• Professional technical support for homes and businesses

  • For more information call (513) 435-1881

    31 Crawford St. Middletown, Ohio 45044
    mike@soulesolutions.net

  • Disaster recovery is the process of bringing a computer system back to a useable state after a hardware failure or apparent loss of data.  The first part “Disaster” means that something went very wrong, and the cause of what went wrong covers many areas, such as human error, hackers, software crash, hardware failure and catastrophic failures.  The ability to recover data from any of these instances is of paramount importance and can be obtained from a simple backup; there are many other instances that must be considered.

    Human error is defined as someone inadvertently changing or deleting data that he/she was not supposed to, either purposely or by accident.  I have heard many times that “If I wasn’t allowed to change it, the computer wouldn’t let me.” Protection against this is handled through the use of permissions and user accounts and must be set up and configured correctly.

    Hacker is anyone, either in or out of the organization who attempts to gain unauthorized access to the system, whether by using the system itself through flaws in the software or trying to gain access through a method called “Social Engineering”, which is the process of using the people within the organization to gain access.

    Software crash is when a piece of software code suddenly stops working for whatever reason.  When this happens, any files that are being accessed or used by the software or even the drive itself may become unreadable.

    Hardware failure can happen when a hard drive or a piece of computer equipment stops working the way it was designed to.  The result could be devastating, if all the sudden the drive that contains all of the critical data suddenly becomes unusable.  One protection against hard drive failure is something called a RAID (Redundant Array of Independent Disks).  Which is the process of using two or more hard drives to store the same data, so if one drive fails the other will keep operating and all data will remain intact.  RAID arrays only protect against hard drive failure.  Should the motherboard or controller fail, none of the data would be accessible but would not be lost.

    A catastrophic failure would be in the event of a tornado, flood or fire, in which all data and hardware is destroyed.  Preventing this type of failure is impossible. The only way to recover from this type of failure is through the use of remote off site backups.

    The second part of “Disaster Recovery” is “Recovery”, restoration of the data or device that has been the victim of the disaster. The protection of data in the event of any of these failures is paramount.  Although some disasters cannot be avoided, there are precautions that can be taken to minimize the impact and enable a fully functional environment with little time lost.

    Therefore a plan should be implemented to minimize the effects.  One of the key elements of disaster recovery is preparation.  Therefore the following items should be carefully considered:

    1. Preventive measures – How to prevent the disaster from happening in the first place
    2. Detection – How to determine when a disaster has happened and what to do next.
    3. Corrective measures – How to recover from the disaster with little or no data and time loss

    Preventative measures
    Preventing a disaster is the first step in maintaining a healthy system, although not all disasters can be prevented.  There are some things that can done to keep the possibility of it happening to a minimum. Such as:

    1. Passwords
    2. Cleaning and maintenance
    3. Restricting access
    4. Performing backups

    Passwords
    Passwords are the key to security, and the frequent changing of passwords is crucial to prevent anyone who has had their password compromised.

    Weak passwords are words that are easy to guess and that use just the 26 letters or the alphabet. They are usually something personal.

    Strong passwords are always lengthy. Usually a length of 8-16 characters is ideal and hard to guess. Strong passwords also combine letters, numbers and symbols. Using the entire keyboard is best. Don’t stick to just the regular 26 letters of the alphabet. Feel free to add numbers as well as symbols such as $ or # to your password. Since most passwords are case sensitive, also try to use upper case letters somewhere in the middle of your passwords. The strongest kinds of passwords don’t use proper words. Brute forcing programs can check words that are in the dictionary at an incredible speed. It is much safer to create a password that is of random symbols, letters and numbers.

    Passwords should contain:
    ” 8 – 16 characters in length
    ” hard to guess, not in the dictionary
    ” a – z, A – Z contain upper and lower case letters
    ” 0 – 9 contain numbers
    ” (!@#$%^&*_-,.<>;’:”) contain symbols

    Never put a password on a Post-it note or stick it on a monitor or under a mouse pad. They should be easy for the user to remember while maintaining all the aspects of a good password. Passwords also should be changed frequently, no more the every three months, and have a remembered password of no less than three times, meaning you cannot use the same password  you used three changes ago.

