Respondents to our InformationWeekBackup Technologies Survey are scrambling to keep up with fast-evolving IT architectures and security and business demands. While the percentage who perform test restores for most of their applications at least once per year increased from 38% in January 2011 to 44% in our March 2013 survey, that still leaves more than half who test sporadically, at best. Admins too often exclude some systems from not only their nightly but also their weekly backups and neglect to back up data at the remote or branch offices they support. Yet 84% are somewhat or very satisfied with their current backup systems. Go figure.
Among our 502 respondents, 73% use the same system for backing up physical and virtual servers, down from 79% in January 2011, indicating rising adoption of VM-specific backup systems. Other data points: 66% still back up directly to tape, though for 33% use is limited; 39% do not encrypt any backup media. That's the bad news. The good news is that percentage is down 17 points, from 56% saying the same in 2011. Less than half even occasionally perform full system restores, but 34% have at least weekly demands to do single-file restores. And just 27% are extremely confident in their ability to get the business up and running again in a reasonable time frame after a major disaster that takes out the main data center.
We also asked about the percentage of physical and virtual servers being backed up on at least a weekly basis. Our respondents are pretty good at protecting physical boxes, with 80% reporting that they back up at least 80% of their servers at least once a week. The same can't be said for VMs, however, despite the fact that most orgs now virtualize production workloads: Our latest InformationWeekVirtualization Management Survey shows just 4% have no server virtualization plans, and 69% even use desktop and/or storage virtualization. Yet the rate at which virtual servers are protected still lags behind that of physical servers by a full five points. For nearly half of respondents, when servers -- physical or virtual -- aren't backed up on a weekly or more frequent basis, it's because they contain only test or static data that IT has other copies of. But others are putting the business at risk. Some of our respondents, for example, seem to think that files replicated to another site or stored on high-availability systems are sufficiently safe. Yes, this data is protected against hardware failures. But it may be vulnerable to user or application errors that lead to corruption. Even if all your data is written to multiple disk drives, or even multiple systems in different locations, if an irate or inept employee were to overwrite a critical file, say goodbye to all the copies.
More disturbing still are the respondents who told us "backing up that server is too difficult" (14%, up from 10% in 2011) or "the application owner didn't ask us to back it up" (9%, down from 12%). This is not rocket science. Some backup applications can scan for new servers on the network or in the hypervisor management console's database. Consider adopting these tools and creating a default protection level for newly found servers.
Moreover, when we asked respondents tasked with supporting remote sites how they back up data in these offices, an eye-popping 43% -- up from an already scary 41% in 2011 -- said they simply don't. An additional 22% still use distributed tape drives, which is almost as bad.
"We know we should be backing up, but the best we can do is maybe quarterly, triggered by project milestones, and then only some of the critical servers are backed up," says one respondent. "This does make life more exciting, as any wrong command, system or application failure, natural disaster, or break-in -- we've had two -- would be the end of everything. We are walking the tightrope, with a monkey on our back, on a windy day, over the fast lane."
Just stop. Today IT can choose from a number of methods to protect branch office data from a central location. The best options take advantage of the low cost of relatively high-bandwidth Internet connections and the security of VPNs. Consider setting up deduplicating appliances in remote offices and replicating to a central site or hiring an online or cloud backup service.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.