate

despite serious incidents or disasters that might otherwise have interrupted them, or will be recovered to

an operational state within a reasonably short period.

Types of Backup

Full backup is a method where all the files and folders selected (or even an entire machine) will be

backed up in their entirety. It’s commonly used as a first backup and is then followed up with subsequent

incremental or differential backups.

When you perform a full backup, it’ll contain a complete backup of all selected data. When the next

backup is scheduled to run, the entire list of files and folders will be copied again (regardless of whether

or not any changes have been made). This simplifies the restore process, as the complete dataset lives in

each and every backup task, but it also consumes the most storage space and can cause backups to take

quite a bit of time to complete.

Differential backup is a process that begins with one full backup, and then subsequently backs up all

changes that have been made since the previous full backup. This allows for much faster backups (but

slower restores), and makes more efficient use of storage capacity.

Incremental backup is largely the same as differential backup, with one important difference - after the

initial full backup, subsequent backups store changes that have been made since the previous backup

cycle whether it was a full or an incremental cycle.

Mirror backup is, as the name suggests, a real-time duplicate of the source being backed up. With mirror

backups, when a file in the source is deleted, that file is eventually also deleted in the mirror backup.

Because of this, mirror backups should be used with caution as a file that is deleted by accident, sabotage

or through a virus may also cause that same file in mirror to be deleted as well. Some do not consider a

mirror to be a backup.

4

Many online backup services offer a mirror backup with a 30-day delete. This means that when you delete

a file on your source, that file is kept on the storage server for at least 30 days before it is eventually

deleted. This helps strike a balance offering a level of safety while not allowing the backups to keep

growing since online storage can be relatively expensive.

Many backup software utilities do provide support for mirror backups.

Advantages

The backup is clean and does not contain old and obsolete files

Disadvantages

There is a chance that files in the source deleted accidentally, by sabotage or through a virus may also

be deleted from the backup mirror.

Local backup is any backup where the storage medium is kept on-site. Typically, storage is plugged in

directly to the source computer being backed up, or is connected through a local area network to the

source being backed up. This is the most basic from of backup and data-loss prevention, and contains

several inherent disaster-related risks as there is no offsite redundancy or cloud component.

Cloud or remote backup is a type of offsite backup that allows users to access restore or administer

backups either while located at the source location or an offsite location. Data here is backed up in the

cloud (either directly, or via a local appliance); this type of backup provides some of the strongest

available protection against natural disasters and unplanned downtime.

Hybrid backup

Typical cloud backup solutions, also known as online backup, focus on copying data files to a physically

remote location, which is great for disaster recovery. Hybrid backup integrates cloud backup and local

backup to deliver system recovery, rapid file restores, and disaster recovery.

Hybrid backup is the combination of both cloud backup and local backup, where local backup is typically

a USB drive or network shared drive or NAS device. The ideal hybrid backup solution integrates these

forms of backup in an automatic, user-friendly utility running transparently in the background. While

local backups are typically sufficient for protecting the data and other information on a computer system,

the cloud backup adds a level of assurance that offsite backup data is safe from disaster.

Hybrid cloud data recovery backs up each production server as a virtual machine (VM) image, either by

making a copy of the current VM or by converting physical servers to VM images (a process referred to

as physical to virtual, or P2V) as part of the backup process. The local appliance stores these images just

like it does regular file backups but also provides a platform on which they can be restarted in case the

primary server goes down.

5

In this way, a single appliance can act as a local

standby server for multiple primary servers and

VMs. The failover isn't automatic, but many

hosted disaster recovery services can provide

what's essentially high availability (HA) to the

production server environments as part of their

backup infrastructure. The final step is to move

these VM images to the cloud provider's data

center, which has enough compute resources to

restart any of them in the event of a disaster at

the client's site.

Data backup and disaster recovery are not the

same. Backup software can fail, or the person

responsible for backing up can fail. Also,

backing up without recovery in mind is

tantamount to not backing up at all. And finally, there are other steps you have to take in order to

successfully restore your data in the event you need your backup. Steps like assembling the right recovery

environment (the right operating systems and servers and storage) and the right people, processes, and

tools to bring back that backed up data.

Why Do Businesses Need BDR?

1. Backup Software Can Fail

There are numerous examples where an unjustified faith in data backup software left an organization

hanging after a disruption. Take the case of a Civil District Court in New Orleans. What seemed like a

routine recovery of the county’s conveyance and mortgage records database after a server crash turned

into a bigger headache than a night out in the French Quarter during Mardi Gras. Without conducting a

full restoration test, what went undiscovered was that the installation of an upgraded version of backup

software actually failed, despite an indication that the upgrade had been successful. And for nearly a year,

new records that were thought to be backed up were not, all while old copies were purged every 30 days.