    Cleaning and maintenance
    The cleaning and maintenance of computer hardware is key to keeping a system running smoothly.  Computers generate a lot of heat and become quite dirty.  Just as you would with an automobile, the inside of the computer system should put on a maintenance schedule and cleaned at least once every three months.

    Antivirus software should be installed on all PC’s and kept up to date and scanned on a regular basis; a good antivirus scanner such as “AVG” does scan on a schedule.

    Windows PC’s should be set to automatically download and install Microsoft updates, patches and service packs.

    Hard drives should be defragmented on a regular basis, about once every six months to keep the speed and data integrity intact.

    Restricting access
    Although passwords are a good way to restrict access, the best password in the world will not help if the hardware itself becomes compromised.  A server should be located in a room with one door and highly visible.  The server room should only be accessible to authorized personnel.  Anyone using a workstation should log out when the computer is not in use; never walk away from a machine that is still logged in.

    Performing Backups
    A data backup is one of the most important things one can do to ensure the safety of the data. Making a copy of all the data and storing it in a safe place will ensure the data can be recovered at any time.  Many things need to be considered when it comes to backing up data such as;

    1.  Type of back up
      1. Full Backup
      2. Incremental Backup
      3. Differential Backup
    2. Backup Schedule
    3. Backup Location and Media
      1. CD/DVD Disks
      2. USB Thumb Drives
      3. NAS (Network Attached Storage)
      4. Offsite
    4. Frequency of the backup
    5. Size of the Backup Media

    Full Backup
    All files and folders are backed up.  This includes all data files and operating system files.

    Incremental Backup
    Only files that have been created or changed since the last incremental backup will be backed up.  Incremental backups usually do not include operating system files.

    Differential Backup
    Only files that have been created or changed since the last full back up will be backed up.  Differential backups usually do not include operating system files.

    Backup Schedule
    A backup schedule should be implemented and strictly adhered to, whether done manually or automatically.  A good backup schedule would include a full backup at least once a week and a differential backup done every day in separate folders.

    For example, in the backup location, there would be separate folders created for each day of the week and one for full backup.  This way should something happen to the system on Friday morning making a recovery necessary, we would first perform a full restore from the full backup location, then restore from the Thursday backup.  If for some reason the Thursday backup was corrupted the Wednesday backup would still contain usable data and the amount of lost data would be minimal.

    Backup Location and media
    The next obvious question would be where to store the backup and what type of media should be used.   A backup should be located somewhere independent of the machine or machines that are being backed up.

    You would not want to place a backup on a hard drive that is located in the same machine that we are wanting to backup.  Suppose the unit experiences a power surge and destroys all the drives in the machine, now the main drive as well as the backup drive are no longer useable.

    CD/DVD Disks
    CD/DVD disks make good backup media for data that does not change often, for example if you wanted to back up last year’s photos, you could burn them to a CD/DVD and label it “2010 Photos”.  However, for data that gets regularly updated on a daily basis CD/DVD disks do not make a very practical form of backup for a few reasons. Once files are burned on a disk, it is difficult to add or remove files from the disk.  Usually you must discard the current disk, start a new one or use an “RW” (Rewritable Disk), these rewritable disks can be erased and re-written to, however there is a limited number of times a disk can be written to usually about 100 times.

    USB Thumb drives or Flash Drives
    USB thumb drives or flash drives (the name is synonymous) make a good media for small backups of a single machine with files that change often. They are inexpensive and hold a great deal of data, they are also easy to write to and erase from. However they do tend to get lost or broken easily and have a limited number of times they can be written to, however most people never reach this limit, usually about 100,000 writes.

