Data is the crown jewels of every organization. Failure to protect it from loss, outages, theft, human error, malware, ransomware, and natural disasters is fiduciary irresponsibility. Just as threats to that data have ramped up increasing at an alarming rate, many IT pros have come to believe more is better. More backups, more data protection systems, and more frequency (shorter RPOs). The reality has proven to be a lot more problematic especially when it comes to recovery processes.
As discussed in the previous blog post, multiple data protection systems increase IT operational complexity, cost, and risk of data loss. This blog explores how those multiple data protection systems can and often do corrupt recovery processes.
Recovery processes
When an outage occurs, the backup or data protection administrator jumps into action to initiate a recovery. That recovery can be as simple as mounting all of the down system or systems as VMs in minutes. Or it can be a lengthy, multi-hour process of restoring each individual system back to the same or similar hardware. There is both a definitive RPO and RTO or time gap between different systems. That gap is a problem for the overlapping data being recovered.
The RTO of snapshot or image-based data protection is going to be noticeably faster than RTO of file-based backup. But not all image data protection recovers at the same speed. There is wide variance. It is these RTO mis-matches specifically of overlapped data being protected that causes serious problems.
Take the example of a system, site, or regional disaster versus a single file. First and foremost, it is considerably more difficult and extensive. Application owners and users will be upset and angry. There is likely to be a bit of shouting, pressure, and chaos. If the failure affects revenue production expect that pressure to escalate and escalate quickly. The clock will be ticking. Hopefully it will be controlled professionally managed chaos, but chaos never-the-less. The different administrators many not be in the same physical locations especially if their facility suffered major damage from fire, flood, tornado, earthquake, volcano, earthquake, or terrorism. Odds are they aren’t communicating effectively with each other or even aware what is going on in their respective domains. They’re each going about their business of recovering the virtual and physical machines, applications, and data. The variable RTOs means some data protection systems will have the applications up and ready before others. The sense of urgency will require getting those recovered systems back into production as quickly as possible, so they will.
But what about the laggards with overlapping data? In the fog of recovery, they are just as likely to be unaware that the systems they’re working as rapidly as possible to bring back into production are already there. Their mission is to bring the recovered systems back on line…now! That sense of urgency, and in many cases human panic, will cause them to overwrite what has already been recovered. Users productively working on the first recovered systems can suddenly find newly written data and transactions disappeared, gone because another data protection or backup system overwrote the data with what is now an older backup.
Avoiding that potentially calamitous result requires either a single comprehensive data protection system process, or disciplined, documented, consistently updated, and continually practiced recovery processes for the multiple data protection systems. Failure to do one or the other creates confusion and data loss. The cost of data loss can be catastrophic.
Part 3 of this series will reveal how the risk of costly non-compliance in backups increases precipitously when there are multiple data protection systems.
To learn more contact us at: info@asigra.com
Asigra Software v14.x
The Asigra Software is architected from the ground to meet the very large-scale requirements of managed service providers delivering backup as a service (BaaS) and disaster recovery as a service (DRaaS). Asigra continually leads the market in comprehensive solutions. From file to image backups; instant or single file recoveries for any hypervisor, physical, virtual machines, cloud instance, SaaS, and Docker containers; laptops – protect, geo-locate, and remote wipe; repurposing of backup data for DevOps, TestDev, Search, and analytics; intuitive management interface; variable RPOs and RTOs; deduplication, compression, encryption, and more.
More importantly, Asigra Software is the first and only data protection/backup today that prevents malware and ransomware from being backed up or recovered. It stops attack-loops in its tracks. Several others detect detonations and notify that an attack is in progress, but do not detect or prevent infections in the backup and recovery streams. Asigra Software additionally prevents malware, ransomware, or disgruntled employees from deleting backups without proper multi-factor authorization. And Asigra Software is the first to enable the “right-to-be-forgotten” PII compliance for GDPR, PDPA, CCPA, and others in backups with documentation of what, who, when, etc.