Harmony Logo

Security: Backups

Security: Backups

So far, we’ve learned the importance of keeping our mouths shut, and the importance of passwords.

But what about when those things fail, despite everyone’s best efforts to the contrary?

You’d better have a backup.

Backups are paramount. If you don’t have one, you’ve already essentially volunteered for everything to fail and be entirely unrecoverable. But what does a good backup look like?

First, there is no situation in which one can have too many concurrent backups. This only becomes a question of resources and time. You can’t reasonably run five separate backup sets at once, or even one after the other, without significantly impacting the performance of a setup, just for example.

Actually you can, but the processes and resources required for this are a little out of reach for your average person. The backup processes for, say, Google, or Microsoft, are actually minute by minute, to second by second. Because they have to be. But they’re also multi-billion dollar companies. They can afford very literally anything they want at any time.

We’re going to assume that we’re not all Microsoft or Google. We, then, want at the very least a daily backup. For e-commerce, hourly is required. And good news! Most hosting providers, at last as far as websites are concerned, provide you with this exact functionality as part of your hosting cost. Great!

But let me paint a scenario for you, as unlikely as I find it. For some reason, exactly why being unimportant, the backup at your hosting provider is unusable. Oh no! Now what?

Well, it’s a good thing we had two other backups, assuming we have a proper backup scheme.

A good backup includes at least three (3) backups. E-commerce gets a fourth “warm standby”, but we’ll talk about that much further down.

Your three backups should be as follows.

  1. An on-site backup. The one provided by your hosting provider, or if you’re hosting yourself, machine images and folder backups.
  2. An off-site backup. Either moved to a storage location not on your hosting provider’s site (Google drive, etc.), or in the case that you’re hosting yourself, a hard drive kept in another physical location.
  3. A cloud backup through a provider of such things. If you’re using Google Drive as an “off-site” backup, consider something like Mozy or Carbonite.

You may not be hosting your own website, but you may be using on-site accounting software, or documentation. Always keep a backup of it, even if it’s a cloud hosted environment, such as keeping documentation in Google Drive. Keep this in mind when considering your backups.

The backup schemes can be thought of thusly:

  1. In case I make a mistake.
  2. In case there’s a fire.
  3. In case everything goes wrong in every way possible.

So now you have a backup. But now are you sure it’s working?

More than once have I, personally, gone to restore a backup and found that, oh no! last night’s backup failed.

Good thing I had two other backups.

Every day, you should be checking your backups. Every day, you should open the software and see if the backup succeeded.

Once a month, at least, a backup should be tested. Either by downloading a file, or restoring in the morning to last night’s backup. A lot of backup software has a test run utility built in, to ensure a backup is working without having to actually restore from it.

So now you have three backups, and you know they’re good. What else?

If you don’t run an e-commerce site, or don’t have a reason to know what “high availability” means, you’re done. If you can handle 6 hours to 1 day of down time, there’s no reason to go any further. You’ve given yourself all the safety you need in a backup.

E-commerce and other services that require more, that is to say “high availability”, should have something a little more robust. Down time isn’t really an option for an online store, and losing more than an hour of info is hard to cope with.

So now we’re into the world of warm standbys. To understand what that means, in IT we refer to anything live as “hot”. The pot is on the burner, so to speak. A warm standby is kept up to date within the hour, usually by replicating the live site every hour on the hour, and as such is in a state to go live, or hot, at any time.

The setup works thusly. You have your live server, and on another host, an exact copy of that server. It’s kept up to date through some process every hour. If something should happen, you take your live site down, go to your warm standby, change any information that needs to be changed (such as passwords. Going live with the same passwords that were just cracked is a bad idea), and then point traffic to the warm standby.

You are then free to restore to the primary server from the warm standby, collect anything that was missed in the minutes between replication for entry later, and then swap back to your primary site.

This can take place in a matter of 30 minutes, and generally results in no percieved downtime for any users.

There is but one issue with this: Cost.

High availability setups in any environment cost money. Ideally you actually have two warm standbys, just in case. In the case of onsite hosting, it’s usually for updates and patches that require downtime. One stanby takes over while the other two update and patch, reboot, get back in order, an then they swap places again.

But that’s three hosting bills, or three identacle on-site servers. That’s expensive!

And then you also have to manage all of this? Do you actually have the time? Consider that strongly, because there is a point at which hiring someone to manage these things is the right answer. It’s usually at the point you either do not have the time to do it yourself, or do not have the time to understand it yourself. Everyone can come to terms with these concepts and execute the plans, but having the time available to do that is another question entirely.

A backup is an essential part of security. It provides a process for recovery even when best efforts go awry. Everyone should have a backup of anything they find important, and ideally they have three.

Stay safe online, and in the wide world.

~AJ

Facebook
LinkedIn
Email
Facebook
LinkedIn
Email
Skip to content