Slashdot Mirror
Affordable and Safe Data Protection Practices?
cfreeze asks: "With the recent fire at the University of Twente, I started to think 'Are the steps I'm taking to backup my home network sufficient?'. The first thing going through my mind was the need to mail a set of recent backup discs to a family member. I feel this is a good first step, but due to the distances involved it may prove to be impractical. The second was a small hidden personal safe that is fireproof. What steps are you taking?" If you are interested in truly protecting your data, you have to realize that making backups is just a start. Next comes protecting those backups from floods, fires, and other catastrophes that might occur. What do you do to protect your backups?
but can the storage format your putting your data on stand up to the heat?
Why not do online backup? Many companies offer this fairly cheaply...
For instance NovaStor
Safety deposit box.
Your bank should make these available to you for next to nothing, and you don't have to worry about buying your own safe and making sure that it's secure, fireproof, etc.
We're going down, in a spiral to the ground
One fellow, who was paranoid about the permanence of magnetic media, even kept a copy of his raw data on punch cards (cartons of them).
What do you do to protect your backups?
:(
I use the squirrel method, hiding my data on the drives of unsuspecting dupes all over the internet.
Unfortunately, I can't remember where all of these bits are, so if my primary system gets messed up I am going to be dataless
Eve Fairbanks says I drive a hybrid!LOL
That's nothing compared to what happened to the Univeristy of One through the University of Nineteen. Let's hope they realize their mistakes with the release of the University of Twente-One
just because you have a backup, doesn't mean it works.
We were backing up our Oracle database with the export-utility, and DIRECT=Y flag. Well, unfortunately, sometimes a direct backup is corrupted (a direct backup bypasses all the SQL parsing, and unloads it directy from the tablespace).
Now we restore our backups every few weeks to our development databases, to make sure they are working.
We're doing this in an enterprise environment, but it would be easy to co-ordinate between two friends as well.
--derek
gambitdesign.com
Pad your data into some porn movie and you will have loads of copies floated around the internet.
Right now, CD-Rs (not -RWs) seem to be a great way to store moderate amounts of data. -RWs suffer from degradation pretty quickly despite their rewriteability (I've never seen one live up to the '1000 writes' standard they claim -- more like 3-7). For larger amounts, DVD-R may be the wave of the future, but high-quality tapes are probably as good if you can persuade your boss to let you replace them from year to year.
Periodically, it's important to store your backups offsite. A safe-deposit box works well, or perhaps a fireproof safe if you're worried about the confidentialness of your information. But yeah, I'd move that stuff offsite biweekly or monthly at a minimum.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
mod parent up: a while ago I was thinking about getting a fireproof safe for my own backups, but fireproof (as defined by manufacturers) doesn't really mean 'compatible with magnetic media', since an inside temperature that doesn't make paper burn and/or plastic liquefy, is still a temperature that will probably cook your cdr dye and/or play havoc with other magnetic media.
I found that there were safes that were guaranteed to keep the inside at a temperature compatible with storage media, but their prices were not as affordable (obviously).
-- the cake is a lie
You're new around here, aren't you?
A good alternitave is to put your backups in a safe in the back yard.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Then you play the little exhange game. Your data for my data. You want your shady finacial records, I want my porn. Or is it the other way around?
what about 8-9 years of email? my thesis? custom firewall/sendmail/other rules that would take ages to rewrite? digital pictures taken at important events in my life?
These are just some examples why I am probably going to go through the 'offsite box at my bank' route pretty soon...
-- the cake is a lie
You, sir, are a dork.
If your house burns down, it will burn all night and into the next day.
And for what you spent on all those safes, you could easily rent an insured safety deposit box at your local bank.
Of course, you know, that means going outside.
I don't need no instructions to know how to rock!!!!
Ok here's what I do for my small (about 12 persons) company:
You need two server machines, one to be the primary server, and one to hold a backup drive. (having the primary and backup drives on seperate machines prevents total loss through several faliure modes right off the bat, like a power supply malfunction on one machine)
These machines can be affordable and inexpensive Pentium II or III machines.
For this example, I'll tell you exactly what I used.
