Posts Tagged ‘customer data’

Over the last 10 days, I have been battling with backups and restores.  At one of my customer sites, they needed to recreate some business reports from a moment in time 2 weeks ago (which involved a restore of the live transactional database from 2 weeks ago into a ‘play’ area, and run reports off of that).  The other battle I had was with one of my own business servers, which was targeted by some Chinese hackers who wanted to use my server for informing the world via a zombie email campaign about some dodgy cheap handbag replicas, or some knock-off pharmaceuticals.

Anyway, what I found in both instances was that the backups that were rigorously being taken were just not up to the job.   In the case of my customer, we found that whilst their operations team were doing nightly backups, they had no licence for the backup software they were using so when it came time to restore the database, the software blocked the restore.  This matter was made worse by the fact that the backup software was provided by a company which no longer existed, so a licence could not be purchased.  Doh!!   In my own case, the problem was that with my backups, the ROOT hack they had injected had been diligently backed up to my backup media.  Double-Doh!

The battles to restore my customer data and my own servers were monumental.   Luke Skywalker Vs Death Vader, Harry Potter Vs Volda-whats-it, Men of middle Earth Vs the Orcs – all of these pale into insignificance compared to my battle with tapes, disks and unlicensed software.   In the end, I won on both counts.  But the battles wasted an awful lot of time (chargeable time in the case of my customers data restore   ).  But these lead me to review my own backup policies, which I offer to you now:

1. If it’s important to you, back it up, and back it up regularly.
2. If it’s not backed up into at least 3 places, then it’s not backed up.
3. If it’s an ongoing project that you are working on (with lots of changes) back it up as you go.  I like to keep regular backups of my current projects to online services such as drop box.  The drag and drop interface means it’s a 1 second process to keep everything secure for free.
4. Keep backups away from the main data and away from other backups.  Once every other week, I backup to an external disk, which I keep in my car.  If my office/home office burnt down (where I keep my servers and other backups) I still have everything I need
5. After you have backed up, now and again verify the data and check that you can actually restore the data (a backup that you can’t use is worthless)
6. Backup to a media you can get your hands on quickly.   In my case, I backup to cheap portable media disks.   My customer sent their data off site, which took 3-4 days to get back.  Not good in an emergency!
7. Have backup rotation.  In my case, I now have 3 portable drives – one for my weekend backups, one now which I use at the start of the month, and one for the start of each quarter.  If I get another rootbot, it may infect my weekly but is unlikely to hit the monthly and quarterly drives.   With portable disks being so cheap, it’s not even worth worrying about the cost.
8. If possible, also use online web backups.   There are several online web storage and backup systems such as Zmanda, BackBlaze and I have heard good things about Mozy.  However, I have three problems with online as the final solution; (a) in the UK we tend to have low bandwidth available and ‘fair use’ policies could cause your ISP to hit you hard via internet throttling (b) if a file is damaged (corrupted, or truncated), the damage is set as your current copy to the web and (c) I have customer data which I KNOW they would not like going into the cloud.
9. Don’t forget your other devices; laptops, tablets and phones.  My own backups work in that all devices get backed up to the main servers, and the servers are then backed up (now, multiple times).
10. Backups are only valid if you also sweep your system on a regular basis for viruses, Trojans, Roots and other nasty’s.  I used to use just one anti-virus system for all of this – I now have 3 different checkers.