Let’s play a game. Assuming the worst.

You’re feeling pretty confident about your backup strategy. You’ve carefully considered what data is most important, how often it changes, storage availability and how fast you’d need to recover. You’ve looked at every angle, studied backup strategy creation, gone through the process of configuring backup jobs, data retention and reporting to the best of your ability.

Your backup jobs are working, and you have data being sent offsite to adhere to the 3-2-1 backup rule. You understand and have carefully documented the restore objective of your important data and machines.

Everything should be smooth sailing. You think.

While you may have thought about a number of scenarios, have you played a little game where you assume the worst? Just like in Game of Thrones, you need to consider every morbid possibility for both hardware, software and even personnel. I’m not saying the printer is out to kill you, but maybe it is… 😉

Assume The Worst

“Sometimes when I try to understand a person’s motives, I play a little game. I assume the worst.”

Let’s Play a Game

Let’s cut through a couple worst case scenarios when it comes to dealing with backups.

  1. A NATURAL DISASTER STRIKES
    A hurricane, flood, fire, tornado, earthquake strikes or a car crashes into your building at the perfect spot to hit the servers:
    – How and where will you recover to?
    – Do you have any financial/regulatory exposure?
    – What does insurance cover?
  2. YOUR COMPANY FACES A ROBBERY SITUATION
    Thieves get into the office and clean it out:
    – What authorities need to be contacted?
    – How do you determine if any personnel were involved?
  3. YOU ARE HIT WITH RANSOMWARE VIRUS
    A Ransomware or Malware removes access to data:
    -How will you determine how deep the infection goes?
    – How did it gain entry?
    – How can you recover and make sure that there are no remnants of the infection on your network?
    – Do you have any financial/regulatory exposure?
  4. YOUR DATA STORAGE COMPANY GOES OUT OF BUSINESS
    Your offsite location or vendor closes shop
    – What happens to the data that is offsite already?
    – What is your next quickest option to get data backups offsite?
    – If you can’t access that data do you have any regulatory exposure?
  5. NO IT SUPPORT IS AVAILABLE
    Your entire IT team including yourself are incapacitated or eaten by zombies
    – From a company perspective, business must go on.  Will the documentation that you have produced be easily interpreted by another competent IT group?
  6. MANAGEMENT MOVES TO THE CLOUD
    A key stakeholder quits and the replacement wants to put everything in ‘the cloud’ and dictates that nothing will be onsite and everyone will use iPads for everything!
    – Assuming that this is not even feasible in your business and you cannot convince management any differently, you should have something in your backup plan for how to react.

Now that we have you thinking about the extremes, let’s schedule those activities that must be on the calendar to keep us regularly improving upon our backup strategies:

1. Doing a full re-inspection of the backup strategy annually
2. Updating the backup strategy quarterly
3. Testing full recovery of business-critical services/data quarterly (Schrödinger’s Backup concept)
4. Testing full recovery of entire site annually
5. Rotate used media out at half mark from manufacture warranty
6. Reevaluate cloud storage usage annually
7. Reevaluate storage needs for backup usage annually

It might seem silly to consider morbid or wild scenarios, but data loss is no laughing matter. If the actions leading to data loss came in an expected, straightforward manner, then nobody would lose data. Stay watchful, expect the unexpected, and build it into your backup strategy.

Leave a Reply

Your email address will not be published. Required fields are marked *