Selecting a Backup and Recovery Solution
I have over 30 years in the IT industry. During this time I have worked with a variety of products in a variety of industries.
Published:
Browse All Articles > Selecting a Backup and Recovery Solution
In an organization, selecting a backup and recovery product can be a complicated task. This gives an opinion and a process that I use and hope that others find helpful.
There always seems to be someone asking, “What is the best backup and recovery solution?” With this question, there have also been comments that associate this type of question along the lines of a religious discussion. So, I expect there may be other opinions offered on this subject. Many people have their opinion on the “best” product. The reality is that every environment is different, and one really must analyze one’s wants, needs, and requirements against all of the different vendors on the market. Having recently gone through the process of evaluating a replacement backup solution, I decided to give some insight into a process that I feel really worked. Hopefully, it will help you.
I have been working for over 20 years with backup and recovery. It seems no matter where I work, this ends up as one of my primary responsibilities. My experience goes back to the early years of tapes and drives to the modern era of cloud-based backup. Somehow, no matter where I work, this ends up being one of my primary responsibilities. As mentioned before, I have had my favorites and stood by them firmly. I had a product I used for over a decade. It was rock solid, and never failed to recover anything. Several years ago, the vendor added an immutability option to the platform, which I deployed. However, in the world of modern-day ransomware infections, a quick recovery is key. I found that while it was immutable, recovering full virtual machines for the entire environment would be a slow and arduous task. It was decided to evaluate other products and see if there was a better solution.
I will not mention either the previous product or the replacement as this is not meant to be a recommendation for a specific product. This is meant to cover more of a process. The best process I have found is a numbering scale. Attached to this article is an Excel spreadsheet. Feel free to edit as needed. Across the top is a list of desired functions and features, then down the left side, one can list the products one is interested in evaluating. The scale provides a way to assign a value to the feature and how one feels the product meets that need. The idea is to run through all the products under consideration, assign them and the feature a value, then total each row. From this, one should be able to narrow down to a “top 3”. At this point, the recommendation is to either get a demo from each vendor or even do a proof-of-concept if time allows. If one also has a Gartner ore Forester agreement, one can also contact them for an analysis of the top three.
I will say that with still having a significant on-premises footprint, having a physical, dedicated appliance is a mandatory requirement for me. This should be followed by having a centralized management for both on-premises and cloud. The reason I like the appliance, is due to the impact of ransomware infections and infrastructure failure. If one selects a product that installs the management console on a Windows server, and the environment is ransomed, that just made the recovery a lot harder. With an appliance that has built-in, immutable backups, you can log directly into the appliance to start the recovery process. Many products now have the ability to spin the VM up on the appliance and then vMotion it back to the infrastructure, getting one up and running faster. The products also have tie-ins with other security products that can scan the backups for potential compromise or ransomware infections. Another recommendation would be to select a product that offers the ability to enable MFA for authentication. The stronger and harder one can make it to compromise the backups, the more certain the ability to recover. Threat actors know that being able to destroy the ability to recover on one’s own improves the likelihood that one will pay them to be able to recover.
Deciding to move away from a solid backup and recovery product is hard. However, the product one uses must be constantly adapting to the ever-changing world of information technology. The vendors need to be constantly improving security, increasing the speed of recovery, and making protecting one’s data key. If there are features one is needing and vendor does not have it on the roadmap, the company starts laying off staff, or one sees other red flags, it is time to reevaluate. With the increase in ransomware, even tape is making a comeback. It is a guaranteed way to keep a fully air-gapped, offline backup. However, you still need a way to make sure those backups to not contain any compromised systems/code and that is not possible with tape. If one gets to this article because one is considering a backup and recovery product, I hope you found this helpful in making your selection. Taking what someone throws out “as the best” may not be the best solution for one’s own environment.
Backup and Recovery Comparision.xlsx
I have been working for over 20 years with backup and recovery. It seems no matter where I work, this ends up as one of my primary responsibilities. My experience goes back to the early years of tapes and drives to the modern era of cloud-based backup. Somehow, no matter where I work, this ends up being one of my primary responsibilities. As mentioned before, I have had my favorites and stood by them firmly. I had a product I used for over a decade. It was rock solid, and never failed to recover anything. Several years ago, the vendor added an immutability option to the platform, which I deployed. However, in the world of modern-day ransomware infections, a quick recovery is key. I found that while it was immutable, recovering full virtual machines for the entire environment would be a slow and arduous task. It was decided to evaluate other products and see if there was a better solution.
I will not mention either the previous product or the replacement as this is not meant to be a recommendation for a specific product. This is meant to cover more of a process. The best process I have found is a numbering scale. Attached to this article is an Excel spreadsheet. Feel free to edit as needed. Across the top is a list of desired functions and features, then down the left side, one can list the products one is interested in evaluating. The scale provides a way to assign a value to the feature and how one feels the product meets that need. The idea is to run through all the products under consideration, assign them and the feature a value, then total each row. From this, one should be able to narrow down to a “top 3”. At this point, the recommendation is to either get a demo from each vendor or even do a proof-of-concept if time allows. If one also has a Gartner ore Forester agreement, one can also contact them for an analysis of the top three.
I will say that with still having a significant on-premises footprint, having a physical, dedicated appliance is a mandatory requirement for me. This should be followed by having a centralized management for both on-premises and cloud. The reason I like the appliance, is due to the impact of ransomware infections and infrastructure failure. If one selects a product that installs the management console on a Windows server, and the environment is ransomed, that just made the recovery a lot harder. With an appliance that has built-in, immutable backups, you can log directly into the appliance to start the recovery process. Many products now have the ability to spin the VM up on the appliance and then vMotion it back to the infrastructure, getting one up and running faster. The products also have tie-ins with other security products that can scan the backups for potential compromise or ransomware infections. Another recommendation would be to select a product that offers the ability to enable MFA for authentication. The stronger and harder one can make it to compromise the backups, the more certain the ability to recover. Threat actors know that being able to destroy the ability to recover on one’s own improves the likelihood that one will pay them to be able to recover.
Deciding to move away from a solid backup and recovery product is hard. However, the product one uses must be constantly adapting to the ever-changing world of information technology. The vendors need to be constantly improving security, increasing the speed of recovery, and making protecting one’s data key. If there are features one is needing and vendor does not have it on the roadmap, the company starts laying off staff, or one sees other red flags, it is time to reevaluate. With the increase in ransomware, even tape is making a comeback. It is a guaranteed way to keep a fully air-gapped, offline backup. However, you still need a way to make sure those backups to not contain any compromised systems/code and that is not possible with tape. If one gets to this article because one is considering a backup and recovery product, I hope you found this helpful in making your selection. Taking what someone throws out “as the best” may not be the best solution for one’s own environment.
Backup and Recovery Comparision.xlsx
I have over 30 years in the IT industry. During this time I have worked with a variety of products in a variety of industries.
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (0)