Cloud-based backup and disaster recover i

Cloud-based Backup and Disaster Recovery Planning – The Essentials

Because data is the lifeblood of your business, you need to ensure it is always protected against loss. This short guide will take you through the essentials of planning your data protection strategy and explores the options for cloud-based backup and disaster recovery solutions.

Technology choices

Backup and disaster recovery (DR) are similar – but different – concepts, designed to protect your data against loss. Although the terms are sometimes used interchangeably (even by technology vendors), you must know the difference to ensure you choose the right systems for you.

Do I need backup?

Backup technologies are designed to create an exact copy of your data so that you can always restore it in the event of a major problem. If your file server is infected by ransomware, backup allows you to recover affected files quickly and efficiently. This technology is particularly well suited to lower-priority data sets and systems.

Do I need Disaster Recovery?

Disaster recovery technologies are typically focused on helping your business resume operations as quickly as possible after a significant outage. Data from your mission-critical systems will be continuously replicated to the cloud (or similar off-site facility), allowing you to bring operations back online quickly.

Backup and disaster recovery (DR) are similar – but different – concepts. Although the terms are sometimes used interchangeably (even by technology vendors), you must know the difference to ensure you choose the right systems for you. You will probably need a combination of both – backup for low-priority systems, DR for the most important.

Building a workable plan

A successful plan relies on knowing what data you have and how important it is to your operations. Prioritising data will help you decide how it should be backed up and recovered.

Assessing RTO

Recovery Time Objective (RTO) describes the amount of time between your systems going down and you bringing them back online again. For mission-critical systems, your RTO targets must be as low as possible – perhaps just minutes – so you can restart operations quickly.

Systems with a high RTO are best suited to cloud-based disaster recovery solutions that offer near-instant fail-over capabilities.

Assessing RPO

Recovery Point Objective measures how much data is lost when your systems go offline. Some of your line-of-business applications will be updating constantly; any updates during a period of downtime may be lost entirely. Other systems update far less frequently – a few hours of downtime would not cause any data loss.

Systems with a low RPO are best suited to DR technologies that offer instant replication to ensure every detail is captured and protected. Higher RPO data can be used with lower-cost traditional backup mechanisms.

Replaceability and interdependence

As you assess your data estate, you need to answer two questions:

  • How easily can we replace lost data?
  • How does each application relate to the others?

Some data is more important to operations than others. Your financial data is essential – the CFO’s financial modelling spreadsheet for the financial year 1998/99 not so much. Plan your backups so that critical data is prioritised and protected accordingly.

Second, don’t forget to assess the interdependence between systems. Sometimes rarely-used systems underpin your mission-critical apps. If the ‘unimportant’ system is not backed up correctly, it’s more important sibling will be unusable. Both systems need similar levels of protection to avoid these problems.

Implementing backup

A good backup plan has three key elements:

  • Retain at least three copies of your data
  • Data is stored on two different media
  • At least one of your backup copies is stored offsite

Cloud backup solutions make this process incredibly simple, with many services offering multiple versions for restore. And because the data is stored offsite, it takes care of media and geography concerns.

Implementing disaster recovery

Disaster recovery is all about restoring operations as quickly as possible. In most cases, this will be in the form of a co-located data centre or cloud-based platform.

When choosing a partner, consider:

  • Are their replication capabilities sufficient to prevent data loss?
  • Do they offer tools and support to manage the post-failover and fail-back processes?
  • Do they offer a pricing model that aligns with your budgets?

Again, cloud technologies offer a good level of protection, flexibility and scalability that is more suitable for most businesses than a traditional co-location setup.

Testing your provisions

Replicating and backing up data is relatively easy – but can you recover it when needed? The final stage of any backup and disaster recovery plan is to test that your fail-over and recovery systems work.

Essentially, you need to be sure that your RTO and RPO goals can be met. This will mean testing backup mechanisms to ensure data can be properly restored within the specified timeframes. Similarly, you will need to trigger a live failover event periodically to confirm DR resources kick in as expected and any disruption falls within acceptable boundaries.

Through testing, you will identify weaknesses and opportunities for improvement before encountering a show-stopping outage.

Get in touch

For more help and advice about Cloud-based Backup and Disaster Recovery technologies that help protect your business against disruption and data loss, please get in get in touch.

