Disaster Recovery Journal- Volume 18, Issue 1 - Winter 2005 Issue

Return to the
Winter 2005 Issue

DISASTER RECOVERY
JOURNAL

P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276
Fax: (314) 894-7474
Internet www.drj.com
E-mail drj@drj.com

EXECUTIVE PUBLISHER
Richard L. Arnold, CBCP
richard@drj.com

EDITOR-IN-CHIEF
Jon Seals
jon@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

ASSOCIATE EDITOR
Ed Pearce, CBCP
ed@drj.com

ASSISTANT EDITOR
Pamela Clifton
pamelaclifton@hotmail.com

COPY EDITORS
Jim Hammill, CBCP
Richard Sandhofer
richards@drj.com

ADVERTISING
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
mercedes@drj.com

CIRCULATION
Laura Baugh
laurab@drj.com

EXECUTIVE COUNCIL
Mike Croy, Forsythe
Jeff Dato, MBCP, KPMG
John Jackson, IBM
Edward S. Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting Inc.
Pat McAnally, SunGard Availability Services
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard

INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity
Phone: 0161-237-1007
thomh@tempus.demon.co.uk
Japan: Shinji Hosotsubo
Crisis Management and Preparedness Organization
Phone: 03-3519-6270
fax: 03-3519-6255
hosotsubo@cmpo.org
Brazil: José Carlos Ferreira
Disaster Recovery Mercosul
Phone and fax: 011-3666-9506
jocaff@uol.com.br

Click Here for a Printable Version

Adaptive Backup: Beyond Due Diligence

By DANIEL HARDMAN

Backups are a staple of any network. However, while created to help ensure the ongoing availability of data, backups are more often the last resort in the wake of a disaster. Transferring data onto tape through either a complete or incremental backup is one issue, but actually being able to access that data is another.
Disk-to-disk, imaged-based back-up systems ease many of the challenges associated with traditional backups. These solutions make quick work of restorations, whether full system, bare metal, or individual files and folders. What’s more, set-and-forget disk backup solutions are now available that require minimal human intervention, increasing the convenience and speed of doing regular backups.
But it is the integration and interoperability of backup systems with other innovative technologies that holds the greatest potential for ensuring data is accessible, safe, and recoverable. Coupled with systems management, patch remediation, and early warning solutions, backup becomes highly adaptive and delivers on its promise of protecting business continuity and enhancing overall security.

Easing Administration
Systems management solutions are designed to ease the administration of complex IT infrastructures – including desktops, notebooks, handhelds, and servers across LANs, WANs, and the Internet – all from a centralized console. Rolling out new applications or distributing software updates becomes an automated process that obviates the need for administrators to run from computer to computer and from site to site. Systems management solutions also streamline user profile management and version control functions within an enterprise.
While backup functions are traditionally not entirely overlooked by systems management solutions, they are often not fully utilized. Omission frequently begins with the backup policy. The complexity of backups leads to an inappropriate, blanket backup policy where defaults are the norm. In many cases, servers are set for a full backup once a week, while all systems get an incremental backup every evening.
In a static environment, this blanket approach is appropriate. In a dynamic environment, it is not. When new or updated software is deployed, an IT environment is at a higher exposure level. This elevated exposure puts data at greater risk. If backup solutions do not respond to this change by backing up more frequently or even by retaining backups for a longer period of time, then they are not providing appropriate protection.
In contrast, by leveraging the wealth of information contained in a systems’ management framework, the non-traditional, adaptive back-up system is able to actually enhance the reliability of the enterprise infrastructure. With adaptive backup, when a new application or upgrade is set to roll out, the systems management software alerts the back-up software, which notifies the IT administrator of the situation and awaits his or her response. The result is a back-up system that adjusts to accommodate current conditions and guards against data loss automatically.

Recognizing Vulnerabilities
Patching is a serious and time-consuming issue, especially in large IT environments with a diverse mix of software. A flurry of patch releases leaves IT administrators scrambling. But installing patches is only one challenge; testing them is another. Before being deployed, patches must be applied to test machines that represent all systems and software. And the typical test period is 30 days.
An adaptive back-up system – based on its back-up policy – recognizes when the IT environment is at an elevated risk level as patches are tested and responds accordingly by backing up more often and keeping backups for a longer period of time. Once the patches are deployed, the adaptive backup system acknowledges maintains an elevated risk state until the patches are actually installed across all relevant systems and working correctly. Only then will the exposure level drop and the backup schedule return to normal.
The coordination between back-up solutions and patch remediation software provides organizations a defense against patch-related problems that may compromise data and threaten system stability.

Proactively Protecting
Like today’s sophisticated radar systems that enable meteorologists to anticipate the weather, early warning systems combine both automation and human expertise to deliver up-to-the-minute information on Internet threats as they emerge and move around the globe. These early warning systems enable organizations to make quick, accurate, and prioritized security decisions to protect their corporate assets.
The convergence of early warning systems and backup gives organizations a proactive solution for protecting data. Before a virus, worm, or other malicious threat actually initiates an attack, the early warning system and adaptive backup solution work together to ensure that the frequency and retention rates of backups are increased until the high exposure level subsides.
Of course, some Internet threats are lightning fast and spread across vulnerable systems so quickly they leave little time for proactive protection. In cases in which an attack actually occurs, an adaptive backup solution still provides data protection by quarantining all backups – in essence, freezing the data so it is usable after the attack.
An added benefit of adaptive back-up is that even after a successful attack, it aids in forensic analysis. As the adaptive backup system takes and saves hourly backups, these backups can be analyzed to help determine not only when the attack occurred but also where it came from. The synergy between adaptive backup and early warning systems offers IT administrators a tool for strengthening the security of their organizations.

Security and Recovery
The purpose of backups is to enable recovery. Adaptive back-up solutions make this a reality by working together with systems management, patch remediation, and early warning systems in a harmonious convergence that increases the reliability and enhances the security of critical business data.
Technologies are already available to enable such a solution. Disk-to-disk backup software simplifies the process of backing up data any time and any place. Systems management solutions streamline administration tasks, and patch remediation software eases the important but time-consuming task of addressing vulnerabilities. Early warning systems enable IT administrators to outpace, prepare for, and more easily recover from security incidents.
Together, these technologies produce a synergy that makes adaptive backup a promising new solution for ensuring a more secure, productive, and manageable computing environment.

Daniel Hardman is a software architect with Symantec Corporation’s enterprise administration business unit in Orem, Utah.