Sign in to follow this  
Followers 0

Server Backup Strategy

9 posts in this topic

Posted

Basically I

Share this post


Link to post
Share on other sites

Posted

I do windows shadow copy for my backups 4 times a day to capture the changes that are made through out the day.  I do a weekly full and daily incremental backups to cover my system at a complete systems failure. Daily differentials are done on databases. 

1 person likes this

Share this post


Link to post
Share on other sites

Posted

Good stuff sc302. (Y)

I bascially do nightly incrementals along with 3 shadow copies during the day.

I offsite to Azure at 1am as well. :)

Share this post


Link to post
Share on other sites

Posted

I would like to use cloud based backups, but I don't have full control of it.  Corporate secrets, intellectual property, and what not.  Cant take the risk of someone or something snooping and then selling it.  Unfortunately public cloud is not for the business I am in because of lack of control.  I can create my own local cloud spanning sites, but I cannot use a public one.  If I weren't in manufacturing or design this would be a different scenario, many businesses do not fall in this area. Imagine how much business coke would loose if someone created an exact duplicate of their recipe.  Can anyone guarantee the formulations safety in the cloud?  I don't care how secure it is, everything is secure until someone finds a way to get into it.  WEP was secure in the beginning, now it is a joke.  Don't need to have that on my shoulders. 

Share this post


Link to post
Share on other sites

Posted

I would like to use cloud based backups, but I don't have full control of it.  Corporate secrets, intellectual property, and what not.  Cant take the risk of someone or something snooping and then selling it. 

 

That's only a problem if you have a poor quality backup solution. For example, if you are using Microsoft System Center Data Protection Manager / Microsoft Azure Backup, Microsoft cannot decrypt your cloud backups anytime in the near future, because you never provide them with decryption keys. It's not much different than using a service that keeps archives of your tape backups off-site, as you never give those entities your keys either.

Share this post


Link to post
Share on other sites

Posted

Each of our sites have 2 VM each with AD installed. The host server backs up these the VMs to our file server and an onsite NAS. The server image is also part of the nightly offsite backup to our cloud based storage which in turn is mirrored to a second data centre with like for like abilities.

Share this post


Link to post
Share on other sites

Posted

That's only a problem if you have a poor quality backup solution. For example, if you are using Microsoft System Center Data Protection Manager / Microsoft Azure Backup, Microsoft cannot decrypt your cloud backups anytime in the near future, because you never provide them with decryption keys. It's not much different than using a service that keeps archives of your tape backups off-site, as you never give those entities your keys either

The question comes down to trust.  do you trust microsoft enough to not be able to reverse engineer something that they designed or had a part in?  Do you trust that when you use their service that they will not snoop into your stuff?  People create back doors in security for many reasons, some of it being government mandates that we have no knowledge of.  Somethings I will leave out there for people to see as it is low risk, things that are high risk only exist in areas that I have full and absolute control of who/what/and where.  From a security stand point, you can never be too careful...and you have no clue what the programmers have designed into the security apparatus that leaves it vunerable to eyes.  Just like a storage locker in a storage facility, the owners can get it if they want to....you can make it harder by putting a safe in their storage facility, but they can get into that too if they need to, they just need to hire the right person to get into that.

Share this post


Link to post
Share on other sites

Posted

The question comes down to trust. 

 

If Microsoft's products have those backdoors, then so does everyone else's. All your security in this case is false, because they probably can just walk through your firewalls and servers without leaving traces if not also your tape backups.  They're not going to care about just one path into your data, they'll want them all.  Your trust in any of your security may be just as reality or illusion as your fear of online backup storage, even if you personally coded it yourself.

 

The idea of control may also be nothing than illusion, because you probably can't be any surer of that than anything else.  Did you trust OpenSSL?  If so, anything you secured through that was definitely illusion for years.

 

As for law enforcement, if they want your data, they

Share this post


Link to post
Share on other sites

Posted

I've always had good luck using Windows Server Backup & Microsoft's Data Protection Manager as well as doing manual SQL Backups and Weekly Acronis Images. Data Protection Manager is a great one to have if someone messed up a file and you can pick the date and time, kind of like volume shadow copy on steroids. But from what you described in your first post you look like your pretty set as long as you have a speedy network. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.