I went to newegg.com and bought three identical hard drives, 80 GB maxtors. I also purchased a lian-li removable IDE hard drive bay plus an extra cartridge for it.
I put one of the maxtors in the primary server machine, and made it the primary drive.
I put the other two maxtors in lian-li removable carts, and labeled them Backup drive A and Backup Drive B.
I put backup drive A in the lian li bay on the backup computer.
On the primary server, I made two tasks with windows task scheduler:
The first task does a full backup every monday night to the backup drive over the network.
The second task does a nightly incremental backup, on every night of the week except monday night.
When I come in on Monday morning, I remove the current backup drive, take it down to our safe deposit box at our bank, and swap it for the other drive, which has been sitting there for a week. in the evening, task scheduler runs a full backup on the drive.
So at all times, there is at least a week of incremental backups in case a deleted file needs to be retrieved, and there is an offsite backup that is never more than a week old, and there are nightly incremental backups on-site. All you have to do is swap the drives once a week and take them to your favorite off-site location for storage.
I've been doing this for a few months now and it's been good. I also put the server and backup machine on UPS, and the primary server has control of it through USB, and shuts itself down before the power dies.
--Mike
Better than rsync:
unison - I keep my desktop, server, and laptop synchronized over SSL connections. Like rsync, it sends minimal changes to keep source trees up to date. I can sync over a gig in my home directories in much less than a minute unless I dumped a whole bunch of new stuff on there.
http://www.cis.upenn.edu/~bcpierce/unison/
If tits were wings it'd be flying around.
When you test your restore, be sure you test it on a machine and tape drive other then the one you used to create the backup. Tape drives easily fall out of alignment. An out of alignment tape drive will generate an out of alignment tape. A mis-aligned tape may work fine in the drive that created it, but may not be readable on any other tape drive. This does you no good if the only tape drive that can read the tape is in a melted ruin.
If you are in a Microsoft network environment or any other environment that uses a central security or configuration database, (domain controller, directory server, etc.) don't forget to have a backup plan for that as well. Recovering the data is only part of the battle; you also have to recover the logins, security rights, and all other configuration aspects of your network.
Did you remember to store a copy of the install media and license codes for your backup software at your off-site location along with your backup media? How about written copies of your hardware and software configurations?
As others have noted, a safe-deposit box at a bank not too physically close to your computers is an economical option. I use this option for my home network. A down side to this is you can only get to your backup media during the bank's operating hours. If you need better access, a professional off-site storage company may be a better option. Many will pick up, deliver, and manage rotations for you.
Finally, don't forget that there are other things then fire and flood and natural disasters that can keep you from your physical equipment. Your data may be safe on your servers, but you might not be able to get to your servers if there is a chemical spill, civil unrest, or some other police action happening between you and your equipment.
Do your incremental backup at least once a day. Do a full backup once a week on two media. Keep one on site and the second offsite at a records retention service like iron mountain. Change out media at least once a year. I have seen sites that have been using the same tape backup tapes for years religously and have literally worn out their tapes. Make sure that you also backup your security keys for your data to a safe deposit box or that offsite data retention company. It is too easy for the key to be safely stored online on an admin station or server that gets burned in the fire.
Some companies that have very large enterprise data centers will even go so far as to have mirrored backup facilities. These companies effecticely have an entire redundant NOC that is at another physically seperate facility. Treat this much as you would your Internet servers in that you want to make sure that this facility has redundant internet and phone connectivity. Some firms that were wiped out by 9/11 had such facilities available in dedicated host sites and were able to seamlessly transition over within the day. The other firms quickly discovered that such space and facilities were taken by other WTC firms that beat them to the puch. This is by far the most expensive option there is, and is also the most survivable. For a company of sufficeint size though, even a single day down would easily exceed the millions this option can cost. Recommended only for very large operations.
Another option if you have a campus type facility is to lay underground redundant fiber between buildings. Have your redundant servers and tape backups there. This is very expensive if you have to dig up the ground. However once implemented this is probably one of the cheapest to maintain. Many uni's do this as a matter of course. They have enough data to make the occasional tape back up to offsite facilities impractical. This also allows for much higher speed operations that an internet backup. I have worked with (very large) banking facilities and techs from the various vegas casinos, and this practice is fairly widespread there.
