Kill the data loss monster once and for all
“What IT product/service/development this year gave you the chills?”
Over a cup of really strong Puerto Rican coffee, sitting here in my timeshare in Humacao and staring out into the Caribbean, I pondered the possibilities. The tempting and obvious dig and easy way to get blog hits would be to take the usual stab at Vista with a wooden stake, shoot silver bullets at other proprietary and DRM-practicing witches such as Apple or Amazon, or wave fiery torches at Google in order to drive the monsters back. But that would be too easy, and frankly, I don't think any of the usual suspects merit a scary enough rating -- they don't even rank up there with Plan 9 From Outer Space as far as I am concerned.
What's really scary is the type of thing that nails you due to your own inability or willingness to act, not by the actions of another vendor or the behavior of a particular product. I'm talking about neglecting your Business Continuity and Resiliency, be it on a personal or an enterprise level. And while these monsters are extremely easy to defeat, if you don't make the adequate preparations beforehand, they will strike you dead. You can lose valuable data, lose customer confidence, as well as lots of money. Now THAT is truly scary.
Click on the "Read the rest of this entry" link below for more.
On the personal computing side, I can't tell you how many times this year I've been called by a friend or family member to help fix a computer that has "crashed" or is unrecoverable. My first question is the obvious one - "So, how do you handle your backups?" I frequently get blank stares as a response, and that's when I know we're in big trouble.
If your primary storage medium really is unrecoverable -- in other words, if you can't get access to the data via something like System Rescue CD or successfully mount the drive on another computer to retrieve your files, you need to have some sort of backup mechanism where you can either restore your critical data to a newly rebuilt OS or do an image-based restore. Much of how this is accomplished depends on what we in the Business Continuity and Recovery Services business call your RTO and your RPO - or your Recovery Point Objective and Recovery Time Objective.
For your average end user, the RPO is the most important consideration -- you want to be able to recover your files and data at a point in time closest to when you incurred the actual data loss. Whether it takes you an hour or a day to get the data back (your RTO) for a home user or small business is probably unimportant. For an enterprise, that's an entirely different matter.
Some companies require RTO's of less than 4 hours, and some I've seen as high or higher than 72 hours depending on the criticality of the system or tier. Very low RTOs and RPOs require some very sophisticated solutions such as SAN snapshotting, replication technologies and Disaster Recovery (DR) sites and protocols. But most end-users are usually happy just to get their data back, period, and don't require anything nearly as infrastructure-intensive.
How can you as an end-user kill the data loss monster for good? Well, it's as inexpensive in most cases as going out and buying a secondary USB hard disk for less than $100, attaching it to your personal computer, and installing a free piece of software such as Cucku Backup, which can be configured to automatically back up your system to that new device in less than 5 minutes.
If you don't want to keep a backup drive onsite, or want a secondary backup mechanism that would protect you in the event of a true disaster, such as a flood or a fire, you can look into solutions such as Carbonite which will automatically back up your critical data over the Internet for a small yearly fee depending on the amount of offline storage you buy. Iron Mountain, which is a high-end service that is usually reserved for Fortune 500 companies, also has an Internet-based backup solution for small businesses, but it's a lot pricier.
As with any service, you need to weigh the maintenance fees against what a real failure would actually cost you, and what combination of services make the most sense and what data is more critical than others - obviously, your MP3 collection and your family photos from last Christmas probably aren't as important as your Quicken/Quickbooks files or your Office documents, so you should be burning your non-critical or static data to cheap storage such as DVDs or a backup hard drive instead of using net-based backups which charge for storage and bandwidth by the gigabyte.
Note to Google, Yahoo, Apple, Microsoft, IBM, HP and Amazon -- here's an area where you guys could really clean up and gain some serious customer loyalty -- by providing affordable and easy to use Internet backup services.
In the event that you incur a complete hard disk failure, you'll still need to re-install your OS and apps and your backup software package, no doubt a very time intensive process wrought with headaches, but you'll get your important data back if you've been doing daily backups. To bring back your entire system with OS, apps, data and all with minimum stress, you might also want to look into image-based solutions such as Acronis or Symantec GHOST which can be combined with the aforementioned USB backup drives and traditional file-based backups to restore from incremental data loss.
Linux users should definitely look at System Rescue CD for a great open source system imaging solution. As with any backup solution, image-based backups are only as good as how recent they were taken, so be sure to combine this with a file-based backup solution.
For those of you who want a completely transparent redundancy solution, you might want to consider putting in a second internal hard disk and configuring your system for RAID-1. RAID used to be for enterprises only, but every single consumer version of Windows has supported it out of the box since Windows XP, and it's been in NT and "Enterprise" Windows desktops for ages.
For Windows RAID, simply install a second hard disk, partition it to be the exact size of your existing hard disk partitions, open up the Disk Manager in the Microsoft Management Console (MMC) and create a software RAID 1/Disk Mirror -- no expensive RAID controller is needed, but your CPU will incur a little bit more overhead by mirroring the drive.
If your primary drive fails when you are using software mirroring, simply swap the cabling with your secondary drive and you are good to go, although it's possible in some rare circumstances that you might destructively write or erase data on both drives simultaneously (I've seen this happen with things like database apps where no actual OS or hardware "crash" occurs but the application itself misbehaves causing a data loss) so you should always have a secondary backup/restore method handy.
Linux also supports software-based drive mirroring, but the setup is a little more complicated and you'll want to consult the 'HOWTO' guides on the Internet if you want to head down that route.
If you need higher disk performance and a no-brainer setup for Windows, Mac and Linux, you might want to look at a hardware-based solution from AMCC 3Ware or from Adaptec, both of which sell desktop caching SATA RAID controllers in the $200-$300 range depending on what features you need.
Some motherboards on higher-end PCs also include RAID controller chipsets. With RAID controllers, you set up the mirroring in the controller BIOS and the RAID chipset does all the work - the host OS sees just one physical hard disk, even though you might have two or more (RAID-5) disks installed. When a drive fails, the controller does all the hard work of re-syncing the data when you put the replacement secondary hard disk back in.
Finally, let's address another monster that a lot of users ignore - virus checking and anti-malware solutions. With so many inexpensive and well-designed programs on the market today, there's no excuse for not having one installed or letting your subscription expire.
On Windows I continue to be impressed with Symantec's Norton Internet Security 2009 - it's an excellent package and is far less resource intensive than previous versions for an all-in-one antivirus/antispyware/firewall solution. For a free antivirus I like Avast! Home Edition, and for anti-malware and routine system maintenance tools, IOBit's Advanced Systemcare 3, CCleaner.com and Safer-Networking.org's Spybot Search and Destroy should be on everyone's download list.
With the inexpensive data resiliency and backup solutions available on the market today, you don't need to be the victim of a bad horror movie. Got another great solution? Talk Back and let me know.