Backups

Download as PDFDownload as PDF

PB/INFO/016

Most computer users will have been very grateful for the existence of backups. Although they are often seen as a way to recover files lost due to typing errors or misplaced mouse clicks there are other reasons to make and keep secure copies of files. However each of these purposes creates different requirements for the backup and recovery system, so it is important to be clear which purpose is involved and choose an appropriate backup strategy and technology to deliver it.

Why backups?

There are at least three reasons to want to recover the past state of a file or file system:

  1. System Recovery – these backups are used when a hardware or other failure has made a disk or computer unusable. The aim is to restore the disk or computer as it was before the failure, so what is needed is a complete snapshot of its content. To minimise lost work, the snapshot should be as recent as possible – there is little benefit in keeping older snapshots. Since restoring a complete system may take a long time, backup and recovery processes and formats should be designed to be as fast as possible.
  2. File Recovery – here the aim is to recover one or more specific files that have been deleted or damaged, typically by user error. Files are chosen for recovery by filename or directory, so both backup and recovery processes need to be able to navigate file systems. This is likely to make them slower than the pure snapshot systems above. Users may also want to recover previous versions of files, so multiple copies may be needed. Organisations can choose how long to keep backups depending on how long after the event a file should be recoverable, though practical and legal issues (see below) may limit the retention period.
  3. Archiving – backups protect against accidents, but archives keep a record of organisational history. Archives should be part of the records management process, containing only a subset of the organisation’s information but including detailed metadata about that information to allow much richer searching. An archive might be searched for “all information about building X” or “reasons for decision Y”. For most archived information the retention period will be set (or at least influenced) by law and may be years or decades.

These different requirements are unlikely to be satisfied by the same solution. An archive will not have all the information needed for system or file recovery and is likely to be too slow for those purposes; a system recovery backup will not provide the types of search required of an archive or perhaps even for file recovery. Indeed the different types may require completely different media – redundant disks may be an effective way to provide system recovery but archiving requires highly durable media kept under controlled conditions with regular checks and format conversion.

How backups?

Many organisations have central backup and archiving services, which can be joined by completing a form, making a small payment or merely storing files in a particular location. A well-run central service provides access to expertise and technology: a huge benefit both in time saved when things do go wrong and in peace of mind when they do not. If your organisation has a service that meets any legal requirements on your data then there are few arguments for doing archives or backups any other way.

If you do have to make your own backups, then there are a number of options depending on the amount of information to be saved and the length of time for which it may need to be kept. Tapes, high-capacity removable disks and writeable CD or DVD-ROMs are all available for most desktop machines. Good quality media should always be used. Catalogue and store the media in a safe, ordered fashion so the correct one(s) can be found when required. If sensitive information is being backed up, ensure that the backups are stored as securely as the originals. To ensure information remains available after a physical incident such as a theft, fire or flood, consider keeping a copy in a different, but still secure, location. Make sure backups are taken at appropriate times to give the best chance of preserving information: backups taken at the end of a working session give better protection than those taken at the start.

Whether you make your own backups or subscribe to a central service, they will be of little use if you cannot recover files quickly when needed. It is much easier to learn how to retrieve files calmly, before it becomes a matter of vital importance. The most obvious test, though all too often forgotten, is to check that files are actually being written to the backup tape or disk and that they can be read back from there. One site collected “backup successful” messages for six months before discovering that, due to a programming error, the precious tapes were in fact blank.

Legal Issues

The law makes significant distinctions between archives and backups. For most organisations, keeping archives is a legal requirement (JISCInfonet has details for HE and FE), keeping backups may not be. If a request is made under the Freedom of Information Act or Freedom of Information (Scotland) Act then the organisation will be expected to search for the information in its archives and storage but, at least according to the Information Commissioner’s guidance, perhaps not its backups. A recent Information Tribunal case indicates that a fixed policy and practice of reusing (i.e. overwriting) backup tapes should support an argument that they are not being used as off-line storage. Being clear which information needs to be kept and which does not, and implementing appropriate processes and technology, can save a lot of time and effort.

Summary

These seven steps can help you make effective use of backups:

  • be clear about their purpose and choose a format and content appropriate to that;
  • join a central backup/archive service if you can and always use it;
  • if a central service is not appropriate, plan your own backups;
  • get enough suitable media;
  • leave time to backup at the end of a session;
  • check the backup has worked;
  • label media and store them safely.