File and Data Replication or Backup?
File and Data Replication overview
Which should you rely on when you are faced with a disaster recovery situation, data replication or data backup?
File and Data Replication provides instant peace-of-mind when you want to know the critical file you have just created is stored on another system separate from the one you are using. Replication isn’t a magic silver-bullet when it comes to data durability though, and we need to look at it in more detail.
Replication is similar to clustering. However, clustering is used to ensure service remains online and is persistent for its users as well as providing improved data guarding.
Data Replication is at the heart of every object storage provider’s environment along with some other features such as Soft Delete. Soft Delete allows you to recover your deleted data within a set time frame – a bit like the recycle bin on your Windows device.
RTO (Recovery Time Objective)
Do you know how long your business can survive, or what the allowed downtime is when access to critical data is lost? Can you restore your critical data quickly enough to prevent a loss of business continuity?
RTO and RPO can help you calculate data your business continuity planning.
Cloud Backup Overview
File and Data Cloud Backup is completely different from Replication and is by design deployed as a formal service that can’t be easily modified. Your backed-up data can never be shared amongst users in the same way as a basic file sharing service.
A backup set will store unlimited revisions of your data from any point in its history and will be there when you need it. Because only authorised sysadmins can access the data, and the encryption password can’t be changed, backup sets will never unexpectedly change, or encryption passwords fail.
Cloud Backup is very different from file replication and cloud storage and instead will protect your data from all potential data-loss risks. No matter what happens to your live data, it will always be available to restore. A simple file sharing service is NOT, and never will be a proper backup service your business can rely on to protect your critical business data. If your business has a lot of data that you will need to restore quickly, then Cloud Backup (without any throttling) is the best option.
Data compliance is governed by many external factors, such as a company’s insurers, local laws, employee laws, and GDPR in the EU to name a few. A managed cloud backup system meets all these criteria.
Basically, if a company needs to defend itself against a legal or employee dispute 10 years from now, it must be able to restore all relevant databases, files and emails. If a simple cloud storage service is used, it will be unlikely that file history will go back further than 3 years. Many lower-cost systems purge incremental data older than 30 days.
It is also worth considering that no file cloud storage service can backup corporate email such as Office 365 or databases.
File and data replication Pros and Cons
File and Data Replication will usually happen instantaneously when a change is made to data on the primary service. If the secondary replication node isn’t on the same LAN as the primary service and data is transferred over the internet, the replication process will replicate only the file changes (deltas). This is by design so that the data can be replicated quickly.
We relied on Microsoft’s Hyper V replication (nothing shared) for years to maintain our guarantee of data durability. Hyper V replication gave us the flexibility to replicate all customer data to any other physical location.
5 years later, after moving our operations to the Microsoft cloud, and then to Wasabi, data replication is no longer our concern because it is managed automatically for us. Our cloud partners manage all the data replication and we still rely on replication to maintain the eleven 9s of data durability on our customers’ data.
Using our service as an example: when a file is saved to our storage, it is replicated to other hardware. The file is protected even if one storage unit or multiple hard disks fail. Storage units have additional internal data-guarding such as disk RAID.
File and Data Replication will replicate corrupted data across all nodes, and this includes files that have been encrypted with ransomware.
This is where the cybercriminals and their ransomware thrive. They know if they can corrupt your data through encryption, that corruption will be replicated across your data sets before you get a chance to stop it.
Standard replication will also purge the data after a user has deleted it (unless soft delete is being used). This will be a problem when countering accidental or deliberate data deletion by an authorised user.
Is your file replication working? The success or failure of replication nodes probably won’t be visible to end-users and can be a headache for the Sysadmin to maintain.
Replication isn’t a million miles away from a RAIDed disk system in a server, in that, if one component fails, there is another. Replication goes a lot further than simple RAID because it will continue to work if an entire server or storage unit fails, where RAID 5 or 6 will stop if the RAID controller fails.
Cloud Backup Pros and Cons
Encryption passwords can’t be read or reset. This is essential in preventing ongoing Sysadmins from knowing the backup set(s) encryption passwords. The password can be stored safely offline with other mission-critical passwords and shared with authorised staff. Encryption passwords can’t be reset because they are created when the backup set is created and are never transmitted to the cloud storage provider where they can be read. If an encryption password can be reset, then it is open to malicious or accidental modification or exposure.
Lock restores to authorised IP addresses only.
Some Sysadmins don’t like the formality of cloud backup services and prefer an easy-to-use file share service instead. These always upload encryption passwords to the cloud and can be easily shared and accessed by users outside of a company without any auditing.
