It’s been a while since I’ve done a meme Monday, so let’s get the week started with a light-hearted look at data protection.
How fast do you need to do that recovery? If it’s a production database, fast. And the required speed usually increases with the recency of the backup. Luckily, PowerProtect DD has you covered on that front — multi-streaming a compressed recovery from DDFS can give you a blisteringly fast data retrieval.
When do you patch your systems? (Hopefully regularly, of course!) The old systems administrator creed of course is that Friday is “POETS day” (“P**s Off Early, Tomorrow’s Saturday”), but does it still hold true? Well, the answer is always, it depends. If you’re confident of your recovery procedures, you’ve got an up-to-date backup, you’ve automated any lower-level rebuild processes, and you’ve tested your changes, any time should theoretically be safe to patch.
This is a case of “eating your own dog-food”: the most likely time I’ll patch my home lab/server systems is around 4am-5am on the weekend. I’m barely caffeinated, still waking up, but I’m happy to patch because I know anything I patch is protected. In short, the 5pm Friday Patch Bogeyman shouldn’t be something you cower in terror from.
And here’s the thing that can give you the confidence to patch at any time, day or night: tested backups. That doesn’t mean you have to test every backup, of course. But if you have a rigorous procedure of testing all new backup types, testing backups of all new systems, and randomly testing backups, you can enter challenging situations with a certain degree of confidence: that confidence being you know that when you click “Start” on a recovery, the data will flow.
But if you’re not testing backups, they’re just random collections of bits and bytes (with maybe a nybble or two thrown in).
Let’s change up the pace and start thinking about security. How secure is your backup environment? Your backup environment, if breached, gives unfettered access to your entire IT environment.
So that’s why it’s important to apply full security processes to your backup environment, rather than token gestures like making the admin password slightly tricky to guess by adding a symbol or two to it.
Of course, there’s no joking about Ransomware and other Cyber attacks, but if your business has put in place a fully developed cyber recovery vault (and clean room!), you’ll at least know you can get your recoveries underway while the production network is being forensically audited and cleansed. No matter what you do, there’s a certain amount of pain involved in cleaning up from a cyber attack, but if you’ve got a secure and vetted copy of your data sitting in a vault, you’re sitting relatively pretty compared to 95-99% of businesses in the same situation.
I was once called in to a customer meeting where the IT manager explained they needed to expand their backup environment because they now had to backup the marketing team’s NAS share — about 60TB. He visibly blanched when his lead infrastructure administrator opined, “Or we could just let it be hit by ransomware and solve the problem that way”.
Cyber attacks – ransomware or any other for that matter – can cripple a business in the most basic of ways. One of which is just being able to get in contact with staff. If malware takes out your active directory servers and you’re unable to find contact details for staff, how do you get in contact with staff to ask them to help with recovery? Again, that’s where a vault can buy peace of mind. But to make sure you get peace of mind, ensure that the right things are getting vaulted — such as contact lists for critical staff, including personal contact details. After all, what’s the point of having someone’s work email address available if the email server has been compromised? Keep these details simple, too! Sure, vault the database, but vault CSV exports that can be accessed quickly and with minimum fuss. (Oh, and don’t forget payroll details. People who are working 24×7 to get your business back up and running will appreciate getting paid on time.)
A data protection job is a serious job, but if we can’t have a chuckle from time to time about what we do, we’re probably taking it a little too seriously.
Happy Monday!