Business Continuity Tip of the Month

Backups – why bother?

This might seem like a strange question, but why do you bother to back up your data? Perhaps you don’t, personally, but there’s a fair chance that someone in your organisation does so on your behalf. In which case why do they do it?

The answer is, or at least should be, to enable recovery of data to an acceptable point within acceptable timescales in the event of a problem. In which case, why do people then do everything they can to ensure that they won’t be able to recover data from those backups?

For instance :

  • Backups are scheduled to make backing up more convenient or to minimise the backup media used, making the restore process massively inconvenient and much longer as a result;
  • Backup media are taken offsite when it suits the individual(s) concerned (often at lunchtime or the end of the day), rather than to ensure the minimum possible data loss, thus compromising the achievable recovery point;
  • The backups don’t go offsite at all, or do so very infrequently (weekly or even monthly is worryingly common), because to do so every day would be expensive or inconvenient – conveniently overlooking the expense and inconvenience of a) running the backups in the first place or, more importantly, b) losing a week’s or a month’s worth of data;
  • “Disaster recovery” backups are brought back onsite to restore individual files that have been deleted or corrupted, again compromising recovery capability;
  • Restores aren’t tested, despite the well-publicised fact that most IT recoveries don’t actually work the first time they’re tried, so the ability to recover is nothing more than an assumption.

We shouldn’t forget that the purpose of backups is to enable recovery, not to just slavishly do backups for the sake of it. So why on earth go to all the trouble and expense of backing up your data if your processes and practices mean there’s a pretty good chance that you won’t be able to recover anything from them anyway?