Data Backups practice

Started by sergiocharm, Aug 09, 2022, 01:36 AM

Previous topic - Next topic

sergiocharmTopic starter

Backup is not a profitable business task, but without backups, the potential damage from data loss can be greater than the cost of storing it. As risks grow, so does the value of a backup system (SBS). Now its role is difficult to overestimate.

A new alignment is being formed in the cloud services market: companies back up data from SAP, Microsoft, Oracle, carry out emergency migration using backup tools, and protect themselves from ransomware.

Backup and financial risks

Let's analyze the thesis: "creating backups does not provide revenue right now." For that reason, a company can turn on the "extreme" savings mode: store backups on the same server with backed up data (bad scenario) or not backup at all due to lack of free space.

It is quite realistic to calculate how much it will cost to restore data in case of loss. For instance, one of our clients uses a backup service to back up chromatography instrument settings. If the settings go wrong, you will have to call an expert, and this will cost tens of thousands of $$$. The monthly cost of a backup service for this company is much lower.

Cloud services help to find a balance between efficient spending of funds and reliability of the solution. The client, a commercial and industrial association, told the following instructive story:

"We conduct a large document flow, which requires round-the-clock availability and uninterrupted operation of systems. It is necessary to store and process 200 TB of backups: the main production, financial and management systems, archives of file and corporate accounting systems, business and office programs, internal infrastructure services, media content.

In the current environment, it is difficult to purchase your own servers: the cost has skyrocketed, and delivery times are unclear.

By migrating to the cloud, the company reduced the cost of purchasing and maintaining equipment, paying for the services of new full-time IT experts. The cloud helped save $100 000."

Sometimes a hybrid approach is used to create an efficient backup system. In this case, the data is first copied to the local computer and then replicated to the cloud repository or cloud storage. As a result, data can be restored locally even when the Internet is turned off or to a backup site in case the main one is lost.

Security and data protection

The cloud backup service protects against ransomware and crypto miners.

One of the experts from DiPHOST we interviewed solved problems with malware using a backup:

"I am hosting. I once made and configured a virtual machine based on Linux KVM for a client. The virtual machine was on an image with ZFS - this is a file system for working with large amounts of data. The first installation, there are no standard images, that is, I did all the work with my own hands, there was no one to peep, no insurance.

I set up the virtual machine through the standard VNC (Virtual Network Computing) - a system for distant access to the workplace. By default, VNC was connected to the internet without a password.

I combed everything there for an hour, after which I went to drink coffee. I return - for some reason the session was interrupted. At first did not pay attention to it. After about three minutes, I understand that someone is mining cryptocurrency on my virtual machine: the processor is loaded, and a program is also running, which was identified as a miner virus. Half of my installation is erased. Two hours of work down the drain.

Sighed, set a password on the remote access system. I was lucky: before the infection, I configured automatic creation of snapshots in ZFS every 15 minutes. So I was able to take advantage of the ZFS snapshot by making a snapshot of the file system. Then I "rolled back" the snapshot for half an hour and continued to configure the virtual machine from the moment the snapshot was created. Thanks to this, I lost only half an hour of time, and not two and a half, as it could be.

Crypto miners and ransomware are a common threat to businesses. One of the ways to improve data security is to use RMS based on technologies from the vendor Cyberprotect.

Upon detecting attempts to change letters to symbols or running mathematical calculations in the background to generate cryptocurrency, the solution blocks suspicious activity and alerts the administrator.

This is how one of our clients solved this problem, for instance:

"Company IT experts may not see employees' laptops for a long time, however, the data on the equipment is protected by configured backup policies. All data is buffered before changes are made. Even if the malware managed to encrypt or corrupt the files, the service will successfully restore them."

In addition, together with the SRK, you can use VPN connections, encrypt backups with your own passwords, and transfer data with SSL encryption.

The last line of defense against ransomware and other attacks is the immutable repository. Using this mode guarantees the presence of a protected copy of the original data in its original form.

Companies that fall under the requirements of Law 152-FZ "On Personal Data" can use the services of backup to the certified segment. For instance, the regional children's clinical hospital needed to back up medical information, including patients' personal data, as well as secure data storage in accordance with the requirements of 152-FZ. With the cloud solution, the state institution met all the requirements of regulators, saved time and money for the purchase of equipment and software.

Migration and support of Enterprise systems

An additional feature is the migration from the local site to the cloud. Experience has shown that data can be migrated regardless of the source hardware or virtualization platform. The process does not take much time and effort: you need to backup the virtual machine of one hypervisor, and then select this backup to restore on the IaaS host. The scenario of migration from physical servers is similar, but instead of a VM, the server is initially a physical one.

In addition, BaaS can support Enterprise systems. One of the clients shared his experience of SAP migration:

"We used the SAP cloud platform, but in order to guarantee the stability and reliability of the SAP HANA DBMS, we decided to migrate to the computing resources. The process of migration to SAP HANA itself took one day - all that time business processes were not interrupted for a minute.

For another client, we not only transferred SAP systems, but also made a backup of three SAP circuits at once with an RPO of no more than 20 minutes: at the development, testing and production levels. More than ten SAP systems are located in each loop and consistent backup is provided for every system.
With our solution, the client reduced the volume of backups by more than 70% compared to the original data thanks to the capabilities of deduplication. At the same time, an additional backup was organized for the productive circuit in the second data center.


Perhaps it was worth mentioning, for instance, systems with which you can automate backups - from writing ordinary scripts to Bareos / Bacula (perhaps there is something else).
And one more thing: learn how to back up MS SQL Server 2019 to S3 in the easiest way!


Oracle FlashBack is a technology that allows you to not only "roll" new data to the Oracle backup system, but also roll back to the desired transaction.
With such a scheme, it would be possible to roll back the system before the problems with the patch, which would greatly facilitate data recovery.

Snapshot technology. Instant snapshots allow you to backup and restore data in seconds. At the same time, they have little effect on performance, and it is possible to take pictures quite often (for example, once an hour). Thus, it was possible to roll back an hour and recover only an hour of lost data.

Continuous Data Protection - continuous data protection. These are proprietary devices or software that allows you to block all records with the ability to roll back to any point in time. It works similarly to Oracle FlashBack, but for any data.