One effective way to help small business clients is to perform a backup assessment.  Here are a few questions and technician guidelines to help you with the process.

Interview the company stakeholders.  Ask the following questions

  1. What are you doing for backup now?
  2. What software are you using?
  3. What hardware are you using?
  4. How do you get the backup offsite?
  5. What is your top Line of Business Application(s)? (Usually accounting plus any vertical market applications that are critical to day to day operations).
  6. Who is responsible for backups (changing tapes or disks, monitoring logs etc?)
  7. Who is responsible for providing technical support if something goes wrong?
  8. Are there any known problems with the backup?
  9. Are you backing up the workstations or just the server?
  10. Are users storing data on their local workstations (60% of users do)?  Are there any group policies or automated methods in place to prevent users from storing locally?
  11. Is there a secondary backup? Secondary backup would typically use different software and hardware than the primary backup.  Examples might be an online service or simply copying data down to a large workstation hard drive.
  12. Do you ever do test restores?  When was the last one?
  13. When have you last successfully restored a single file or folder?  How long did that take?
  14. Do you backup non-windows machines (Linux, UNIX, Mac etc.?)
  15. What is your Recovery Time Objective (RTO)?  In other words, can you stand to be down for 1 hour, 1 day, and 1 week if there is a server failure?  This is the maximum acceptable amount of time for restoring a network or application and regaining access to data.
  16. Is your server hardware under warranty or hardware service contract?
  17. Does server use redundant drives (RAID 1,5,6,10 etc.)?
  18. Is there a written backup and recovery procedure?  Disaster Plan? Business continuity plan?

Technician checklist – Overview

  1. Check and record the size of server(s) hard drives, along with space currently used. This information will be compared to size of the backup to determine whether all data is included in backup.  If there is a size difference determine why – it may be due to compression or ommision of certain folders.
  2. Identify backup software – What is installed and what version of software is in use?
  3. Under what is the security context (username and password) is the backup running? (A common backup problem is when the administrator password is changed, causing backup software to fail)
  4. Go into backup software.  Verify and record the schedule (time of backup jobs), name of job, and what files/folders are being backed up.
  5. Is a full back up being done nightly or is an incremental system in place?
  6. Is compression or encryption currently being used?
  7. Is the software doing image or file based backup?
  8. Check the log files of the backup.  Are there indications that the backup is running nightly (file dated last night, backup log indicating successful?
  9. From the logs or by looking at destination drive are any files or folders being skipped (usually because the files are left open)?
  10. Look at destination of backup. What is the size and date of the latest backup file(s)?
  11. Is data being automatically replicated offsite?  To what website or company?
  12. How full is the backup media or destination currently? Is there a danger of it filling up?
  13. How long is the backup taking to complete?
  14. Do there appear to be multiple versions of the backup?  How many days/weeks months are being retained?  In other words, how far back and how many versions can be relied on?
  15. Under control panel, programs – try to identify any secondary backup software.
  16. Check to see if Microsoft’s shadow copy (previous versions) is implemented so users can right click a file and replace a previous version.
  17. Verify whether “always on” databases exist such as SQL, Exchange etc.

Background Research – for the final Report Overview

Verify whether current version of software has any updates.

Use the Internet to verify whether the backup software handles the following:

  • Active Directory (System state in a domain environment)
  • Open files (Microsoft VSS support)
  • SQL
  • Exchange (Brick level or granular restore capability)?
  • Virtual machines
  • Bare metal restore
  • Foreign hardware restore (driver injection)
  • Incremental backup with synthetic roll up to a single file or a few files
  • Does the backup preserve the security (Windows permissions) of network files?
  • Does backup encrypt the data at rest (on the destination media) and/or in transit?

If there is a “full service” backup vendor do they provide E&O data insurance coverage for failure to restore?  How much?

Category: Blog