Key questions here are how long does it take to recover each type of data and have those recovery processes been tested and validated? There may be data generated on-site that transitions to the cloud, or is protected in the cloud, or data that lives and is protected entirely in the cloud.įrom these first three categories of enquiry it will be possible to assess how well protected different types of data are and how that fits with the value the organisation places on it.įourth, the audit should look at data recovery. When examining source and target in terms of data and its protection, it will also be necessary to look at use of the cloud from these angles. That may include whether there is or needs to be geographical separation or air-gapping ( such as with tape) that can be important in a number of recovery scenarios. Third, what is the target for backups? Where do backups go? Where is data replicated to, where are snapshots retained? Answers to these questions should cover the type of media that data is backed up to, as well as its physical location. But this could also cover snapshots and replication, and CDP, and whether they run from the application, storage array or backup software, for example. That means, by what backup application most likely. Second is to record the way in which these types of data are protected. Automated means of doing this are available, and are more reliable than writing a list. Namely, where is data held? This can be categorised by location and storage, the type of data, the applications it relates to, whether system data, test data and so on. The first area the audit needs to cover are the sources of data. The job of a backup audit is to accurately record the entire process of backup, data protection and recovery. These findings can then be reviewed and any shortcomings addressed. More correctly, it should be called a backup and recovery audit, or even a data protection audit.īut whatever we call it, the basic function of such an audit is to get an accurate picture of what data is being protected, how it is being protected, how it can be recovered, and whether all this is verified by testing and secured by ongoing policies and procedures that ensure it’s efficiently working. ![]() ![]() It’s therefore vital to know that your data protection measures work, and that you can recover the data you need should something go wrong. That can include mission critical operations, vital data in business terms, and that for which regulatory compliance is an important concern. All areas of activity can be severely compromised without the ability to roll back to previous versions of files, directories, servers and so on.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |