Backup
There are two kinds of people: those who do backups and those who WILL do backups. Sincerely, you don't want to live through the nightmares of a broken or compromised system not having a reliable backup of your data.
Think about it. What's the worst case scenario? Your critical data gets corrupted. Your business operations stop, and you can't continue until you recover your data in some way.
The data your system holds (especially the data stored at your core business component - your softswitch) is critical to your business continuity. This includes (but is not limited to):
Think about it. What's the worst case scenario? Your critical data gets corrupted. Your business operations stop, and you can't continue until you recover your data in some way.
The data your system holds (especially the data stored at your core business component - your softswitch) is critical to your business continuity. This includes (but is not limited to):
- CDR data
- system configuration parameters
- contracts and contracted prices
- invoices
There are three general guidelines regarding doing your backup properly:
- The backup should be done regularly and automatically
- The backup location should be not accessible from the backed-up system
- The recovery process should be documented and the actual recovery drills should be done from time to time
Let's examine each guideline in more detail:
1. Regular and automatic backups:
Humans make errors i.e. we tend to forget to do backups if we do it manually. Automatising the backup process ensures you to be worry-free, knowing that your data is being backed up on a regular basis in a consistent manner. Really, if you do backups every one or two hours (and that is reasonable for CDR data), automatic backups are your only reasonable choice.
2. The backup location should be not accessible from the backed-up system:
Very important, yet often underestimated aspect of backing up your data. Consider the following scenario (which I saw on several occasions in real-life): You put an additional disk into your server and do the backups to it. Your system gets compromised (hacked), the attacker gets root system privileges and BAM! he has access to your backups as well! This puts you at a high risk. The attacker, having root system privileges, is in a position to either erase or encrypt your data, demanding ransom or what not. To mitigate this risk, the system holding your backups must not be accessible from the backed-up system.
3. Recovery process:
Let me tell you a short joke about this one:
Schrodinger's backup: The condition of any backup is unknown until a recovery is attempted. :)
What is essential to any backup is it's ability to successfully recover the data from it. To ensure it is so, you must conduct periodical tests of your data integrity on the backup location. The recovery process should be well documented and should be easy to conduct quickly (you want your business to continue as soon as possible, right?).
While thinking about and planning your backup/recovery operations it is useful to consider the criticality of your data and try to imagine worst case scenarios:
- disk/hardware failures
- ransomware attacks
- physical theft
After you conclude that your data is actually one of the most critical parts of your business, build a simple yet reliable backup strategy. Write a document that describes the backup system and the recovery procedure. Keep that document somewhere safe, not on the system you expect to fail!
At last, consider your backup system (and corresponding documentation) as a part of a larger document: the DISASTER RECOVERY PLAN. While the data is the most critical part of your business, consider other scenarios that can disrupt your business operations (hint: network failures, angry ex employees...) and mitigate the risks accordingly. It often makes sense to hire an expert that will help you with the whole process by identifying critical spots within your business operations and providing consultancy/technical services to your business.
Should you have any specific questions regarding, feel free to ask them in the comments section!
1. Regular and automatic backups:
Humans make errors i.e. we tend to forget to do backups if we do it manually. Automatising the backup process ensures you to be worry-free, knowing that your data is being backed up on a regular basis in a consistent manner. Really, if you do backups every one or two hours (and that is reasonable for CDR data), automatic backups are your only reasonable choice.
2. The backup location should be not accessible from the backed-up system:
Very important, yet often underestimated aspect of backing up your data. Consider the following scenario (which I saw on several occasions in real-life): You put an additional disk into your server and do the backups to it. Your system gets compromised (hacked), the attacker gets root system privileges and BAM! he has access to your backups as well! This puts you at a high risk. The attacker, having root system privileges, is in a position to either erase or encrypt your data, demanding ransom or what not. To mitigate this risk, the system holding your backups must not be accessible from the backed-up system.
3. Recovery process:
Let me tell you a short joke about this one:
Schrodinger's backup: The condition of any backup is unknown until a recovery is attempted. :)
What is essential to any backup is it's ability to successfully recover the data from it. To ensure it is so, you must conduct periodical tests of your data integrity on the backup location. The recovery process should be well documented and should be easy to conduct quickly (you want your business to continue as soon as possible, right?).
While thinking about and planning your backup/recovery operations it is useful to consider the criticality of your data and try to imagine worst case scenarios:
- disk/hardware failures
- ransomware attacks
- physical theft
After you conclude that your data is actually one of the most critical parts of your business, build a simple yet reliable backup strategy. Write a document that describes the backup system and the recovery procedure. Keep that document somewhere safe, not on the system you expect to fail!
At last, consider your backup system (and corresponding documentation) as a part of a larger document: the DISASTER RECOVERY PLAN. While the data is the most critical part of your business, consider other scenarios that can disrupt your business operations (hint: network failures, angry ex employees...) and mitigate the risks accordingly. It often makes sense to hire an expert that will help you with the whole process by identifying critical spots within your business operations and providing consultancy/technical services to your business.
Should you have any specific questions regarding, feel free to ask them in the comments section!
Comments
Post a Comment