I have also had a number of facilities that had mirroring in use and never realized that the primary disk had failed and that they had been living off their mirror for some time. So check your mirror every now and then to make sure it isn't running off backup. Also, if you have a raid array, make you have a hot swap
Last and most important. Test your backup! I can't tell you how many times I have worked with people that had backups that were worthless. I have probably referred at least one hundred facilities over the years to ontrack for data recovery when their tape backups, hard disks or raid facilities failed.
1) when placing your media in the fireproof safe pack so that it'd survive a good fall.
2) put the fireproof safe in a blasting shell of sorts surrounded by some explosives with a high ignition temp...
3) you're done! when the fire engulfs the shell your safe is in, the safe itself will be shot outside... your media/backups will be safe & unmelted!
Oddly enough, I was just looking into these earlier today. They make media fireproof safes. Most of them I saw say that they will keep the internal temperature uner 125 degrees F, and under 80% humidity. 125 degrees is the melting point of most portable media. They seemed pretty costly, but if you are going to get a fireproof box, why not spend the extra $100 to get one that is media friendly? I saw some decent, albeit small, ones for around $250.
My beliefs do not require that you agree with them.
Unfortunately, the poster of this Ask Slashdot question is the CEO of Connected.com.
C8H10N4O2 | Developer > Code
...for my personal data, I just burn it to CDs every now & then, and then throw the CDs into the glove compartment of my car. Of course, I'm not backing up pr0n, so all my data fits onto 2 CDs, and since I've already got a few music CDs in the glove compartment, might as well drop the other CDs there too. My car is enough "off site" (I don't park in my house's garage) that the data will be fine if my house burns down. I've never had the summer heat bake the CDs into oblivion, they've always been fine. Low end, sure. But it's good enough for home use.
My Greasemonkey scripts for Digg &
Basically my system is for the cheap and really lazy average user, but it still works fairly well. You'll need to spend some money, but that's just comes with the territory.
You need either a cdrom burner or tape drive on your server. You should be able to get a used 4/8GB DAT tape drive and scsi card off ebay for $100 max or a 48X burner for around $60. Then you'll need to get some 4/8 dat tapes which are dirt cheap at like $3-5 per tape, or some 50 packs of cdr discs which cost around $15. You'll of course need a hard drive big enough to store all your stuff, but considering you can get a 80GB one off pricewatch for under $100 that shouldn't be a problem. Also I personally use software RAID 1, which is nice, but if your short on funds you can do without it.
Basically on your server either linux or windows 2000, you have two shares or volumes dedicated just to your data. One is your read-only permenant share of mp3's,docs and crap you've downloaded. This share is readonly as an extra precaution. You can just pull what you need off it and copy it to your temp share if the file has been changed and needs to be backed up. The other is a read/write "temp" share which besides being a area to store New data you've downloaded, is for files you've worked on from your readonly share and as a result now need to be backed up. After they are backed up, you will then move them back to the readonly share.
On the temp share you will be using a quota system that should come with your OS. You will set this quote for say 650MB for cdrbackup and say 3.75GB if your backing up to a 4/8GB tape drive.
Now what this system does is stops the most common problem for backups. Since most people A) don't remember to backup and B) just stuff file after file on their server, is stop them cold if they exceed their temp storage space, which now is the same exact size as their backup media. At that point you HAVE to backup, and then you can move those files to your read-only share for further safe keeping. I constantly see people who put off backing up and then realize they have 25 GB that need to be backup up to Cdr. One additional step which although like RAID 1 most people won't due, is to make 2 copies everytime you backup. This is actually really easy and it then allows you to keep one set of backups offsite and one onsite. Offsite can be anywhere, that isn't in your same dwelling.
This system isn't one I would ever use at a client, but it works well enough, is cheap, and doesn't let the user's datasize grow widly unless they override the quota, which at that point nothing can help them.
Hopes this helps.
If you wanna get rich, you know that payback is a bitch
My carefully laid out program for backing up my data consists of these two steps:
1. If I have no space left on any harddisk, burn some of it to a CD.
2. Ehhh... ok, not two steps...