Office 365 Backup

6 Critical Reasons You Need a Proper Office 365 Backup Solution

Office 365 has been fundamental to the success of many business’ work-from-home strategies during the pandemic. The ability to access important corporate resources from any place on any device has helped maintain productivity as industry threatened to grind to a halt.

But now that remote working strategies are bedding in, it’s time to address the elephant in the room – Office 365’s less-than-adequate backup provisions.

Here are six reasons you must upgrade your Microsoft 365 backup provisions today.

1 – Accidental deletion

There are two types of deletion: soft deletion, and hard deletion.

Soft deletion is where an item is deleted but can still be recovered from a recoverable item mailbox (a bit like the recycling bin on your PC). A hard delete is where the item is purged from the mailbox database completely at which point the item is unrecoverable.

A proper Office 365 backup service will retain a copy of all data – even if it has been hard deleted by a user.

2 – Retention policy gaps and confusion

A retention policy gap is a period of time in which files/ accounts can be recovered. For example, if an employee leaves your company and their account is deleted, after 30 days any information will be deleted permanently. And if an employee was to go rogue and delete information, you could not recover that data if the 30-day window has elapsed.

A third-party Office 365 backup service offers indefinite retention, much like your existing on-site archiving solutions. So you don’t have to worry about thirty-day limits.

3 – Internal security threats

Employees operating from inside your company are actually a greater threat than hackers. Employees have access to a lot of company information, and security can be breached both intentionally and unintentionally. Office 365 has a major issue; it doesn’t automatically recognise the difference between a current employee and an ex-employee meaning that if you forget to disable their account, the leaver still has access to their email and data – and can maliciously delete anything they want.

External Office 365 backups will maintain a copy of everything the rogue employee thinks they have deleted.

4 – External security threats

External threats can enter the company through emails and attachments. Sometimes these are hard to detect, depending on the hacker’s level of skill and determination. Your company reputation and operations are at risk if your systems are infected with malware or ransomware.

Regular Office 365 backups will ensure that a separate, uninfected copy of your data is always available and can be recovered quickly.

5 – Legal and compliance requirements

Your organisation has a legal duty to retain certain communications and files. This information must be available in the event of a compliance audit or criminal investigation. Microsoft has built a couple of safety nets (such as litigation hold), but this solution is not comprehensive enough to meet your legal obligations. Remember, if a user is deleted, their mail, SharePoint and OneDrive contents are also deleted and may not be recoverable.

Maintaining a separate Office 365 backup removes ambiguity and risk, ensuring your data is always available when required.

6 – Managing hybrid email deployments and migrations to Office 365

Typically only new start-ups have the luxury of adopting Exchange 365 from the outset. Most businesses migrate from an on-premise email solution to the cloud at a later date – and many still retain some services on-premise.

Adopting a third-party Office 365 backup service like Secure Cloud Backup for Office 365 from WTL offers additional flexibility, allowing you to backup and restore emails from a hybrid environment quickly and transparently. This ensures that no matter where your data is located, it is always recoverable.

Get help today

Leaving your Office 365 data backup to Microsoft is a significant business risk. The built-in recovery service is adequate for a file or two, but it is not suitably comprehensive to properly protect your business and its data assets – what happens if a deletion is only discovered 31 days after the incident?

Fortunately, WTL has you covered, contact us today to discuss our fast, reliable, cost-effective Secure Cloud Backup for Office 365 solution and discover how to properly protect your emails and data.

 

cloud backup strategy

Do you need to get physical with a cloud backup strategy?

Virtualising backup with the cloud is powerful, effective and extremely safe. But just because data is now being archived off-site does not mean that hardware can be completely removed from your backup strategy.

In fact, physical hardware may still have an extremely important role to play in your cloud backup strategy.

1. Export by hard drive

The initial speed of a cloud backup may take weeks to complete as you transfer terabytes of data offsite. The actual time taken will depend on network and broadband speeds. Without careful traffic management, the uploads may negatively impact day-to-day operations too.

The process can be accelerated by shipping physical drives to the backup provider so that the data can be copied locally. This will be exponentially quicker – and arguably more secure – than trying to upload over the internet.

2. Restore by hard drive

Restoring from cloud archives is just as important – and fraught with the same difficulties. Speed of recovery will be limited by available internet bandwidth and download speeds.

