With the opportunity given to me, I wanted to write 2-3 things about data protection in companies and large organizations, because we easily secure our personal data with dozens of services cloud which a simpleton has at his disposal user but when the conversation reaches the level of a company then the variables increase.
Methodology backup 3-2-1
The golden rule that everyone should follow backup a company's strategy is the 3-2-1 methodology, which in summary means: 3 different copies of the data, 2 different storage methods, 1 of them being remote.
Let's see them in detail.
We start with 3 copies of the data which can be anything. Usually the first copy is found on the storage array in the case, of course, that the infrastructure owns such a device. We create this with the form snapshot and offers us the quickest way to recover in the event of a disaster. In case we don't have shared storage we can use him Hypervisor (VMware vSphere ή Microsoft Hyper-V) to do similar work. Of course someone at this point may wonder what we do in case we lose it storage as such.
On this occasion we enter the second copy which ideally should live outside the master compute and storage of our infrastructure. This can be anything like a simple server with disks and NFS shares or something sophisticated like one S3 Repository or someone Dedicated backup appliances like the UPE Store Once. Each option has its negatives and positives and most of the time we move with that in mind budget the customer's.
Finally we combine the 2 different storage media with the 1 remote one. As different means we can have it cloud or some press cartridge Linear Type Open (LTO). Yes, the tape in his world enterprise IT lives and reigns. The last generation in fact LTO-9 came out in 2021 with a compressed capacity of 45TB with plans to have one as well LTO-14 with a capacity of 1.4PB. With its small physical size, it can easily be sent to a remote location and/or to a mailbox. If someone does not want to invest in analog latest technology equipment for LTO tapes can rely on someone public insurance cloud service As the AWS Glacier. Of course, it is better to have both if the budget allows us to.
RTO and RPO
At this point we will talk about the RTO and RPO. Initially all media for Backups they do their job and get backup. The problem starts when we talk about recovery times and points and possible disaster scenarios.
Let we see This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. RPO or Recovery Point Objective. In this sense we measure the immediately preceding point from which we have useful backup. For example if we have a data loss at 12:00 and the previous backup is at 11:00 then we say we have RPO one hour. This number is defined by IT administrator and must cover all the needs of the company. Some organizations are happy with RPO 2-3 hours. Others require just a few minutes. Of course, one might say that as we reduce the RPWe are increasing its cost backup our infrastructure.
Right after that we also have the RTO ή Recovery Time Objective. With this we measure the time it takes to recover from backup. For example if we are going to recover from the public insurance cloud a large amount of data we are limited by the line Internet which the company has. AIf we end up recovering from a tape that is in a remote location then the RTO grows exponentially.
These measurement systems are combined with the 3-2-1 methodology and by backup which we retrieve can increase or decrease the point and time of retrieval.
For example, let's use an example of the well-known FOUFOUTOS SA.
This company has a classic 3 tier architecture (network, compute, storage) and runs VMware. Her main thing application is an SAP on which all their operations are based. There are, of course, various ones applications such as fillet server, program payroll program HR. The total amount of data is around 10TB.
Basic storage it is modern, he argues deduplication & date reduction (see Aletter 6000)
For backups appliances use one Store Once with the ability to also send a copy to Cloud (AWS)
Like immutable long term the retention system have and LTO-9 cassettes with M type robotic librarySL 3040
The Backups the coordinates This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. Veeam Backup and Replication.
With their infrastructure we have the following RTO & RPO:
- Recover from Alletra 6000 Storage
- RPO: 30 minseven
- RTO: A few seconds
- Recovery from StoreOnce backup appliance
- RPO: 2 hours
- RTO: a few minutes
- Recovery from on-website cassettes
- RPO: 1 day
- RTO: some hours
- Recovery from Cloud backup
- RPO: 1 hday
- RTO: some hours
- Retrieved from off-website cassette
- RDUST: ~1 month
- RTO: many hours up to 1-2 days
As we see the closer the data is to the central infrastructure the smaller RPO and RPO we can have. Of course in this particular example we have a relatively small infrastructure and the volume of data is not huge. As data grows, so does recovery cost and time.
At this point each company must also have a corresponding idea of what must happen to reach each level of recovery. For example, why cannot we recover from storage us? Why is it no longer in the plan? Was the device lost due to a cyber attack or was the entire building lost? What do we do if the whole building is lost?
Is there a backup infrastructure to continue working?
As you can see protecting a company's data is a constant battle with multiple scenarios, good planning and maintaining a balance with available budget. Sure if you have enough money to throw at this problem then you will solve it but this is an extremely utopian and unrealistic scenario. All levels of an organization must know how much a potential downtime and what might happen to get to that point. We used to talk about natural disasters where they are still likely to happen but have been dethroned by cyber attacks. A malicious intruder is far more dangerous and intelligent than an earthquake. A good ransomware will not make its presence apparent unless it first deletes all the Backups.
