Backing up your data – What should you consider when protecting your business?

15 Dec 2021, by Slade Baylis

You don’t want to be flying by the seat of your pants when it when it comes to the systems your business relies on – and running them without backups is doing just that.  Much like jumping out of an airplane without a backup parachute, if the systems that you rely on fail, it can result in very bad downtime!  It’s for this reason that most businesses choose to back-up their systems regularly.  However, when choosing a backup strategy, questions arise such as: how often you should back them up; how many backups you should keep in total; and where you should store them in order to offer the most protection without impacting recovery speeds? 

In this article we’ll provide information on different types of backup systems, how they compare, and other factors to keep in mind.  Our aim here is to help our customers answer all of these questions and more, so that they are able to design the best possible backup strategy for protecting their business.

The first step – What types of backups would work best for you?

To say there are a lot of different backup options available is an understatement.  Not only do you have lots of different types of backup applications to choose from, but each of them also approach the problem in different ways.  This ranges from systems that primarily focus on being able to restore systems quickly in the event of a failure, to others which place their focus more so on keeping long-term copies of data for historical record keeping.  Which one you should choose will largely depend on the needs of your business and the risks you’re most likely to face.

For example, if you have a regulatory requirement for keeping data for a long period of time, then having a backup system that’s focused on quick restores and short-term backups doesn’t make much sense.  However, if every minute that your service is down costs you bucket-loads of cash and customer goodwill, then that sort of approach would be ideal.   It’s for this reason that each business needs to consider the risks associated to them individually, both in terms of the impact that such a downtime would have on them as well as their systems, but also how such a loss of business data, or worse yet, their client's data, would impact them.

Once an organisation knows what their particular risk profile is, this information can then inform their decision as to what backup platforms and technologies would suit their needs best.  If the risks are high enough, it could be that the best approach is using a combination of systems in parallel to mitigate each of them. 

Full vs Incremental vs Differential - Different types of backup implementation

In the crudest sense, a backup is simply just a copy of a system that you can restore to or retrieve data from when necessary.  If you were to back-up a system in that way, then the backup would be exactly the same size as the thing you were creating a backup of, as it would be an exact copy. However, with basically every backup implementation, compression is used to reduce the size of the backups.  With that compression, you are able to store more backups due to their smaller size, and so they become less burdensome and less costly to store. 

Full Backups

When a backup contains a complete copy of a system or data from a specific point in time, this is what's known as a Full Backup.  For example, basic backup functionality in a cPanel Shared Web Hosting (SWH) server works in this way.  Full Backups are taken of each hosting account and stored in a predefined location after being compressed.  Each backup can be moved around and contains all the information necessary to restore an account if needed.  With modern compression, you can normally expect (depending on what’s within the account) the backup to take up around half as much disk space as the original account.

As you can see, if each backup takes up half the storage of the account that it is a backup of, then keeping multiple copies of that around can quickly stack up.  After a week’s worth of backups being taken daily, that ends up being three and half times as much disk space being used by the backups when compared with the original data!  Trying to have comprehensive backup histories with this method can quickly become cost prohibitive, which is why alternate backup technologies were invented.

Incremental Backups

Incremental Backups are able to save on disk space via one key difference when compared with the Full Backup approach.  This difference is what data each backup will contain.  In simple terms, instead of each backup being a full backup of an entire system, only the first backup is taken as a full backup.  After that, each backup only keeps track of everything that’s changed since the last time it ran.  As those incremental backups only keep the files and data that’s changed since the last backup, they can be a fraction of the size of a full backup!  What this effectively results in is what is referred to as a “backup chain” - whereby utilising the full backup and each incremental backup thereafter in the chain allows you to be able to restore systems to how they were at any point when those backups were taken.

Not only does this result in much smaller disk space requirements, but it also means that backups can be completed much, much faster. Such fast backup speeds can enable businesses to implement backup strategies that previously were impossible, such as having data be backed up every hour on the hour - or even in some cases - every few minutes! 

Due to how incremental backups form a backup chain, one downside is that to be able to utilise them, you need the full backup file and all the incremental backups up to the date that you are looking to restore from.  This is unlike Full Backups, where they are easily transportable and you only need a single backup file to be able to restore systems and data. However, there is another common and similar approach to backups, which is referred to as Differential Backups.