For downloads that can be sized in gigabytes, online recovery will probably be acceptable. But for a disaster recovery scenario which involves a large amount of data, the speed of transfer is critical.

In the same way that physical hard drives can accelerate seeding of backups, they can also be employed to speed up recovery. If you plan to make cloud backup your principal method of data recovery, check to see if your service has the option of shipping physical disks.

3. Cloud as backup

The issue of time to recovery is of critical importance. Knowing that a complete dataset may take days to recover from the internet, it may be that the cloud is best deployed as a secondary backup.

In this scenario, your existing systems provide real-time services for instant recovery, while periodic (daily / weekly / monthly) backups are replicated to the cloud. Maintaining physical backups on-site minimises time to recovery, while off-site backups help to maintain the integrity and ensure that data is always recoverable.

4. Local servers for recovery testing

You know that your data is always protected when using cloud backup services – but how do you go about recovering it? Keeping spare physical servers will allow you to test your recovery protocols and ensure that they deliver against business needs.

For best results, keep at least one example of each bare metal server to ensure everything works correctly.

5. Physical recovery documentation

Modern business is driven by digital data – but there will always be a place for hard copy records in certain circumstances. In the case of disaster recovery, you must maintain physical, off-line copies of the information required to brings systems back online.

Records must include the recovery action plan, applications and serial numbers. And don’t forget to include contact details for the individual who holds the administrative passwords required for recovery and reconfiguration.

The future is hybrid

Until available bandwidth increases exponentially, there will always be a place for physical assets in your backup regime. The trick is knowing where to divide the load between local and cloud.

WTL offer a range of cloud based solutions. that can extend the rigour of your on-premise backup without without compromising control, visibility, or auditability.

For more assistance in defining a cloud backup strategy that delivers the reliability, speed and security your business demands, please give us a call.

Backup to cloud

Tips for planning your backup to the cloud strategy

Backup to the cloud is a rapidly emerging data protection strategy and can remove management overheads, whilst also improving performance and efficiency. It is a big shift for many organisations however and there are a number of considerations that it is wise to address beforehand.

Firstly, it is crucial that you clearly understand your data retention requirements, whether they are required by regulation, for compliance purposes, or set by the business. It is a recommendation that you retain data backups onsite long enough to cover around 85% of the typical file restore requests that come in.

On the topic of compliance, it is also wise to look at regulatory requirements as a whole to make sure that your new backup strategy adequately addresses those. This could mean making sure that your data will be kept in a geographical location that is accepted, and not moved to a cloud location in a country that doesn’t comply with your local regulations. It could also mean that you need to look at the protection your data has whilst in transit, not just while it is at rest in storage. You should look at encryption to protect the data while it moves from location to location and in between.

Before starting your backup to cloud planning, it’s useful to update your DR plans, as this can help you identify any areas that your current backup strategy isn’t addressing, where your backup to cloud strategy could help. At the same time, run a gap analysis on your current backup strategy to see where improvements can be made with the new solution. For sustainability and budget purposes, it is a worthwhile exercise to identify any reusable elements of your current backup solution, that will work in your new backup infrastructure.

The next step is to consult with the key stakeholders within the business. They can help you understand what the business requirements of your backup strategy need to be and could include performance requirements, scalability and security. The IT Department might think that some performance degradation is acceptable, or even unnoticeable, or that it a recovery window of 24 hours would work for the business, while another business function, such as finance or sales, might believe that performance cannot be undermined at any cost, and that data must be instantly recoverable for a set period. It is only through consultation with each head of department, that you will understand the expectations and requirements and be able to build these into the solution’s scope (or not, if you deem it unattainable or unnecessary).

Whilst reviewing the expectations of the business, review your formal Service Level Agreements (SLAs) to make sure they are still appropriate and to ensure that your new backup strategy can meet the most up to date SLAs.

The stakeholder consultation may also uncover different requirements for different data sets, or applications, which is not uncommon. Finance data is likely to be governed by more regulations and could have longer retention periods than marketing or sales data for example. Most current backup strategies treat all data the same but a backup to cloud strategy could incorporate granular policies for different data sets, applications or departments.

The benefits of a disk-to-disk-to-cloud strategy are clear; rapid restores, almost instantaneous offsite vaulting, lower cost backup storage options and greater levels of security, but as with any major project, planning is essential if you are going to realise all the benefits and meet the needs and expectations of the business.