31st of March is Backup Day!
Every year, Backup Day on March 31 is an urgent reminder of the immense importance of backups. For good reason, because data loss is still surprisingly widespread. Backups are especially important in a corporate context. Lost data here can cause immeasurable damage, up to and including insolvency.
As admins we know the importance of backups from reality
Because we, as admins, are up close and personal with such incidents, and because each and every one of us has seen on a regular basis over the course of our professional lives what can happen when entrepreneurs have not established a standard for backups. .. Well, that’s exactly why we preach to you day after day, year after year, not to be sloppy here. No. You can’t be sloppy when it comes to backups of your vital, beloved data!
The good news is that our customers sleep worry-free. Because we take the pressure off them when it comes to backups with a high sense of responsibility and with outstanding one-stop-solutions.
Backup – your TOP7 questions
The digital transformation is directly accompanied by the fact that backup servers are also less and less physically under the control of companies. More and more sensitive customer data (and thus, of course, their backups) are being outsourced to external data centers.
We asked our colleague Markus to answer the TOP7 questions about backups that our customers ask:
1. What software do you use for backups, how long have you been specializing in it, and how do you practically use it to serve your customers?
For backups of our customer data we use Bacula, a free software. And Fun Facts First: Our team’s expertise for Bacula is older than our own company. It dates back to 2003. The client/server architecture of this network-aware backup utility is one of the world’s most popular open-source backup utilities. Quite a lot of trust is created by the fact that Bacula has been on the market since 2000 and continues to raise the bar for the industry standard to this day. We can offer our customers an extremely high quality industry standard with Bacula.
In short, how Bacula works: The software backs up a wide variety of our customers’ systems. It backs up and checks the relevant data in a computer network with heterogeneous clients – or restores it from them in an emergency. In addition to Linux, Unix, MacOS and Windows backup clients, Bacula supports a whole range of professional backup devices including tape libraries. As a backend for storing meta-information, we use the MySQL, PostgreSQL and SQLite database systems.
As soon as we set up a server for our customer, we automatically mirror the content: SQL databases, apps, websites, online stores, internal and external customer data, simply everything that customers store on their servers.
2. How do you integrate Bacula into the existing IT infrastructure, and what adjustments are required?
Quite simply: fully automatically, via our central server management. The advantages for our customers are tempting: We relieve them completely of the burden of backups. They have minimal day-to-day effort and no longer have to worry about anything. The fact that we recommend open-source oriented solutions guarantees them that Bacula is permanently being further developed by the swarm intelligence of a global developer community.
3. How are backup jobs scheduled, and what backup strategies are recommended to ensure that all important data is backed up?
The fire disaster in the Strasbourg data center mentioned at the beginning of this article has made it clear to everyone: Backups must never. NEVER! be located in the same data center as the original customer data. According to this catchy logic, we also physically separate our backup servers from the customer servers and distribute them decentrally within Europe.
Our backups are scheduled automatically and executed by the central server management. We define the backup strategies with our customers according to their individual wishes: most customers specify a full backup once a week and flank this with an incremental backup every day. We then back up only the data that has changed per day, for example with a retention period of 14 days. But of course, full backups are also possible on a daily basis, or for critical infrastructures on an hourly basis (possibly only of the databases).
4. How is the security of the backup data ensured, and what encryption methods are used to prevent unauthorized access?
As mentioned above, our backup servers within Europe are physically separated from the original customer servers, precisely so that not everything is lost in emergencies. Our backup client encrypts the data locally and transfers this data to the backup server. Here they are kept encrypted.
Our backup servers are not accessible from the outside. Access to the backup servers is also extremely restrictive thanks to firewall rules and only possible via internal connections. Access is restricted to our authorized experts, who can decrypt and restore the data using the dual control principle. This structure offers hackers virtually no attack surface.
Our office standard includes encrypted computers for all our employees. Here, too, there is no attack surface, e.g. in the event of theft or loss of a computer.
5. How is the backup management system monitored and what alarms are generated to indicate problems?
The systems of our customers are permanently monitored by our monitoring system and scanned for backups that have run. The monitoring lists each customer server and the backup job that is running. If a backup job has not run, we read this out in the database. If a job has not run within a period of time defined with the customer, we receive an alarm that something is wrong.
In addition, a detailed status log of every successful/failed server backup flutters into our ticket system. This means we know what’s going on at all times and can respond immediately in an emergency.
6. How is the availability of backup systems ensured to minimize downtime?
Take the online store, for example: Huge amounts of data are shifted back and forth with every backup. To ensure that our customers’ store doesn’t collapse and they don’t have to fear downtime during which they can’t sell, we never perform extensive backups during core business hours.
With this backup strategy, the online store is always available. Downtime approaches zero, and could only occur – if at all – at times when user traffic is low anyway.
We use the idle time of the backup systems for server maintenance and optimization. We strategically schedule this work during times when backups are not scheduled.
7. How are backups kept at multiple sites to ensure disaster resilience?
That brings us back to the Strasbourg example from above: We store our backups encrypted according to best backup practice within the EU and send them to Finland to data center. Then we mirror all the backup data back to Germany again in encrypted form to also compensate for a potential failure of the backup servers.
For the customer, our redundant backup strategy results in even more security, as their data is available from a wide variety of locations. The further spatial separation gives them the good feeling of maximum backup security for their data.