10 Data Protection Truths
I have been working with, designing, and implementing data protection solutions for almost 20 years now. Over that time, I have learned a lot about data protection. I have seen a lot of different backup and recovery solutions. Some of the solutions have been rock solid and some, well, they were more like quicksand.
From my experience as an information technology data protection specialist, I compiled a list of what I consider to be truth statements about data protection. Some of these I use as key design requirements for architecting a data protection solution, and some are observations from recovery failures I witnessed.
1. Not all restores are for data protection.Legal, compliance, and test/dev also have restore requirements.
2. Of the restores that are data protection recoveries, almost all of them use the latest backup as the recovery point.
3. Of the data protection recoveries that do not use the latest backup copy, most do not because the latest backup is not available.
4. Of the data recoveries that use a backup that is not the latest, when the latest backup is available, the majority of them will use it to recover to specific point in time.
5. Point in time data recovery is the primary way to recover from a data corruption issue.
6. Data corruption can be replicated, and the replication of the corrupted data may perform better than the replication of real data.
7. The recovery point objective for tape backup is not how often you back up a client system, it is how often you ship your tapes offsite.
8. For a backup to be complete, it needs to be stored in a separate physical location on a static piece of medium.
9. Disk is not a static medium. Data at rest on disk is still at risk.
10. It is always better to discover a data protection issue during a test than during a production recovery.
The last point is important. If you don’t test, you risk missing an issue. If that issue is critical and prevents the recovery of a key system, not only may you be out of a job but — depending on the system — the business might be done as well.
In the coming weeks, I will be providing insight into what we have learned over the years about each truth and how this insight can better help your business protect its most value asset: data.