Differential Backups

Differential Backups are very similar to Incremental Backups in their approach, in that a single full backup is taken initially, then further backups only back-up changes that have been made.  The main difference here is that instead of the smaller backups tracking the changes since the last backup (and forming a backup chain), each of the smaller backups instead tracks all the changes since the last full backup.  This mitigates against some of the risks associated with Incremental Backups - as with this Differential Backup approach - all you need to restore data is a full backup and a secondary smaller backup that keeps track of the changes since that full backup. 

However, due to this approach, techniques common in incremental backup systems for avoiding having multiple full backups aren’t possible, such as using “Synthetic Full” backups.   Put simply, Synthetic Full technology allows a backup chain to keep a continuously updated full backup without needing to create one from scratch.  It does this by “rolling in” an incremental backup into it, thus saving disk space by reducing the amount of full backups that are created and stored.

Due to the different pros and cons of each system, each business should determine what the greatest risks are to their business, as well as how much they are able to spend on backup storage.  They should then use this information in choosing the best approach to meet their needs. 

Disaster Recovery – Recovery Point Objectives and Recovery Time Objectives

Two key factors are usually the main priorities for organisations that are looking to implement backups into their infrastructure.

Those two factors are:

• How often should backups be taken?
• How long should it take to restore systems and data from them in the case of an emergency?

In terms of business planning, these are usually referred to as Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs). 

For Micron21 customers specifically, by utilising our Veeam backup system with our VMware Cloud Server (VCS) platform, customers are able to achieve RTOs of 1 hour of less for their production systems.  What this means in practical terms is that they are able to have their production systems restored from a backup copy in 1 hour or less.  With regards to  backup frequency and RPOs, both our Veeam and Acronis backup systems are able to meet strict RPOs through backups that can be taken every hour, or even more frequently if needed. Not only that, but they can be set to be stored for extremely long periods of time (or kept forever if needed!).

For those interested, we’ve covered this more detail in our How to make sure your business can survive adversity article, which goes into detail about Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).

By having a well-defined policy about how many backups to keep, how frequently to take them, and setting expectations regarding restore times, businesses can save themselves a lot of pain and misery.  Not only that, but for systems where every second of downtime can result in lost revenue, planning and implementing backup strategies that can get systems back up and running quickly can save you quite a bit of money overall.

Integration – Ease-of-use and Accessibility

Whilst the coverage and restore times of backups are important factors to consider, one area that shouldn’t be overlooked is the ease-of-use and accessibility of those backups. In some cases, being able to easily log into a web-based portal and start restores in a couple of moments might be the highest priority.  Due to this, it’s important to consider the level of integration that backup platforms have with your systems and how you will interact with them.

One example of this is the differences between our Veeam and Acronis platforms. Our Veeam backup platform is ideal for Disaster Recovery purposes, due to its quick restore times. However, for some of our clients,such as those running cPanel software on their Virtual Private Servers (VPS) or VMware Cloud Servers (VCS), by utilising Acronis, they can have an easy-to-use backup restore portal available to themselves and their clients within their own server. 

This ability to easily restore data as needed at a moment’s notice means that a lot of customers choose to run both systems in parallel, mitigating against disasters with Veeam, whilst still benefitting from the ease of access and easy file-level restores that Acronis provides.

Location, Location, Location – Just as important for backups!

Having backups of your systems is one major move towards insuring the integrity of your data. In cases where systems are compromised and data is stolen, deleted, or even encrypted such as with ransomware attacks, having a backup could be the thing that saves your business.  However, in a lot of ways that backup will often only be as good as its separation from the systems that it’s meant to protect.

If the backups you have taken are stored on the same infrastructure that they are backing up, it’s not hard to see why that would be a problem.  In a situation where that infrastructure is the thing that’s failed, then accessing your backups would be more than just difficult!  It’s for that reason that backups are always recommended to be stored separately from the systems they are meant to protect. But how much distance is enough?  Would a separate server work? Or should they be in a totally separate facility?  The answer, like a lot of things, is that it depends on the risks to your particular business.

