Thread: Tape Backups are NEVER Reliable - EVER
View Single Post
  #16  
Old June 21st 04, 12:10 PM
J. Clarke
external usenet poster
  
Posts: n/a
Default
Marc de Vries wrote:

On Sun, 20 Jun 2004 06:24:07 GMT, "Jolly Student"
wrote:

Ron:

Thank you for your words of wisdom. I personally like the fast no tape
system but the bug up my butt is that we dont have anything off site. If
you told me to get this or that and that its more reliable than tape, but
that I can TAKE IT OFF SITE, I dont care if it looks like a barbie
lunchbox.
. . sign me up.

Jolly Student:

It seems you are complaining about two different issues at the company
you work with.
1) The necessity to make backups
2) The necessity to bring backups off site.


1) Why you have to make backups is easy to defend. Viruses, a fire in
the serverroom etc, software failures.
Raid controllers only protect you against hardware failures, which is
only about 20% of all outage causes. Human error and software failures
cause all other outage, which you have to protect against with
backups. Don't tell me that nothing happened in your company that you
can't use as an example of what might happen to your server.

But as Ron also said, that doesn't necessarily mean you need tapes.
Just any kind of backup that is suitable in the environment.


2) The case for bringing tapes off site is more difficult to defend.

I would consider taking the backups home with you a serious security
issue. Those tapes contain important data that someone might want to
steal. I assume that your office is better protected against burglars
than your home?

First, the seriousness of the risk of theft of the backup depends on the
circumstances. One company I worked for stored a huge (for the time)
volume of data, all of which had a cash value--if we sold all of it at the
going rate there was easily a million dollars worth of data on that little
tape--but _only_ if obtained from our company with appropriate signatures
and certifications, and with a tiny market for each particular item--there
might be three or four people in the entire world that had any use for it.
Further, everybody who had a use for any of it already had a copy--anybody
who had one was required by law to provide a copy to all interested
parties, but the only legally valid copies were the ones that we provided.
Thus the risk entailed by theft of the backup was nonexistent.

Second, the assumption that the office is "better protected against burglars
than your home" may be true for a defense contractor, but most small
businesses and many medium sized ones have no better security than many
residences. Certainly fewer people have the alarm code for my residence
than have the code for any business where I have been employed.

Third, if that's a real concern then encrypt the backup.

So you need to hire a company to collect the tapes, which can put it
in a safe place (underground bunker or something like that)

Or not, depending on the circumstances.

The question then is:
How costly is that solution
vs
What does losing all data cost your company and how likely is that
going to happen?

The first question is "do you really need to store your daily backup in
someone's underground bunker?"

For a company in a 2 story building, a strong safe which is fireproof
might be a perfectly valid on-site location for your backups.
(I know of a dutch university that had the building with their
serverroom burn down to the ground, but after two days they could
collect access the safe in the ruins of the building and do a restore
on new servers).

They were fortunate. One must weigh the cost of that safe against the other
costs. A safe that can keep data storage media cool enough to remain
useful after a fire that destroys the building is not _cheap_. And given
that they were a university one would assume that they had other buildings
with safes in them, leaving one to wonder why they didn't store the backup
in a different building.

The chance of an airplane hitting that building/safe is so small that
they don't need off-site backups.

The chance of an airplane hitting the World Trade Center was vanishingly
small too. But that was just an example of a disaster of major
proportions. Fire, flood, earthquake, all kinds of major disasters can
happen, some natural, some man-made.

On the 98th floor the situation is of course different. But you
haven't mentioned the situation of your own server.

Directors only care about money.

I don't think he was talking about a Director in the sense of "Board Of".

So what you need to do is show him that using off-site backups is the
cheaper solution in the long run.

Cheaper than what? Most businesses never file a claim with their insurance
company--for them going uninsured is the cheaper solution in the long run.
The trouble is that you can't tell in advance if you are going to be one of
the few who will actually have occasion to collect. Thus most businesses
are insured against a variety of low-probability eventualities. Backup is
the same way--for most businesses it ends up pure cost, never saves the
company a cent.

If you want to be really hardcore about it you could do some statistical
analysis that showed the probability of particular scenarios, the cost of
those scenarios, and the cost of backup strategies that prevent those
scenarios. Getting the data on which to base the analysis could be
difficult though.

If you cannot do that, then your boss is right.
If you can do that he can defend the expense to his boss and will
implement an off-site stragey.

Unfortunately most IT people are very bad at judging/calculating cost
effectiveness of software and hardware.

Marc

--
--John
Reply to jclarke at ae tee tee global dot net
(was jclarke at eye bee em dot net)