Looking to upgrade your organization’s data protection and disaster recovery or enhance your existing solution? Great!
Before you decide which vendor can best accomplish your goals, you must understand that data protection comes with a number of challenges. In his book, Modern Data Protection, W. Curtis Preston (a.k.a. Mr. Backup) explains these challenges in detail (and in simple terms). He believes that understanding these challenges will help you determine the problems that are most important to you and find a solution that best fits your needs.
In this blog, we break down the questions from the Commercial Data Protection Challenges chapter of the book. Per Curtis, you must discuss these within your organization before choosing your backup system.
The considerations are divided into sections. Each explains why those challenges are important before listing the questions to ask your team.
Size of the backup system
Why is this important: Before you purchase a new data protection and disaster recovery solution, you need to design your backup system. Simply put, this involves calculating and defining the myriad of requirements for backing up your organization’s data. These questions are generic and will apply to organizations irrespective of their industry.
Questions to ask:
- How does the solution protect backups from ransomware attacks made directly against the backup infrastructure itself?
- Does the solution support all the workloads (laptops, NAS servers, AWS EC2, etc.) that you want to back up?
- What is the size of one full backup and what are the storage requirements to complete one full backup?
- How frequently does the solution need to do full backups?
- How quickly do you need to restore (RTO) data and how much data are you allowed to lose (RPO)?
- What are your data retention requirements?
- Do you need long-term retention and data archival to meet legal and regulatory requirements?
- How frequently do you need to back up data (such as every 4 hours, every day, every week, etc.)?
- How fast do you expect the data to grow every year?
- What sort of deduplication (source-side deduplication or target deduplication) does the solution use and how effective is this deduplication?
Maintaining backup server OS
Why is this important: A backup system will likely have a series of servers or virtual servers at its core. You must estimate the effort of maintaining, upgrading, and protecting the operating system of these servers. Cyber attackers target these servers to gain access to your backup data. As this acts as a gateway to the stored data, you must ensure that the operating system is upgraded regularly so it remains safe and secure from bad actors.
Questions to ask:
- How many different operating systems you must use to back up your entire data center?
- How frequently are updates released for each of these operating systems?
- How many working hours do you need to dedicate to the upkeep of these systems?
Maintaining backup software
Why is this important: Backup vendors are constantly adding new features, new operating systems support, security fixes, and other functionality that requires you to update the backup software at regular intervals. Additionally, you will need to update the backup agents you have installed on whatever you are backing up. You must account for the efforts required to make these updates. This step is extremely important to protect against ransomware groups that directly target backup infrastructure.
Questions to ask:
- What must I do to protect the backups from ransomware?
- Can updates be automated or do they have to be done manually?
- How frequently are updates released for the software?
- Do the software updates require downtime?
Other software and services associated with data backup
Why is this important: If your backup software is unable to satisfy the RTO of your organization, then you will need to invest in a separate disaster recovery software. Similarly, if your organization has additional requirements such as eDiscovery and compliance guidelines, you should know if your backup solution supports these features. If not, you will have to invest in additional software to fulfill these requirements.
Questions to ask:
- Apart from backup and recovery, what are my additional data-related requirements?
- Can the data protection solution meet my additional requirements or do I need to look for other solutions?
- Is there a single solution that fulfills all my requirements?
How does Druva solve these challenges?
While building Druva’s Data Resiliency Cloud we ensured the several strict requirements of our customers are already taken care of.
- Druva’s solution is built in the cloud — so you don’t need any hardware. The solution scales based on your team’s specific needs, meaning you can use as much storage as you want and only pay for what you use.
- Druva’s solutions use the latest in security technology and best practices. All backup data is encrypted in flight and at rest, and stored securely in object storage in our cloud environment. Data, metadata, and encryption keys are stored in three separate places. Due to the way backups are transmitted, there is no route for ransomware to corrupt or delete your backups. Customers receive this constant protection without having to do anything.
- It’s 100% SaaS, so you can rest assured you’re always using the latest version of the software without having to worry about updates, upgrades, or glitches during installation or uninstallation.
- The Druva Data Resiliency Cloud is much more than a data backup and recovery solution. You can use this solution for legal purposes (eDiscovery), to remain compliant with several data regulation rules (compliance), to protect your data from bad actors and hackers, (ransomware recovery), to secure your data from natural and man-made calamities (disaster recovery), and so much more.
See for yourself how Druva can simplify your team’s data protection needs, sign up for a free 30-day trial.
Now that you have the questions, check with your team and receive insight into what you really need from the ideal data protection solution.
However, for the full list of questions, concepts to evaluate when evaluating today’s vendors, best practices, and all there is to learn about data backup, read the new book, Modern Data Protection, by W. Curtis Preston, Druva’s Chief Marketing Evangelist and “Mr. Backup.”
In his own words, in the book’s preface, Curtis explains the mission of the book as follows:
I tried very hard to cover all the things you need to back up, archive, restore and retrieve; all the methods, software, and services you could use to do so; and all the hardware you’ll use to store those backups and archives.
Even so, I guarantee that there are topics covered in this book that are found nowhere else. I also settle a lot of arguments that come up in this space: like the real place for tape, the difference between backup and archive, and whether or not you need to back up software-as-a-service (SaaS) offerings like Microsoft 365 and Salesforce. The book covers important foundational concepts that you can use to make your own decisions.”