Backup and DR
Data Recovery Best Practices for MSPs
If you have a highly automated managed backup routine in place, it can be easy to adopt a “set it and forget it” mindset toward backups. In other words, you stop thinking about your backups, confident that your software is handling everything for you, and that you’ll be able to recover data from your backups whenever disaster strikes.
This, of course, is a big mistake. In the world of managed backup services, backing up data is only half the battle. You must also take steps to ensure that you can perform backup recovery successfully, even if you are sure that your backups are being created effectively. ( with effective backup strategies for MSPs.)
There are a variety of considerations to weigh toward that end. Having a disaster recovery plan in place and performing regular recovery testing are among them, but they’re not the only best practices to follow for a successful backup recovery. You must also design your overall backup strategy to maximize your chances of a successful recovery when disaster strikes.
Keep reading for a list of backup recovery best practices that MSPs can follow to ensure that they are not only backing up their clients’ data, but also able to recover it quickly when needed.
Work backwards when planning backup routines
If you’re like most MSPs, your default approach to backup planning is to design a backup process first, then plan a recovery process based on it.
In fact, you should take the opposite approach: evaluate and address your data recovery needs first, then plan a backup routine that will support them.
This is important because data recovery operations can vary widely depending on which types of systems you are backing up, how much data you are dealing with, where backups are stored, and other factors. Your backup strategy should be tailored to these varying needs.
For example, if your client runs virtual machines hosted in the cloud, the ideal recovery process will probably involve recovering to new virtual machines using image-based backups. To support that recovery process, you’d want a backup routine that creates images of the systems you are backing up. Ideally, you’d store those images directly in the cloud, so that they can be accessed quickly.
As a counter-example, consider a client that stores large volumes of data on-premises. To recover that data successfully, you’d likely want to be able to perform recovery of individual files or directories, since you may need to recover only specific parts of the data set instead of all of the data. File-level backup would make much more sense in this scenario. Local backup storage might also be more desirable because it would enable faster recovery (by avoiding the need to move data from a remote site in order to perform the recovery).
Of course, whatever form your backup plan takes, it should reflect not just recovery needs, but also the 3-2-1 backup rule and other key backup best practices.
Design backups to handle specific disruptions
Depending on which clients you are working with, their systems and data may be more prone to some types of disruption than others. For example, clients with on-premises infrastructure who are based in areas where fires, earthquakes or severe weather events are common are at a higher risk of disruptions related to these events. Meanwhile, other clients might store high-value data that places them at above-average risk of being targeted by ransomware.
Your backup and recovery process should reflect the kinds of disaster that are most likely to strike your clients. If natural disaster is the greatest risk, backing up data to the cloud (and perhaps designing a recovery process that allows data to be restored to systems running in the cloud, too) is critical.
In contrast, one of the most important steps to take to protect clients’ data against ransomware is to ensure that at least one copy of their backups is “air-gapped,” meaning it is disconnected from the network. That way, there is virtually no chance of ransomware reaching the backup data. In this case, storing all copies of backup data in the cloud makes less sense, because cloud-based backups can’t be fully air-gapped (since the cloud is always connected to the network in one way or another).
Set priorities for disaster recovery
When performing a backup recovery, some data or systems are likely to be more important than others for the purposes of getting your clients back up and running. You should make sure that your disaster recovery plan reflects this by identifying which data should be restored first. Your plan should also include instructions on who will recover what, and which facilities will be used for disaster recovery.
For further tips on designing an effective disaster recovery plan, check out our disaster recovery planning checklist.
Document all backup operations and systems
Even if you have a reliable, automated backup routine in place, being able to recover data quickly from backups will be difficult if you don’t know exactly how the backup system works, where backups are stored, how many versions of backups you have on hand, and so on.
For this reason, it’s essential to document your backup operations and systems. Your documentation should make it easy for any member of your team to understand how the backup routine works and locate backup data quickly in the event of a disaster.
Communicate with clients
Your clients hire you to perform managed backup services because they don’t want to be responsible for their own backups. This does not mean, however, that you shouldn’t communicate with clients and keep them in the loop. On the contrary, make sure your clients are aware of the backup services you offer them, and that they have clear expectations for how long backup recovery will take and what it will entail in the event that disaster strikes. (Check out our article to learn more about common backup recovery mistakes.)
Test, review and update your disaster recovery plan
Last, but not least, testing, reviewing and updating your disaster recovery plan on a regular basis is critical for ensuring a successful backup recovery. This is important not only to ensure that the plan can be executed successfully, but also because backup and recovery needs change constantly. It’s only by reviewing and updating your plan regularly that you can be certain that it is tailored to your clients’ ever-changing needs.
Your disaster recovery tests should be systematic and allow you to test your ability to perform backup recovery in the face of the various types of scenario you may encounter. For tips on how to design disaster recovery tests, see our guide to disaster recovery testing for MSPs. You might also be interested in data breach response planning.
Conclusion
Having an efficient backup routine in place is great, but it’s only part of the puzzle when it comes to offering effective managed backup services. Equally important is a disaster recovery plan that can be executed successfully. Disaster recovery should be at the core of your overall backup planning strategy. After all, your ability to perform a successful backup recovery is the only thing that really matters to your clients at the end of the day.