Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Need help in creating a backup plan (template)

Posted on 2012-04-09
Medium Priority
Last Modified: 2012-06-27
I am in need of backup plan.

I have submitted a plan which is rejected by the auditor.

Appreciate if someone can guide how to create a backup plan at-least for 1 server
provide me a template
Question by:MAS
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 21

Expert Comment

ID: 37829172
A backup plan needs to specify for each data store (i.e., application, database, file server, etc.):
- How much data can I afford to lose?  This is called the Recovery Point Objective (RPO).  Maybe you can afford to lose a day's worth of email, an hour's worth of personnel data, and only a minute's worth of orders.  In general, the less data you can afford to lose, the more expensive the solution will be.
- How long can this data store be allowed to be down?  This is called the Recovery Time Objective (RTO).  Maybe manufacturing has to be back up in an hour, while email can be down for three hours.  In general, the shorter the desired recovery time, the higher the cost of the solution.
- What are my legal and business requirements for data retention?  Tax data may have to be kept for three or seven years.   Contracts and related data needs to be kept for the length of the contract and another year or two.  Medical records may need to be kept for the life of the patient plus a few years.
- Are there legal or business requirements for encrypting the data?  
- What is the budget?  Knowing how much money the business principles want to spend, you can try to develop a solution that meets the requirements.  Of course, it may well be that people have an unrealistic idea of how much a data protection solution costs... but if you know the requirements, you can go back to them and say, "If this is the requirement, the cheapest solution is ____.  Or, we can leave out x and y and do it or $z."
- What are the most likely threats?  Accidental or intentional deletion of data?  Employee theft?  Power outages?  Natural Disasters?  Hardware failure?  Computer virus or other malicious code?    Each of these can require a different solution to keep the business up and running.

To develop your backup plan, you need to understand the business needs (and possibly legal requirements) that go into each of those four areas. Once you know that certain systems need to be back up and running in two hours, you can ask intelligent questions here about what kind of solution would meet that need.  

Some things to keep in mind:
- Copies on disk don't do a good job of meeting archival needs
- Backups to the cloud may not give you good restore times (RTO)
- Encryption is increasingly important, and has become easy.  Key management, on the other hand, can be more of a challenge, and is critically important -- lose your keys, lose your data.
LVL 27

Author Comment

ID: 37831455
Appreciate if you can provide  template/example for doing the same.
LVL 21

Accepted Solution

SelfGovern earned 1000 total points
ID: 37945117
Make a spreadsheet.  List down column A each server you have.  If you have different applications on a server that will require different backup plans (daily fulls vs. weekly fulls + daily incrementals, or one application has one-year retention, and the other needs 10-year retention), have one line for each.

Column B, for each of those servers or data sources, write what you know about how it's being backed up today.

Column C, D, E, F, G should hold Backup Window (how long I have to back it up), Required Retention Period and Granularity (how long must I keep the data, whether I need to keep all daily backups, or only weekly or monthly backups, etc.), Frequency of Backup (daily fulls, weekly only, weekly fulls with daily incremental/differential, etc), required restore window, maximum allowable data loss (a day's worth, an hour's worth, a minute's worth, second's worth, or none)

Now, you'll have to interview the owner of each data store/application/server to understand what his real needs are on your spreadsheet.   You might want to go in with some idea of how much each option is going to cost ("We can provide clustered servers with daily full backups for $10/GB/month.  Mirrored storage only with daily full backups would be $8/GB/month.  Mirrored storage with weekly full backups and daily incremental backups would be $6.50/GB/month" or such).   But there should be some hard numbers you can get out of them, such as, "the order-taking system will cost the company $x per hour of downtime; losing one day's worth of data will cost them $y."

Getting those requirements and downtime/lost data costs will help you craft a solution that meets the requirements and risk-tolerance in a cost-effective way.  Once you have them laid out in the spreadsheet, you can start to group similar requirements together and than plan a backup strategy for each of those groups.

Now -- that may sound like a lot of work, and it is.  It's also hard to get in most smaller businesses, because people just don't know, and may not have the analytical skills to be able to calculate the answers.  So a lot of businesses just do a simple
    weekly full
    daily differential
    keep daily backups for two weeks
    keep weekly fulls for two months
    each month, promote one weekly backup to a monthly backup
    keep each monthly backup for 12 months
    each quarter, promote one monthly backup to a quarterly backup
    keep quarterly backups for two years
    once a year, promote a quarterly backup to an annual backup
    keep each annual backup forever

That's an outline for you.  More than that is going to be hard to get here.
My recommendation would be for you to start with a book called
"Backup for Dummies" (yes, really).  From there, you can find other books
that will help you devise a backup strategy for your business.

Or, hire a consultant who can come in and ask the right questions and who will propose a solution that his company will stand behind.

Do remember when you lay out the costs, that a huge proportion of companies that lose a key server are out of business in a year -- so one of the considerations is, "How much is this business worth?  Given that figure, how much  is it worth to protect the data *right*?"
LVL 25

Assisted Solution

by:Brian B
Brian B earned 1000 total points
ID: 37946931
Lots of good answers here. It does sound like you need to push back on the stakeholders in your backup project and clarify exactly what the recovery parameters are. In disaster recovery you have two components, specifically:

1. How long do they plan to keep the backups? (recovery)
There may be laws governing some of this. Most companies I have set up run a full+daily incrementals for a week and kept two week's worth. The last backup set from the month then became the monthly backup which was kept for a year. This has always been tape so far, but the same sort of process could be done with a disk-based backup.

2. If any specific system fails how long do you have to recover? (redundancy)
This is what we call the "smoking crater" scenario. The building, or at least the server room is completely gone. How fast do they need to get going again? This solutions typically involve offsite redundancy either in the form of duplicate hardware, or at the very least a mirrored disk backup.
LVL 27

Author Closing Comment

ID: 37950579
Many thanks,
Little bit struggling in the beginning, but when  completed one server it is become easy.

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question