In this blog, i’d very much like to discuss the the differences between 2 concepts; Backup and disaster recovery. All too often I need to point out the major differences of both concepts and possibly let someone down who though they had a super backup solution, only to find out that they have a disaster recovery feature implemented instead. The only reason that they didn’t know they had a wrong solution to their problem, was because they did not have to use it (yet).
If, “i don’t see your point” was the first thing that went through your head, please read ahead; this blog is targeted at you!
Let us start by looking up the definition of backup:
“Backup refers to the copying of physical or virtual files or databases to a secondary site for preservation in case of equipment failure or other catastrophe. The process of backing up data is pivotal to a successful disaster recovery (DR) plan. Enterprises back up data they deem to be vulnerable in the event of buggy software, data corruption, hardware failure, malicious hacking, user error or other unforeseen events. Backups capture and synchronize a point-in-time snapshot that is then used to return data to its previous state.”
Now let’s have a look at the definition of Disaster Recovery:
“Disaster recovery (DR) is an area of security planning that aims to protect an organization from the effects of significant negative events. DR allows an organization to maintain or quickly resume mission-critical functions following a disaster. A disaster can be anything that puts an organization’s operations at risk, from a cyberattack to equipment failures to natural disasters. The goal with DR is for a business to continue operating as close to normal as possible. The disaster recovery process includes planning and testing, and may involve a separate physical site for restoring operations”
As you can see, i’ve made 2 parts bold and this is where the main difference becomes very clear. Backup is made to return data to it’s previous state, while DR is about returning to it’s latest or current state. Small but very important differences which i will explain by using 2 example companies:
Company A’s data is being backed up onsite, so they have 1 original copy of their data and 1 onsite backup). They do not use offsite backups, but instead rely on block based replication implemented with an RPO of 0 minutes; imediate replication fort he least amount of DR downtime.
Company B uses a modern, non legacy, backup solution and they have 3 copies of their data, 2 backups which land of 2 different media types and 1 offsite: Backup to Tape and moved offsite daily.
Now lets say company A and B both have encountered ransomware activity; all files on the file servers are held hostage/encrypted and all of their backup data is deleted. Remember that is just an example, but hackers and unintended file loss are a common sight.
Would they try to recover files from their offsite “backup” , then they have a fairly big chance that they cannot recover at all; all of the changes are replicated to their secondary data center, this implies that unintended changes also get replicated! So now on both storage arrays their data is encrypted! Should they have replicated not only the primary storage, but also their backup storage it’s all the same; The backup data is deleted on both the backup storage arrays. Since there is no data in a current state to restore to, it’s lost forever.
Company B would also have lost their data on the file server and their backups are deleted, but could restore their files from tape. They will experience an availability gap, but data is recoverable and back online asap to it’s Previous state.
Now imagine that both companies didn’t have a ransomware infection, but their main production storage array just broke. In this case Company A can failover to their replicated data and go on working with little or no downtime and thus no availability gap.
Company B on the other hand will need to restore they full range of VM’s from tape and will experience a much bigger downtime and have a bigger availability gap.
I hope that with these simple examples you now understand why Backup is part of a DR plan, but DR is not a backup. If in any situation you are still in doubt, don’t hesitate to ask and send me an email using the contact form.