Solved

Need help in creating a backup plan (template)

Posted on 2012-04-09
6
3,884 Views
Last Modified: 2012-06-27
I am in need of backup plan.

I have submitted a plan which is rejected by the auditor.

Appreciate if someone can guide how to create a backup plan at-least for 1 server
or
provide me a template
0
Comment
Question by:-MAS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 21

Expert Comment

by:SelfGovern
ID: 37829172
A backup plan needs to specify for each data store (i.e., application, database, file server, etc.):
- How much data can I afford to lose?  This is called the Recovery Point Objective (RPO).  Maybe you can afford to lose a day's worth of email, an hour's worth of personnel data, and only a minute's worth of orders.  In general, the less data you can afford to lose, the more expensive the solution will be.
- How long can this data store be allowed to be down?  This is called the Recovery Time Objective (RTO).  Maybe manufacturing has to be back up in an hour, while email can be down for three hours.  In general, the shorter the desired recovery time, the higher the cost of the solution.
- What are my legal and business requirements for data retention?  Tax data may have to be kept for three or seven years.   Contracts and related data needs to be kept for the length of the contract and another year or two.  Medical records may need to be kept for the life of the patient plus a few years.
- Are there legal or business requirements for encrypting the data?  
- What is the budget?  Knowing how much money the business principles want to spend, you can try to develop a solution that meets the requirements.  Of course, it may well be that people have an unrealistic idea of how much a data protection solution costs... but if you know the requirements, you can go back to them and say, "If this is the requirement, the cheapest solution is ____.  Or, we can leave out x and y and do it or $z."
- What are the most likely threats?  Accidental or intentional deletion of data?  Employee theft?  Power outages?  Natural Disasters?  Hardware failure?  Computer virus or other malicious code?    Each of these can require a different solution to keep the business up and running.


To develop your backup plan, you need to understand the business needs (and possibly legal requirements) that go into each of those four areas. Once you know that certain systems need to be back up and running in two hours, you can ask intelligent questions here about what kind of solution would meet that need.  

Some things to keep in mind:
- Copies on disk don't do a good job of meeting archival needs
- Backups to the cloud may not give you good restore times (RTO)
- Encryption is increasingly important, and has become easy.  Key management, on the other hand, can be more of a challenge, and is critically important -- lose your keys, lose your data.
0
 
LVL 26

Author Comment

by:-MAS
ID: 37831455
Appreciate if you can provide  template/example for doing the same.
0
 
LVL 21

Accepted Solution

by:
SelfGovern earned 250 total points
ID: 37945117
Make a spreadsheet.  List down column A each server you have.  If you have different applications on a server that will require different backup plans (daily fulls vs. weekly fulls + daily incrementals, or one application has one-year retention, and the other needs 10-year retention), have one line for each.

Column B, for each of those servers or data sources, write what you know about how it's being backed up today.

Column C, D, E, F, G should hold Backup Window (how long I have to back it up), Required Retention Period and Granularity (how long must I keep the data, whether I need to keep all daily backups, or only weekly or monthly backups, etc.), Frequency of Backup (daily fulls, weekly only, weekly fulls with daily incremental/differential, etc), required restore window, maximum allowable data loss (a day's worth, an hour's worth, a minute's worth, second's worth, or none)

Now, you'll have to interview the owner of each data store/application/server to understand what his real needs are on your spreadsheet.   You might want to go in with some idea of how much each option is going to cost ("We can provide clustered servers with daily full backups for $10/GB/month.  Mirrored storage only with daily full backups would be $8/GB/month.  Mirrored storage with weekly full backups and daily incremental backups would be $6.50/GB/month" or such).   But there should be some hard numbers you can get out of them, such as, "the order-taking system will cost the company $x per hour of downtime; losing one day's worth of data will cost them $y."

Getting those requirements and downtime/lost data costs will help you craft a solution that meets the requirements and risk-tolerance in a cost-effective way.  Once you have them laid out in the spreadsheet, you can start to group similar requirements together and than plan a backup strategy for each of those groups.

Now -- that may sound like a lot of work, and it is.  It's also hard to get in most smaller businesses, because people just don't know, and may not have the analytical skills to be able to calculate the answers.  So a lot of businesses just do a simple
    weekly full
    daily differential
    keep daily backups for two weeks
    keep weekly fulls for two months
    each month, promote one weekly backup to a monthly backup
    keep each monthly backup for 12 months
    each quarter, promote one monthly backup to a quarterly backup
    keep quarterly backups for two years
    once a year, promote a quarterly backup to an annual backup
    keep each annual backup forever

That's an outline for you.  More than that is going to be hard to get here.
My recommendation would be for you to start with a book called
"Backup for Dummies" (yes, really).  From there, you can find other books
that will help you devise a backup strategy for your business.

Or, hire a consultant who can come in and ask the right questions and who will propose a solution that his company will stand behind.

Do remember when you lay out the costs, that a huge proportion of companies that lose a key server are out of business in a year -- so one of the considerations is, "How much is this business worth?  Given that figure, how much  is it worth to protect the data *right*?"
0
 
LVL 24

Assisted Solution

by:Brian B
Brian B earned 250 total points
ID: 37946931
Lots of good answers here. It does sound like you need to push back on the stakeholders in your backup project and clarify exactly what the recovery parameters are. In disaster recovery you have two components, specifically:

1. How long do they plan to keep the backups? (recovery)
There may be laws governing some of this. Most companies I have set up run a full+daily incrementals for a week and kept two week's worth. The last backup set from the month then became the monthly backup which was kept for a year. This has always been tape so far, but the same sort of process could be done with a disk-based backup.

2. If any specific system fails how long do you have to recover? (redundancy)
This is what we call the "smoking crater" scenario. The building, or at least the server room is completely gone. How fast do they need to get going again? This solutions typically involve offsite redundancy either in the form of duplicate hardware, or at the very least a mirrored disk backup.
0
 
LVL 26

Author Closing Comment

by:-MAS
ID: 37950579
Many thanks,
Little bit struggling in the beginning, but when  completed one server it is become easy.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
Microsoft will be releasing the Windows 10 Creators Update in just a matter of weeks. Are you prepared? Follow these steps to ensure everything goes smoothly and you don't lose valuable data on your PC.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question