Developing Backup and Restore Procedures

Backup specifics and procedures vary according to the needs of a company. After you develop your procedures based on the considerations discussed in this section, it is important to test, document, and verify them. Periodically reviewing your backup-and-restore process is a key part of ensuring data security.

Considerations for Developing Procedures

This section offers a series of checklists — suggestions and questions — to serve as flexible guidelines when you develop a comprehensive backup-and-restore process for your company.

Delegation of Tasks

It is critical that reliable personnel perform your backup and restore operations. Consider the following questions when deciding how to delegate these tasks:

  • Who makes the policy that determines what files and computers are backed up, and how is the policy made known?

  • Who is responsible for performing backups?

  • If backups occur automatically, who handles interruptions such as error messages?

  • Who does the backup when the assigned backup operator is unavailable?

  • To whom is the success or failure of a backup reported? Who notifies the users if a backup fails?

Time-Sensitive Backup Questions

In addition to determining when and how often backups take place, it is important to know how long it takes to retrieve backup media and perform a restore. To determine this, ask the following questions:

  • Do all backups, both full and partial, occur outside of regular business hours?

  • Should backups occur immediately after or before regular business hours?

  • How often do you perform full and incremental backups?

  • How long does it take to retrieve backups or copies from a local or remote storage area? Can the remote copies be obtained at any time or only during business hours?

  • How long does it take to perform a full restore if the computer fails?

In the Event of a Backup Problem

Make sure to take certain issues into consideration before a backup problem occurs:

  • Determine who is notified if a problem or backup failure occurs, and what process they follow.

  • If backup fails because of hardware problems, is standby hardware on-site or available on loan from your vendor? Determine how long it takes to replace failed hardware.

  • Determine the availability of hardware and software technical support.

  • Does your technical support staff have configuration information about computers running Windows 2000? If not, you need to determine how to make the information available in the event of a problem.

  • How does support from hardware or software vendors affect how long fixes take?

  • If trained personnel monitor overnight backups, are they also scheduled to work the next day? Who covers their other duties while they troubleshoot backup problems or restore data?

Security Considerations

The security of your backup operations, as well as the security of the storage location, is of paramount importance. Take the following questions into consideration when planning for the security of company data:

  • Where are the backup tapes stored?

  • What has been done to make the backup location secure in the event of fire, flood, theft, or another disaster?

  • How is the backup location monitored?

  • Are the tapes that are stored on-site always accessible to the people who need them?

  • If there are copies of backup media, where are they stored?

  • Is the backup location bonded?

Policy Considerations

Developing a backup-and-restore process and deciding what to back up requires that you either set or comply with company policy. Keep the following issues in mind when determining your backup plans:

  • What is the policy for backup, and how is your plan in compliance?

  • Are all modified files to be backed up, or does company policy specify only critical files or the files of certain users, groups, departments, or divisions?

  • Are any disks or volumes on the computer not to be backed up?

  • Are users responsible for backing up their own client systems?

  • Is there a charge-back system for the amount of storage used?

  • How is the backup process validated?

Technical Considerations

You also need to determine how your backups are performed. For instance, determine the following:

  • Does the system have to meet certain conditions before the backup starts?

  • How is the backup started — from the command line, from an icon, or by batch?

  • Are logs created and are they correct?

  • If the path is long, the file name odd, the file size very large, or the number of files large, does the backup still work? Can you restore files that have these characteristics?

  • Is the backup done to a local tape drive, remotely over the LAN, or remotely over the wide area network (WAN)

  • Does the tape verify that the backed-up data is correct?

  • How are the connections between a data source and the storage device verified before the backup begins?

  • Are computers equipped for power outages if operators are not present when backups take place?

  • Do backups occur on schedule?

  • What is the process in place for dealing with unforeseen occurrences during a backup or restore?

Testing Backup-and-Restore Procedures

Complete verification of the entire backup-and-restore process is critical. Develop backup-and-restore strategies with appropriate resources and personnel, and then test them. Testing backup strategies also demonstrates how much time is required to restore data. A good plan ensures fast recovery of lost data.

Try performing a trial restoration periodically to verify that your files are properly backed up. A trial restoration can uncover hardware problems that do not show up with software verifications.

After a backup strategy has been designed, test it thoroughly with as many simulated failures as possible. For example, if you use disk mirroring, simulate a disk failure by removing or powering down one of the mirrors and ensure that remaining mirror continues to operate without interruption. Again, while RAID is effective, it does not eliminate the need for backups. A data recovery plan based on disk mirroring alone offers no protection if a computer is stolen.

The following questions can help you assess your verification strategy.

  • Has every option that you expect to use been tested?

  • Do automated backup instructions work?

  • Does the backup-and-restore process work properly?

  • After you make changes to the operating system (such as installing a service pack), or the backup program, does the backup-and-restore process work properly?

  • After you make hardware changes (such as installing a new controller or tape drive, or changing the BIOS on the motherboard) does the backup-and-restore process work properly?

  • When you change the hardware or software involved in a backup, how do you verify that you can use the old tapes?

Documenting Backup-and-Restore Procedures

Keeping accurate backup records is essential to finding missing information quickly, particularly if you have accumulated a large number of high-volume media. Thorough records include media labels, catalogs, and online log files and log books.

Media labels    Labels should contain a date, the type of backup (normal, incremental, or differential), and a list of contents. If you are restoring from differential or incremental backups, you need to locate the last normal backup and either the last differential backup or all incremental backups created since the last normal backup. Alternately, you can label media sequentially and keep a log book of media content.

Catalogs    Most backup software includes a mechanism for cataloging backup files. Backup stores backup catalogs on the backup media and temporarily loads them into memory. Catalogs are created for each backup set, or collection of backed up files from one drive.

Log files    Log files include the names of all backed up and restored files and directories. A log file is useful when restoring data because you can print or read it from any text editor. Keeping printed logs in a notebook makes it easier to locate specific files. For example, if the tape containing the catalog of the backup set is corrupt, you can use the printed logs to locate a file.

Conducting Verify Operations

A verify operation compares the files on disk to the files on backup media. It occurs after all files are backed up or restored, and it takes about as long as the backup procedure. It is recommended that you perform a verify operation after every backup, especially if you back up to a set of media for long-term storage. A verify operation is also recommended after file recovery.



If a verify operation fails for a given file, check the date that the file was last modified. If the file changes between a backup and a verify operation, the verify operation fails.