Backups: Have you Tested?

Backups are important, but there are different ‘flavors’ of backups. Sometimes it’s just a copy; sometimes it’s a copy in a remote location; other times it’s a backup disaster recovery solution with incremental moments in time (our favorite!). A copy can be damaged or infected. A copy to a spare drive or device can be damaged or can ‘walk.’ A remote backup would have to be downloaded if it was needed.

We recommend testing your backups on some regular schedule. If it’s a copy, can you mount it and access it? If it’s in a remote location, how long does it take to download it if you needed it, to what equipment, and will it run?

Here’s a good one: the latest crypto viruses are looking for backups so they can infect or destroy them. It’s important that your backups are immutable, that they cannot be changed or deleted once they’re written, taking this kind of attack off the table.

If the worst-case scenario happened to you, does your team know who to call? Has the recovery process been tested so everything is in place, and you have all the credentials you need?

One of our clients had a virtual server (VM) that we were backing up. It’s a long story, but it turns out the Operating System (OS) was no longer on that VM partition, only the data. Without the OS, you can’t access the data. We had the backups! Without leaving our office, we were able to recreate the server from the backup and restore it to their environment 800 miles away!

In another example, the customer had backed up the data, but not the server. Turns out there was a hardware failure. We were able to replace the hardware, install the Operating System, then get all the data from the customer’s backup using a bare metal restore. Four hours later, the customer was back up and running without data loss, all this after a total hardware failure.

With a disaster recovery plan, we were able to restore a client back to a pre-infection state. The owner’s computer had been hacked and was renaming and infecting anything it could ‘see.’ We powered off the server, accessed the backups that were outside the network devices, and in less than two hours, restored to pre-infection state, and cleaned the owner’s computer! – CMW

MENU