How do you manage backups ? How many copies do you keep ?
I have always puzzled what will trigger a chain reaction resulting loss of them ? I have even considered head hitting the wall 😭️
For me, one online and one offline.
A lot of things can go wrong. But as long as one of these are available physically, I think it is safe.
Abhi How do you manage backups ?
It is really a costly affair, I have to be discrete.
Abhi a chain reaction resulting loss of them ?
This is true. But I don't take the worst case scenario seriously. We can't prepare for everything.
A friend told me this
Some admins go crazy with backup handling. They spend more time and money on backup that actual hosting charges.
Everyone says having one or two hard copies is the best way to do it. We take backups because we don't have much faith in what is available online.
One point that everyone misses (including those on this thread) is the testing of backups. Yes, we all create them, but how often do you actually test them ? Additionally, how do you know that your backups have not been seeded with malware ?
phenomlab Additionally, how do you know that your backups have not been seeded with malware ?
Once they are offline, isn't it easy to get rid of it than it were on a server ?
phenomlab but how often do you actually test them ?
What is your method ? I know, you are raising a genuine concern.
phenomlab any scanning is typically covered by realtime but will allow backups down to a crawl in the process. The real issue isn't so much malware being present in the backups themselves, but files that have been encrypted in a remote file share by an infected client. Unless you are looking for changed file extensions, it's unlikely you'll see these until you need to perform a restore.
Valid point. You mean we should run a scan ? Don't we do that before taking a backup ?
Abhi a random restore test once per quarter is generally considered the minimal standard. If you can script the restore process (not difficult as you can expose the API of most software), then you can go for even shorter periods.
BackupExec (now I'm really showing my age) has a backup verify feature, which could easily have been confirmed to spot files that had their extensions changed)
Abhi Once they are offline, isn't it easy to get rid of it than it were on a server ?
Well, yes, and no. Most of this depends on your retention cycle and regulatory storage periods. Offline is more secure once you certify backup sets clean, but online backups are of course vulnerable if they are stored in a public cloud without any security.
Sounds like you work for an institution which has considerable risk of attack. The methods are thorough. Not sure everyone will be this careful unless you are handling with very sensitive data. But yes, very informative.
admin I do indeed.