Backup to the Clode - No Excuses

  • Comments posted to this topic are about the item Backup to the Cloud - No Excuses

    Brad M. McGehee
    DBA

  • We are looking into using the cloud as an extension of our datacenter, where backup fit in naturally. The challenge is to find the tools to do and manage it and preferably more than one that supports more than one cloud vendor. Access control is a major concern, encryption solves some of the problems. We haven't had time to any research into the tools area yet.

  • If a 747 were to crash into our data centre, I wonder how high up the list of concerns wondering if we had backups in the cloud would be...:laugh:

  • When I was working for a national UK bank, a while back, a passenger jet crashed within half a mile of our secure data center (placed outside the metropolis, in open country). It caused a major exercise in working out what would have been the effect on our operations if the plane had crashed a few yards closer. The answer, they concluded, would probably have been the disappearance of the bank. They'd never have recovered from the mess, and what is worse, countless thousands of depositors would have been unable to get their money out due to the disappearance of the necessary records of their account. This, in turn, could have caused widespread economic chaos. The bank therefore worked out a new system to enable it to survive such a catastrophe. This was passed on to other financial institutions and has since served well in subsequent natural disasters accidents, and terrorist organizations.

    Best wishes,
    Phil Factor

  • Depends where you are sitting in the world. Where I am, backing up into the cloud is just not an option, it's not security or risk, it's simple time, bandwidth and cost.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • Phil Factor (8/9/2009)


    When I was working for a national UK bank, a while back, a passenger jet crashed within half a mile of our secure data center (placed outside the metropolis, in open country). It caused a major exercise in working out what would have been the effect on our operations if the plane had crashed a few yards closer. The answer, they concluded, would probably have been the disappearance of the bank.

    Bank I used to work for had 2 data centres, 15 km apart, both (mostly) capable of running all the bank's systems. Allegedly the primary data centre was so strong that you could crash a plane on top of it and still carry on processing from there. Fortunately they've never had to test that.

    Edit: Missing letters...

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • Fair point.

    Leaving aside the impact on the economy of a failed bank (though that has been demonstrated to be manageable in recent times ;-)) having a plane land on your data centre or head office (or both for many companies) would be the end of the company regardless of backups. Data is not an organization's main asset - people are.

    Paul

    @Gail: It must have been a very complex query to generate a 'plan' heavy enough to trouble a steel-and-concrete building "laugh:

  • How far should the offsite storage location be? A disaster that would strike and cripple the whole city, then no place is secure within that city.

    Perhaps organisations need to look to storing data half way across the world. Or at least, have a copy of their databases sent across to atleast 3 continents. (organsations in US, could have their data sent to a city in Asia, Europe and Australia) - This is a surefire guarantee atleast. 🙂

  • I'd warn against routing backups to a central location and from there to other locations. The source of the data (the database server) is a bottleneck you can't avoid. The sooner you diverge routes to avoid subsequent bottlenecks, the better. If your central location fails (especially through connectivity) then you've lost two backups not just one, so it only takes the source server to fail and you're stuffed.

  • If you have 100gigs of backup files what is the realistic bandwidth needs to move these to the cloud? Seems that by the time I get the files into the cloud I would be moving the next days files. Same with using them to restore.

  • File-size vs bandwidth prevents me from doing that currently. Tapes get made of the backups, nightly, and get shipped to a different state.

    Means there's an overnight delay (at best) for getting them back, if needed, and even that has extra charges on it, but it's better than taking two days to upload a daily backup.

    With smaller databases, I have backed up to a location in a different state. Same continent, different tectonic zone. Main concern with that data center was hurricanes (it was in Houston), so having the backups FTP to a backup data center a thousand miles from the coast was a good idea.

    That wasn't bank data, or anything critical like that. It's loss would have shut down the company, but nothing much beyond that. But a separate, backup data center was cheap and easy enough that it made sense.

    With more critical data, like Phil's or Gail's banks, a hardened data center is easy enough to build, if you can afford it. Bunker/vault technology is pretty good these days. Lots of studies on how to make those virtually indestructible was done in the 60s, 70s and 80s. Anything that has a reasonable chance of surviving a nuclear war between the US and USSR (that was the threat then), can certainly withstand a plane crashing into it.

    - Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
    Property of The Thread

    "Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon

  • Pros:

    - Cloud is distributed; therefore, in theory, robust and redundant.

    - Cloud can be inexpensive as archived storage.

    Cons:

    - Public clouds (e.g., Amazon) are not secure; few financial institutions (banks, brokers) allow their DBAs to place sensitive information on the cloud, even if encrypted.

    - Public clouds can be expensive for archival storage, moreso than a redundant leased data center.

    - Network bandwidth to public clouds is poor, whereas leased lines can be run to non-cloud datacenters with relative ease.

    - In practice, for large storage, public clouds are often not distributed or redundant: the data resides on a particular set of disks, somewhere.

    My personal preference for large backup is a redundant datacenter (or leased storage) at a reasonable distance from the primary data center. As a Wall Streeter on 9/11, I can assure you that 50 meters is not a reasonable distance, and that while one might be able to crash a plane atop a datacenter, the ensuing fire and water damage can make the structural issues moot.

  • Just an observation, but it seems to me that I read a lot these days of security breaches due to lost, misplaced, and/or compromised backups. It seems to me the greater risk lies not it a major catastrophe, but in the very risks that entail using the cloud for backup storage. Unless, of course, you are encrypting the backups....

  • Paul White (8/9/2009)


    If a 747 were to crash into our data centre, I wonder how high up the list of concerns wondering if we had backups in the cloud would be...:laugh:

    Actually it's often not so dramatic. A crashed airliner is a rare risk. Flood, blizzard, hurricane are cases where a region might be affected, either directly or through power/communication failures (ice storms have a history of bringing down large areas).

    ...

    -- FORTRAN manual for Xerox Computers --

  • The Cloud is a lovely analogy, but that's all it is - an analogy. You're still forced to deal with realities like 'What are the privacy laws in the country where my data is physically stored?' and 'Can I even tell which country my data is stored in and how will I know if the location changes?'.

    The US Patriot Act, for example, left those of us outside the US scrambling to ensure that no private or confidential data was being stored on servers in the US where it could be subject to arbitrary search and seizure. I'm not interested in going through that again.

    I'll stick to offsite storage in a reassuringly physical vault a few miles away, thanks anyway.

    Robb

Viewing 15 posts - 1 through 15 (of 27 total)

You must be logged in to reply to this topic. Login to reply