One of the older methods that businesses used for backups was to take copies of their data off-site using magnetic disks or even physical hard-drives – but then additional problems arose. Where should you store these backups?  What protections do you have at that secondary location to prevent issues like the theft of business data, or damage through things like fire?   We‘ve covered this in our GEO HA – The ultimate in High Availability services article, so we won’t go into too much detail here, but in short, each business should do a risk assessment that should take into consideration the location of the primary and backup facilities, with regards to the risks applicable to each location.  

With our backup platforms, we opt to always store our backup data in secure off-site facilities, so that any customers of ours that purchase backups can isolate and protect their data from any location based issues.  Not only that, but the Micron21 Data Centre and all of our backup facilities are protected through methods such as redundant power & cooling, advanced physical security deterrents, and comprehensive fire suppression technologies.

Though, the decision of where to store data is only one piece of the puzzle when it comes to securing that data, as the separation between systems from a networking perspective is also something that needs to be top of mind.

Separation – The risks of ransomware and connectivity between systems

It’s easy to miss, but with ransomware attacks becoming more-and-more common even for small to medium sized organisations, if there is no separation between your backup and production systems, this could spell disaster if you were to be targeted.

We’ve gone into detail about what ransomware attacks are in our Ransomware: How much would an attack damage your business? article, but we’ll provide a quick summary here as well.  With ransomware attacks, once a cyber-criminal gains access to your systems they branch out, trying to gain access to everything that system has connectivity to. Once they have access, they lock down all systems by maliciously encrypting your data so that only they have access to it.  Like the name suggests, at this point they usually will ransom that data back to you and possibly even threaten to release it to the public.

If your backup systems are connected to your production environments that get targeted by those criminals, it could be that they too could also be hit by that same malicious encryption, leaving you up the river without a paddle.  The last thing you want is to lose access to your backups on the day that you desperately need them! 

It’s for this reason that our backup platform is completely separated from our customer’s systems.  By doing it this way we protect against this sort of attack, as even if their environments become compromised, the backup data is entirely secure and usable for restoring those environments.  Not only that, for added security, we also utilise our own dark fibre between our facilities.  By utilising our own fibre, which we ourselves have laid out, between our primary and secondary facilities, ensures that only authorised Micron21 staff have access to the data that is sent back and forth over it. This allows us to also protect against other different types of cyber-crime, such as man-in-the-middle attacks. 

These extra steps that we take, in combination with storing backups in secure off-site facilities, means that we can provide solid and reliable backup services for all of our clients, protecting them against the biggest threats that exist out there today.

Overview - There are many things to consider when protecting your business

As you can see, there are many different aspects to keep in mind when looking through different available backup options, as each one has different strengths and focuses on different risks to mitigate.  It could be that a single backup system is the right choice for you, or it could be that a multi-pronged approach would suit your needs better.

To summarise, here are the key factors to consider when choosing what backup platforms to use:

• Full, Incremental, or Differential Backups? – You can gain faster backup times and reduced storage costs through utilising incremental backups, but backups also become reliant on the integrity of the backup chain.
• Disaster Recovery – Some backup platforms focus heavily on the ability to restore systems quickly in the event of a disaster, whereas others focus more on the long-term backup of system data.
• Integration – Having backup platforms be accessible through easy-to-use user interfaces can make restoring systems and data from them much easier.
• Location – Making sure that the backups are stored separately to your production systems and primary facility can go a long way to protecting your data, and by extension your business.
• Separation – It’s not enough to just consider the physical separation between your backup infrastructure and your production systems. Having limited to no connectivity between them can protect from cyber-attacks such as ransomware.

Need help designing or implementing backup systems for your business?

We can help with both the design and implementation of any backup strategy that you need.  We have many different customers with many different backup requirements, whom we’ve helped implement strategies for that have worked best for them.

Whether it’s backups of the services that you host with us, backups of the devices on your own premises, or even backups of your Microsoft 365 data, we can help make sure that it’s all backed up and secure for you.

To find out more, reach out to us via email at sales@micron21.com or by phone on 1300 769 972 (Option #1) for Sales.