Common backup blunders – how even the smallest error can cost you your data
31 May 2018
We all know backup is important, which is why most organisations ensure they have sufficient backup in place. After all, data is valuable and needs to be protected. But having the right backup is only part of the solution; the rest is up to the policies in place and the people who use it.
Instances of data loss due to simple human error are more common that you might think. Often, the error is discovered and fixed before any real harm can be done, leaving little behind save for some embarrassment or a funny story to tell at after-work drinks. However, despite lingering awkwardness, the following examples of real life blunders serve as reminders of how a little mistake can have a major impact.
Please note: We have changed the names of the persons in this article to protect their identity…and their reputations.
Are you backing up to the right location?
A company had a process in place to automatically back up their applications to an external hard drive on a monthly basis. They decided on a cloud backup solution for additional protection, with the intention of still retaining the external hard drive backup, which would then also be backed up to the cloud. A sound back up strategy, if it worked…
When “Bertie Blunder”, the person responsible for backing up to the cloud searched for the relevant hard drive, he discovered it was plugged in, but not visible to the Server’s operating system. Curiosity made Bertie check the application backup settings and he found that the application was, in fact, backing up to a location on the same server on which it was hosted, and not to the external hard drive at all, meaning the backup to the cloud was also not taking place.
It appeared that no-one had double checked to confirm the location of the backup file, and the business, assuming everything was backing up fine, had been not only backing up to the same location as the application but had also overwritten all previous backups, leaving them with only their most recent months’ worth of data for the app. If the server had crashed, all data would have been irretrievably lost – and Bertie would have lost his job.
The takeaway from this story is to ensure that you are not a Bertie and your backup is being done to the right location and that it is not overwriting previous backups, ensuring that should you need to restore your data, you have more than a month’s worth to fall back on.
Are your backups labelled properly?
“Carla Creative”, a graphic designer working on a large project for an international client, wanted to protect her work, in order to do this, she made sure to back everything up to an external hard drive. A few days into the project, Carla discovered the file on her computer was corrupt and, grateful for the foresight, she plugged in her hard drive and accessed her backed up work – but the work was not there! In a panic, she worked several days and nights to get back on deadline, again ensuring she backed up and double checking her back ups to make sure they were there.
That weekend, Carla mentioned it to her brother-in-law in casual conversation. Her brother-in-law commented in sympathy, saying his daughter had been trying to save school work to her external hard drive, but kept getting a message saying that her hard drive was full. At this point, they realised the error: the designer had taken her niece’s hard drive to work and left her own drive with her niece.
After exchanging devices, Carla was happy to find her backups were undisturbed, however, she couldn’t get back the time she had lost working to get back on schedule. Had Carla’s hard drive been clearly labelled, she would have not taken the wrong device with her and could have avoided the stress of catching up. A cloud backup would have been even more convenient and efficient, ensuring that there was no need for carrying around a piece of hardware that could, as shown, easily get lost or even stolen.
Does your backup team know what they are doing?
Training is a very important part of backing up, and making sure those responsible for your backups know what they are doing can make the difference between having a backup and not having one.
“Attie Admin”, a rookie IT administrator was in his second week of a new job when he was asked to run backups. Looking to impress, he did not ask for instruction and took the task in hand, himself. Attie discovered a machine with a folder clearly marked “backup” and used it to run the backup, however at five o’ clock the backup stopped due to an interruption in connectivity. The following day, he began the backup 30 minutes earlier and physically monitored the backup. Once again, the backup failed at five. The next day, he began the backup at three o’ clock, to be sure, and it completed.
The following day, Attie wanted to be certain the backup had worked and how much space was still available, so he went to work early and logged onto the network, searching for the device with the folder marked “backup” – only to find it was missing. After a mild panic, he went to his boss and reported the missing backup.
Attie’s boss discovered a folder marked “backup” located on another user’s desktop, containing the entire backup; a user who began work at 08:00 and left at 17:00 every day, explaining why the device was only available between those times.
Had Attie asked for help, had proper training, or had a backup policy to work from, this error could have been avoided. To add to this, the business should have had proper file labelling done to ensure that backups were done to the right place, whether on an external device or to the cloud, and a proper record kept of all backups.
Backing up needs people, policies and procedures
There are many more stories similar to these, of individuals who save backups to the wrong place, or who accidentally overwrite their backups instead of storing multiple, individually dated versions. There is even a case of an individual who unwittingly infected their organisation’s backup with a ransomware virus by plugging the backup device into an infected network.
The horror stories are real, and can easily be avoided. Businesses should take care to ensure that they have the right policies and procedures in place to carry out their backups, as well as ensuring the individuals responsible for those backups are well trained, well informed and capable of carrying out the business critical task of backing up.