The end result: All new entries and changes that occurred after the most recent backup were lost, as well

as all records dating back to the 1980s.

2. You Have to Back Up with Recovery in Mind

Steven Covey states it best in 7 Habits of Highly Effective People: “Begin with the end in mind.” The

same goes for data backup and disaster recovery. You have to back up your data as if you will one day

need to get it back.

6

Here’s an example of why this is so critical.

One of our customers used a third-party company to manage their backups. That third party backed data

up from different servers and multiple applications by striping it across tape. From a backup perspective,

their main concern is not restoring data: it’s to back up data as quickly as possible. Along came a disaster

which required the IT team to recover their data. When they began to bring data back from these tapes,

they quickly realized that striping their data created a million-piece jigsaw puzzle that was nearly

impossible to reconstruct. In the end, they couldn’t find all the tapes necessary to put together this

“puzzle.”

3. Data Backup is Only the First Chapter

Getting a secure copy of your data backed up at an offsite location is only chapter one of Disaster

Recovery. Chapter two is having the right recovery systems connected to your data, meaning you need to

have the right servers, storage, hypervisors, and operating systems in your recovery environment.

Basically, your recovery environment needs to reflect your production environment. This is not an easy

step as there are many changes that occur daily in a production environment that IT staffs are frequently

too busy to capture.

Let’s say you DO have the right recovery environment; chapter three is having the right people,

processes, and tools needed to recover at the time you need them. We see this problem all the time: the

Oracle guy is not available, the Windows guy was not willing to travel, the runbooks were outdated or

based on the older operating system, etc.

All of this is to say that data backup and disaster recovery are not the same, but both are necessary for

long-term business technology resiliency. You must have the right recovery mindset, which means

a) Backing up data according to your recovery strategy;

b) Connecting the right recovery systems to the properly backed-up data; and

c) Creating a programmatic approach to recovery by arming yourself with the right people, right

processes, and right tools, and making sure they’re all available at the right time.

What to Look for in a BDR Solution?

And appropriate BDR solution varies for every business, depending on client base, existing services

portfolio, pricing structure and more. Due diligence should be exercised throughout the research and

consultation process to find a hardware vendor whose goals align with yours. BDR requirements can vary

from one business to the next, but there are certain key features any BDR solutions should have:

1. Redundancy and Cloud Support: Look for a BDR provider that a.) Provides a contingency plan b.)

Leverages the cloud for additional layers of security and recoverability c.) Has secondary backup plans in

place in the event of a cloud disruption, and d.) Has virtualization capabilities to keep things running

when disaster strikes.

7

2. 24x7x365 Availability: Disasters aren’t constrained to business hours, and therefore a BDR solution

should be available around the clock.

3. Flexible Pricing Model: A BDR solution that can scale as your business grows is ideal for keeping

costs down and providing healthy margins. Your clients may have varying needs, and those needs may

change over time; this pricing model will allow you to shift to meet those needs.

A fixed BDR cost per device helps control margins and ensures an end user only pays for what they use.

A BDR provider should couple hardware with an unlimited storage offering. This helps control expenses

as spikes in service delivery arise. Additionally, a fixed-price model is easier to sell to end clients.

4. Hardware Compatibility: Modern BDR solutions should offer flexibility and compatibility across a

number of appliances, so that choice can be extended to end users.

5. Proven Recovery Time Objective: How quickly can data be recovered and systems brought back

online? A vendor’s RTO should be measured in minutes, not hours or days.

Sources & Further Reading

http://www.continuum.net/solutions/backup-and-disaster-recovery

http://typesofbackup.com/incremental-backup/

http://typesofbackup.com/differential-backup/

http://typesofbackup.com/online-backup/

http://typesofbackup.com/offsite-backup/

http://itknowledgeexchange.techtarget.com/storage-channel-pipeline/hybrid-cloud-dr-hurricane-protection-for-smbs/

http://searchservervirtualization.techtarget.com/definition/physical-to-virtual

http://searchdisasterrecovery.techtarget.com/tutorial/The-importance-of-high-availability-systems-in-disaster-

recovery-plans

http://spectrum.ieee.org/riskfactor/computing/hardware/real-estate-servers-crash-in-new-orleans-continues-causing-

havoc-6-weeks-later-

http://blog.sungardas.com/2013/04/why-change-management-wont-perform-disaster-recovery-answer-

thermodynamics-law/#sthash.SrQU0QFr.dpbs

T: 866-995-44888

E: mailto:info@dwpia.com

W: www.dwpia.com