Our Server and Storage solutions expert, Sarah Lupson spends most of her time helping our customers align with industry best practice. Sarah took some time away from her desk to discuss how Bechtle ensure our customers achieve robust and secure backup solutions.

Firstly, what are the core components of a reliable backup infrastructure, and how do they work together?

The golden rule we follow is the “3-2-1” principle. We recommend our customers have 3 copies of their data; the original source data, typically data that’s stored locally to disk and at least 2 backups. These 2 backups should be stored on different types of media either internally, externally to their backup server or in the cloud. Finally, 1 copy of data should be offsite.

Ultimately, a customer’s backup policy for each workload will define what backup strategies we would recommend. Governance and compliance specific to a customer’s industry will also play a part in defining the appropriate solutions.

 

Would you say cloud is making life easier for customers to adopt the right backup strategy?

Yes, cloud plays a major role however, it all depends on a customer’s data governance and compliance. Everything comes back to reviewing the workload, application or database and what the customer needs in terms of an appropriate backup policy for that backup instance.

For example, we have customers in the finance industry who need to meet certain governance and compliance rules and will need to keep backups for multiple years. cloud is a possibility depending on those rules and ensuring that the long-term storing of cloud backups is cost effective. Over time, something like tape could be more cost effective.

 

So, the answer isn’t always ’cloud’?

No, the landscape is more complex than that. Taking our healthcare customers as an example, they have regulatory requirements to store sensitive patient data for a period of time. However, the same governance may not apply to all their data, the governance around ‘admin data’ may not be the same as ‘patient record data’.

Everything comes back to having that discovery discussion with the customer and understanding their needs. 

 

Why would we recommend a particular backup solution to a customer?

There are many different backup strategies and technologies available in the market today, vendors keep evolving backup technologies. Every vendor will design and implement the backup in various ways. As a result, customers can find it difficult to navigate their way through this complex market.

Taking a holistic approach, Bechtle are vendor and technology agnostic and specialise in helping our customers choose the right solution and vendor to work with, depending on the business requirements we uncover during our discovery conversations.

For example, some vendors will ultimately have better compression or de-duplication rates or integrate more seamlessly with a customer’s core IT over another’s.  It is possible customers might find the need to use a combination of vendors to achieve what they need to out of their backup solution.

So, we can now set immutability on premise and in the cloud more effectively. This comes down to architecting backups to best practices around a customer’s business needs and workload requirements.

You mentioned ‘tape’ backup, so tape isn’t dead?

Magnetic tape data storage technology and has been around for decades and remains a viable solution for non-changeable immutable media and for data requiring long-term retentions.

Our customers in the utilities sector have infrastructure that is not connected externally and have policies that carefully control and regulate ‘air-gapped’ data, so tape is a consideration in these circumstances.

Tape can hold large amounts of uncompressed backup data, it is cost effective for long term storage retention, think 30 years or more. It is less prone to data corruption and can be stored off-line providing protection against cyber threats. It also consumes less energy than backup data stored on spinning disk which is great from a sustainability perspective.

 

Is there also a ‘school of thought’ that tape can be a source of immutable truth that you don’t get with a cloud solution?

Yes, there’s a view - and one that I hold - that considers tape storage as a source of immutable truth, which is not always guaranteed with cloud solutions. As in your previous question, tape ultimately provides that off-line protection against cyber threats.

However, I think over the last three years, on premise disk backups using encrypted drives with immutability and immutable cloud backup storage offerings, have really started to shift people’s perspective and their criteria for selecting tape.

So, we can now set immutability on premise and in the cloud more effectively. This comes down to architecting backups to best practices around a customer’s business needs and workload requirements.

 

How do we align a backup schedule to a customer’s data change rate and risk tolerance?

Working with the customer we need to assess data change rates, monitoring the data changes using tools which track how frequently data changes within a specific period. As well as understanding the customers risk tolerance for each workload. Customers need to establish what their maximum accepted downtime (RTO) and maximum accepted data loss, measured in time (RPO) based on what their risk tolerance is per workload.

 

Sorry, you mentioned RTO and RPO?

RTO – Restore Time Objectives and RPO- Restore Point Objectives. These help us develop a robust backup strategy, by understanding what the backup frequency needs to be.

You align backup frequency with the data change rate. Critical data that changes rapidly may need daily or even continuous backups. Less critical data can have weekly or monthly backup frequencies aligned.

In terms of risk management, how do customers verify the integrity and success of each backup?

Bechtle includes - as part of our Professional Services deployment – testing to ensure backups are fully working. Something long-term that we recommend customers build into their robust backup strategy is a staging area where they can test and restore backups to. We find customers don’t always factor staging into their strategy. However, we encourage our customers to embrace ‘best practice’ and ensure they are positioned to successfully test their backups.

 

What do we recommend is the correct approach to full-scale disaster recovery?

Backup and Disaster Recovery (DR) strategies are different; however, both are intrinsic to each other to ensure a bullet proof approach to protecting data and business continuity. The primary goal of backups is to create copies of data to protect against data loss due to accidental deletion, corruption, or hardware failure. Backups focus on data protection and ensuring data can be restored to a previous state. For DR the main goal is to ensure business continuity by restoring IT infrastructure and operations after a major disaster (e.g., natural disasters, cyber-attacks, system failures). It encompasses a broader range of activities, including restoring servers, networks, applications, and data.

In simplistic terms, backup is part of a robust DR strategy.

A customer should consider all risks and test both backups and DR on a regular basis. Staging areas for backup testing and failover DR environments where DR can also be tested within a DR “bubble” will ensure an effective approach to the restore of data or having data online in two locations in an active-active set up depending on needs and budgets. Bechtle work closely with our customers to help develop the correct strategies to provide data integrity and business continuity.

 

What security measures do we recommend, what about encryption?

In the first instance, we would always recommend an air-gapped backup for the reasons we’ve discussed. Customers are using encrypted drives for backup to ensure they can’t be tampered with, for data both at rest and in transit. Additionally, you can add Multi-Factor Authentication for an extra layer of security. Regular backup testing and Data Integrity Checks are important to ensure backups are not corrupted. Finally, a robust Incident Response plan is imperative.

 

Does the addition of encryption introduce latency and speed issues?

Backup vendors now have security built into their software products. This is something they’ve had to do as the industry has evolved, to ensure their software architecture is not vulnerable to ransomware attacks. While encryption does add some overhead, the benefits of securing your data often outweigh the performance costs.

Conclusion:

Staying current with best practices, evolving threats, and technology changes in backup and disaster recovery is complex and time consuming. Bechtle deliver modern, secure, and effective backup infrastructures to our customers.

We provide managed services and thought leadership, building technology roadmaps with our customers. We promote our experience and drive customer value through the use of blogs, seminars and our hugely popular annual tech summit.

Bechtle are a solutions first company, come and talk to us about your backup and disaster recovery requirements.

For more information, please contact:

Niamh Burgess-Smith

Head of Infrastructure, Server and Storage

Tel: +44 1249 467 102

Email: niamh.burgess-smith@bechtle.com