Replication and Backup rules
Encryption passwords should be set for life
It is advisable to have a system where the encryption password cannot be changed. Experience tells us this leads to password changes being lost and anyone being able to reset an encryption password.
1. An ex-employee who has been fired could be walking around with encryption passwords and restore data after they leave the company.
2. If encryption passwords can be reset, that also means the password must be transferred to the cloud backup provider.
Backed-up data must NOT be shared or synced
A Cloud Backup can’t be synced or shared with other devices or users. If that function is required, we recommend our enterprise backup, sync, and share service
Lock restores by IP address
Our software has a built in feature which restricts where data can be restored from. If someone tries to restore data from an unauthorised location specified by a public IP address, the restore will fail. This prevents an ex-employee who might have access to login details and encryption passwords from restoring data.
This useful feature can also be used for mobile devices so that restores can only be done within the corporate network. The IP restriction is optional and can be set for some backup sets and not others.
11 Nines of data durability
If you like your maths, this is the topic for you. Eleven 9s, or 11 Nines, or even 11 9s all mean the same thing, and that is the availability or durability of your data. Both are usually expressed as a percentage of availability each year. Wikipedia’s explanation
BOBcloud’s storage has 11 Nines of Data Durability
99.999999999% durability of objects over any given year makes our cloud storage more than 1 million times more reliable than physical storage.
If you store your backups with us, Microsoft Azure, Amazon AWS, Wasabi, or Backblaze B2, statistically, you will lose only one file every 659,000 years.
You are about 411 times more likely to get hit by a meteor!
This level of data durability for a cloud backup is all that stands between a company’s survival or failure following a loss of data.
Common causes of data loss
Hard disk or system failure
Whether you are using a PC or laptop with a single disk, or a server with RAID 10, your system can fail at any time. Single disk systems are guaranteed to fail at some point. It isn’t a case of if, but when a single disk system will fail. A simple cloud backup will keep your data protected.
Accidental or malicious data deletion by a user
This is a very common cause of data loss and the biggest reason our resellers need to restore their data.
Ransomware is when a cybercriminal gets you to run one of the files they have transmitted via email, web browsing or other means. Your data will become encrypted with a password which the cybercriminal will only send when you pay a ransom in bitcoins.
Worried? Take a look at these organisations that didn’t think they were at risk vulnerable to ransomware
This is more of a problem for laptop users; however, thefts of desktops and servers still happen.
Fire and water damage
Not such a big cause of data loss today, but still a risk
Cloud backup FAQs
Even today, a lot of sysadmins still view Cloud Backup as a weird science, something that won’t work for them, or they have never taken the time to adopt the technology.
I’m not worried about data loss because we use disk RAID
Every system will fail at some point. Even if it never fails, all data is at risk from accidental or malicious data deletion, becoming corrupt, or ransomware.
We use USB disks for our backups and have never had a problem.
There is nothing wrong with using removable drives as a secondary backup location or for storing non-critical data offline or archiving.
Potential problems with removable drives and disks are:
1. The backups aren’t error checked when they are completed. Without a full integrity check run on every block to check that it can be read after it has been written, the backup is, at best, a ‘wish’.
2. USB disks are at the blunt end of physical damage. They are often thrown in the back of a car for offsiting and are generally mishandled.
3. If offsiting is used, disks are likely to suffer from rapid temperature changes when being moved from a cool server room to their offsite location.
4. USB disks can easily be mounted on another system and read. Even if they are encrypted, it is relatively easy to decrypt data when you have access to the physical disk.
5. File history and revisions are limited. It isn’t uncommon with a cloud backup service to have hundreds of revisions for one file. These history levels can’t be replicated with a few external disks.
We have always used tapes
There is nothing adverse – to say about tape backups if they are managed correctly and tapes are offsited correctly.
However, cloud backup has many advantages over tape backup systems such as:
Lower cost (never buy hardware again).
No technical skills required because a central Sysadmin can monitor and manage the cloud backups.
Backups can run more frequently.
Faster restores (and from anywhere).
No blanks in the backups when the designated tape changer is ill, or during weekends or holidays.
In conclusion, there are numerous ways you can backup your data so that you have a copy separate from your live data.
Having heard of many disaster scenarios which companies haven’t fully recovered from, we know it is more important to focus on how quick a system can be restored. If it takes more than 12 hours to restore a system back to operating status, that will almost certainly result in a loss of revenue. RTO and RPO calculations are the best and simplest methods to determine if you can achieve your restore goals.