    NAS (Networked Attached Storage)
    A backup could be located on a network location such as a Network Attached Storage (NAS) device, which is really a network accessible large hard drives that are easily accessed. Although hard drives can and do go bad, most of the NAS devices support a feature called RAID1 arrays, which is data mirroring, two hard drives with identical data at all times. If one drive fails, the other drive will keep going and all the data will be safe.

    NAS drives are ideal for backing up multiple machines in a single location up to about 10 machines and will provides data recovery in all circumstances except catastrophic instances, a fire, flood, tornado and the like.

    Offsite Backup
    An offsite backup is the process of copying files from the local location to another server usually in another city, state of even country. Although off site backup ensure the safety of the data, they are usually slow because the data must be copied to another location via the internet.  This type of back is usually a secondary measure and preformed less often than a normal backup

    An offsite back up should also be done no less than once a month regardless of the type of local backup being used, where the entire NAS device or flash drive is backed up off site in case of a catastrophic failure.  This will ensure that the data is recoverable in all circumstance except of a failure of biblical proportions.

    Frequency of the Backup
    Once it is determined the type of back up and the media in which the backup will use, the next question is “How often should I perform a backup?” this all depends on the frequency in which the files change and the difficulty in becoming fully operational after restoring from a backup.

    Normally, backups are handled by an application such as SmartSync Pro and preformed on an automatic schedule so the user does not need to remember to run a backup.

    Size of the Backup Media
    Regardless of the backup, special thought should be take in to the size of the backup media.  Backups can and do become very large and can quickly fill up a CD/DVD or USB thumb drive.  It is important to think about expansion and scalability.

    ” What is the total amount of hard drive space needed to perform a backup?
    ” How much will be needed in a year from now?
    ” How about five years?

     USB thumb drives come in varying sizes, and are inexpensive, and replaceable.  If a CD/DVD disk fills up, file it away and get another one, they too are inexpensive and replaceable.  Most NAS devices have internal hard drives that are replaceable and can be scaled to fit any need. Although there may be a limit on the drive size of the device, therefore it is best to do your homework first.

    Under normal circumstances, it is suggested to calculate the total size of the backup required, for a full backup and a daily backup * 7 (one for each day) and have a backup media that is at least 200% of the calculated total.

    For example if our full back up is 80G and our daily back up is 30G (30G * 7days =  210G) + 80G full backup =  290G,  200% of 290G = 580G.  Although it is always best to look at each situation on an individual basis.

    Detection
    To know when a disaster has arrived may be as easy as “the unit won’t come on”, or there is just a flashing cursor on the screen and nothing else.  Although, sometimes it is not as easy to detect when corruption has occurred, if the data you were expecting is not coming out the way you had anticipated this could also be the making of data corruption.

    The next steps after the detection are critical and can determine the extent of the disaster.  Unfortunately there are many cases where the incident was made worse in an attempt to fix the initial symptom when the underlying cause was much deeper.  Therefore knowing when something has happened, and what to do next are key components in the safety of the data.

    Corrective Measures
    Once the disaster has been identified, the next step is find the steps necessary to fully recover with little or no data and time loss.  Therefore procedures should be written and put in to place as to the severity of the corruption and how to restore.  For example, if there is just a corrupted file, how to restore that file from a back up location, or if a hard drive fails, how to replace the drive and restore the correct data.

    After the data has been restored and the system is back up and running normally again, document the incident, including the date, time  it occurred, what caused the incident, and what corrective measures were taken.  There are many times when the documentation will uncover something more is going on, for instance you may find that a specific file is getting corrupted on the first Thursday of the month, right after a certain task is done.

    Cost
    I often ask people “If your computer fails, what is the most expensive thing to replace?” I get all sorts of responses ranging from the motherboard to the monitor.  Although these are good answers, they are not correct. The most expensive thing to replace in a computer system, especially a server environment is “the data” and in many cases, the data is irreplaceable.
    It is estimated that, only 6 percent of companies suffering from a catastrophic data loss survive, while 43 percent never reopen and 51 percent close within two years