What Backup is Right for You?
Backup. You know you should be doing it and you are constantly worrying about it when you haven’t. So, you start looking at backups and well, there are a lot of options out there, so how do you choose?
Here are two, high level questions that you should ask and answer first during your honorary quest for a solution that meets your business goals:
Question 1 – What RTO (Recovery Time Objective) does our business need?
Question 2 – How often do I need backups to occur?
Let’s take a look at each question to make sure you are aware of all the possibilities.
What RTO (Recovery Time Objective) does our business need?
Here are the available options:
- Immediate (recovery of data)
- 15 minutes
- 1 day
- 1 week
- 2 weeks
- And many other times in-between
When answering this question, think about the business implications when your server is down.
Essentially, what you are asking yourself is “how much does it cost if I do not have access to information on my server or other line of business application on my server for ‘X’ amount of time (lost revenue, lost productivity, etc.).”
If it is costly to your business or can result in mistakes from staff, you should consider getting a backup solution that has a small RTO. This is particularly important in Healthcare and other regulated industries.
For example: Those who store and use PHI are required by the HIPAA security rule to put forth a business continuity plan. Part of this plan is to explain how they will continue to operate their business in the event of a software failure, hardware failure or other natural disaster.
The lower the RTO, the higher the cost. See Figure A below:
How often do I need backups to occur?
Here are some available options:
- Always backing up
- Once per hour
- Once per day
- Once per week
- Or, a lot of different options in between
When answering this question, think about the business implications if you were to lose fifteen minute’s worth of data, a week’s worth of data or a month’s worth of data.
How would each of these impact your business?
For businesses processing lots of transactions, even a minute of data loss can be very costly. Many small businesses can survive with some data loss, but any data loss comes at a cost. As a result, it is left to business decision makers to determine what the cost of recovering or recreating the data would be and what the potential loss of revenue might be if the data is not able to be recovered or recreated.
The smaller the increments between backups, the higher the cost. See Figure B below:
The graphs above (Figure A & B) are based on observed industry trends. You will notice that the trend for both RTO and the length of backup intervals is the same.
The highest cost backup solutions are one in which there are systems in place to allow for no downtime and no data loss, while the lowest cost have the potential for extended downtimes and much data loss during an outage.
There are many more considerations when choosing a solution, but I believe spending some time answering the first two questions will help narrow the playing field. Once you have answered these two questions, and you know what is needed to meet your business goals, then you can continue the quest of finding the backup that is right for your business.
Here are some other questions you may want to consider before taking the plunge!
Does the backup meet regulatory requirements such as HIPAA or Sarbanes-Oxley?
A very important consideration for those who must meet regulatory requirements is if a particular solution will help you meet that requirement. Those that have to meet HIPAA compliance have to sign a BAA (Business Associate Agreement) with the backup vendor you choose. This is not optional, so make sure the vendor you choose is willing to sign this agreement.
Is the data encrypted at rest and in transit?
Cybercriminals are always trying to steal data, yours is no exception!
Your data should be encrypted at every level:
- During backup
- At rest (locally; if the solution you choose stores backups locally)
- In transit to a remote data center
- At rest in the data center
The vast majority of backup solutions have this capability, steer away from any that do not!
How long is the retention period?
How long do you need to retain your data?
Be aware that retention times can vary from local backups to cloud backups. Find out what the retention policy is for both and make sure it meets your business goals.
Who monitors the backup? Me, the customer, or you, the vendor?
Most businesses outsource backups because they do not have the expertise to handle it themselves. When it comes to identifying and resolving an issue, are you the one who makes that call? Backups that you monitor and maintain are going to be less expensive, but will also be left up to you to make sure it is working. There is no right or wrong answer here, just make sure you know who is responsible for detecting and solving problems that occur.
Is it an image based backup or file based backup?
This should basically be answered when determining your RTO requirements, but still important to ask. An image based backup is one where the whole server is backed up, including the operating system, settings, etc. A file based backup solution is one where individual files and folders are backed up, but the operating system and other settings are not included. In the event of a failure, the image based backups can be restored to another machine, while retaining all the settings, thus eliminating the many man hours required to rebuild the server. This is not done with a file based backup. Clearly, an image based backup is the best option if you need to be back in business quickly.
If you do not need to be back up and running in a hurry, or if there is very little reconfiguration required, then a file based backup may work for you and save you some money.
What Backup System is Right for your Business?
In summary, you are the master of your destiny!
The solutions out there are endless and can be daunting, but answering the questions above will give you the weapons you need to make the right decision on your quest to find the backup that works for you!
Two options to consider
Depending on what the needs are of your practice or your business, neither of these products may interest you. However, we do have two products to offer that many practices and businesses have found to be a good fit for them. Both of these products are very good, but they are for business that have different needs.
1. HIPAA Compliant Automatic Cloud Backup
This product is designed for those on a budget, but are in need of a quality solution.
This backup system backs up data files only, but those files can be restored quickly. The backups are encrypted at very highest levels, and the backups are done automatically for you at an interval you choose (typically about once per day).
This may be a product you are interested in. If so, please contact one of our product specialists!
2. HIPAA Compliant Backup and Disaster Recovery (BDR) Server
This is a much more robust system and protects all of your data files along with all of your programs and operating system. With this solution there is a local backup appliance (BDR Server) that is backing up everything on your server locally at a very frequent intervals, then sending the backups offsite to the cloud every day.
This means that you are very well prepared for when the server crashes, is stolen or some other man made or natural disaster occurs.
When a disaster does occur, you will be able to fail over to the local backup appliance or to the cloud! On most occasions your business can normally be operating again within an hour!
Something you would like to learn more about? Please contact us!
You can speak to a backup product specialist by calling us at: 888-799-4777