Many small-to-medium sized business (SMB) owners question the need for any kind of disaster recovery plan (DRP), particularly a data disaster recovery plan. “I’m just a small business. How much can I really lose?” Here are some sobering statistics:
- 31% of PC users have lost all of their files due to events beyond their control.
- 25% of companies that suffer a major disaster never reopen.
- 60% of companies that lose their data will shut down within 6 months of the disaster.
- 93% of companies that lost their data center for 10 days or more due to a disaster, filed for bankruptcy within one year of the disaster. Fifty percent of businesses that found themselves without data management for this same time period filed for bankruptcy immediately. (National Archives & Records Administration in Washington).
It’s important to recognize that there’s a difference between a simple data disaster and a major business disaster. A data disaster refers to the loss of data due to a server crash, hard drive crash, some other relatively small accident that deprives a business of its data, or a natural disaster, without affecting the rest of its assets. Developing a recovery plan for the loss of data is relatively easy but crucial.
Conduct a Data Assessment
The first and most important step in successfully protecting your company is knowing what data needs to be safeguarded. A surprising number of users miss important files and folders simply because they don’t know the data exists or that it is important to the company. The best rule to follow with every user is that old adage, “Never assume anything” about what should or shouldn’t be backed up.
- What applications do you use to run your business?
- Who uses them, when, and how often?
- Where does the data reside?
- What are your data retention requirements (e.g. how long do you need to keep files)?
- Are any copies kept onsite or offsite?
- What’s the impact on the business if the data is lost?
- What’s your recovery point objective (RPO): What is the minimum data required to run the business)?
- What’s your recovery time objective (RTO): How quickly must the RPO be achieved?
Don’t leave yourself or your users vulnerable. Know what you need to protect! Once you know what to back up, create the backup set or sets.
Save Your Data
Part of the data assessment is determining how long to retain the data. In some cases, such as with medical records or tax records, legal requirements determine the length of retention. When there are no legal requirements, the length of retention is up to the customer and should be based on several considerations. Some of these include:
- What data is mission critical? Data such as client information for law offices may need to be kept longer than customer information for retail or service businesses.
- What data is time sensitive? Financial information (revenue and expenses) for purposes of tax reporting or securities reporting needs to be kept longer than other types of data, such as a comparative analysis of two different sales/marketing campaigns.
- What data is just nice to have? There is certainly some data that customers will want to save just for the sake of saving it. But when that data starts to push the limits of the customer’s storage amount, they should understand that it doesn’t have to be saved for long periods.
Setting criteria for retaining data is highly important when discussing backups. Deleting data from storage is different from deleting it on a Windows-based computer. If a file or folder is inadvertently deleted from Windows, it can often be recovered with certain software. If data is deleted from backup storage, it’s really gone!
Use delete with caution. Don’t assume the next backup will restore the data. Don’t assume the data can be retrieved after deleting it. Don’t take any unnecessary risks. The bottom line is this: if there is a chance you might need it, don’t delete it!
Schedule the Backup
When first seeing “Schedule the Backup” in a list of best practices, you might think, “Well, yea.” But remember with Intronis, backups can be managed manually. Some customers actually prefer to only launch their backup sessions that way. The risk is that leaving a backup in manual mode means it won’t run unless someone actually runs it. What if the person responsible gets busy and forgets? What if at the time they try to run the backup they can’t access the server?
The data is not protected if the backup doesn’t run!
The good news is scheduling a backup in Intronis is easy. Backups can be scheduled for any day at any time. They can be blocked within fixed time frames or run until completion. And multiple backups can be scheduled on the same day for those customers who generate important changes in their data throughout the day.
Run a Test Backup
As reliable as the backup and recovery solution is, Murphy’s Law can rear it’s ugly head anywhere and anytime. Human involvement makes it inevitable. Permissions may not be set correctly, required software may not be installed, or remote drives may not be accessible. There are dozens of potential environmental pitfalls that can prevent a backup from running.
Performing a quick test will help identify any environmental issues with software or hardware that could prevent the backup from running successfully when it really counts. Review the logs after the backup has run. Look for any warnings or errors to ensure the backup has run successfully.
Run a Test Restore
After you’ve demonstrated a successful backup, go ahead and run a test restore to an alternative location. After all, showing that you can back up data is only half of the reason you use a cloud backup and recovery solution. Recovery, or restoring data is the other half.
Select a location other than the backed up computer onto which the restore will occur. After the restoration is complete, make sure the results match the backup set you created. Also make sure the restored data is complete and usable.