Monthly newsletter Weekly news roundup Breaking news notification    

IT continuity for the small and medium sized organisation

Get free weekly news by e-mailDon Chouinard outlines the essential steps that SMEs must take to protect their operations.

While data protection, disaster recovery and information security is vital to large enterprises small and midsize businesses face no lesser risk when data is compromised.

Smart businesses of all sizes consider data one of their greatest assets. Vital information can be lost or compromised by viruses, hackers, computer failures, natural disasters, and a variety of other causes. If you are in charge of information security in your company or department, you know that a properly designed data protection plan involves minimising potential data loss and ensuring that you can quickly and efficiently recover information.

Large enterprises have extensive systems and procedures in place to keep their information safe, but small and midsize businesses need to be just as diligent when it comes to business security and disaster preparedness.

Implementing enterprise-class data protection
The hallmarks of enterprise-class data protection are technologies like remote replication and disk mirroring. These technologies create an additional, extremely current copy of data to ensure availability when disaster strikes and to keep data accessible to network users.

Such backup strategies often involve installing a second round of hardware and software that takes over when the first round has been compromised. The cost and complexity of such a system can be prohibitive in all but the largest companies.

Smaller companies can implement similar levels of security by employing effective, but less expensive backup strategies. For these data protection strategies to be effective, they must meet three criteria:
* The backup must be as current as possible;
* The backup must be as complete as possible;
* A copy of the backup media must be kept offsite for safety purposes.

Keeping up with the backup
Keeping backed-up data current is the first hurdle to clear. It can often be difficult to complete backups in the time allotted, depending on the amount of data that needs to be protected, the media that will be used to hold the backups, and the network topology. Companies frequently make compromises such as backing up only the most important servers, backing up servers less frequently, or not protecting the data on desktop and notebook computers. Most small and medium sized businesses automate backups so that they occur nightly to ensure that, at most, only one day of data will be lost. After a while the policy about which computers will be backed up, and how frequently they will be backed up, becomes accepted by the organisation as a given.

Complete backups
Ensuring complete backups demands a bit more attention. It is useful to separate the concept of protecting user data from the concept of protecting the computers and applications themselves. The former requires backup and restore software, whereas the later requires disaster recovery software. When these two types of software are used together, complete backups can be performed which allow you to restore the entire computer quickly to the state it was in before the data loss occurred. These backups must include not just documents, but applications, user settings, and operating system settings.

When data loss occurs due to physical damage to a computer, it can take countless hours of adjustments to restore user settings, applications, application and operating system updates, as well as application and operating system configurations to their previous states unless you have been diligent about creating disaster recovery CDs regularly. Disaster recovery software collects all of this data from the hard drives and saves it on the backup media. Then after the disaster strikes, disaster recovery CDs can be created from the backup media to quickly restore the entire computer.

Complete backups should also include not just data on servers. A reliable backup strategy must also protect data on desktop and laptop computers, which can contain between 40 and 80 percent of vital data in a business. Your backup strategy should automatically protect desktop and notebook computers. Too often companies rely on server-only backups, only to discover that a disaster has wiped out information that is vital to the company’s success.

Lastly, 24/7 business-critical applications need to be protected while they are up and running. There are two approaches to accomplishing this goal. The newer, more sophisticated open file backups can take an accurate snapshot of multiple logical volumes simultaneously, thereby performing an accurate backup. This is an improvement over older methods that take snapshots of only a single file at a time, which was not sufficient to protect more robust applications that simultaneously write to several opened files residing on separate logical volumes. The other approach is to use specific agents or add-ons that use the APIs of the 24/7 applications to collect its data while it is up and running. The first approach provides breadth of support for hundreds of 24/7 applications, while the latter provides depth of support for the most popular 24/7 server applications.

Offsite storage of backups
Finally, a copy of the backup data you create through the regular backup system must be kept onsite, and another copy must be sent to a secure, offsite location. The onsite copy will be used to perform restores as required, and the offsite copy will safeguard against damage to the onsite backup media. A number of companies specialise in picking up backup media for storage in highly secure facilities. Typically once a week the weekly onsite and offsite media are rotated. This usually occurs on a Friday, because a time-consuming full backup needs to be performed in order to bring the offsite media current when it comes onsite. More sophisticated backup software can make the offsite media current with a fast progressive incremental backup, saving valuable time, and giving flexibility to rotate media on any day, and as often as desired.

Accuracy matters in restores
Performing effective backups is less than half of the story. The most current, complete, and safe backups in the world are useless if they cannot be used to restore lost data. A business must be able to quickly recover lost data in order to minimise downtime and avoid cutting into employee productivity.

An important part of implementing an emergency preparedness agenda is to periodically perform a practice restore of data from the backup media. These dry runs can reveal any potential problems in a restore process, and they can keep your backup staff prepared for emergency situations.

If you learn to protect data in the same way a large corporation does, you will not only prepare your company for unforeseen emergencies, but you will also protect your business from being a victim of preventable data loss. You can enable continuous operation by adopting a backup plan that includes current, complete, off-site copies, and incorporates well-rehearsed restores in order to eliminate the risks that most small and midsize businesses face.

Don Chouinard is the director of product management at Dantz Development Corp. He can be reached at donc@dantz.com

Date: 30th January 2004 •Region: Worldwide •Type: Article •Topic: IT continuity
Rate this article or make a comment - click here



Copyright 2005 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help