If you take snapshots of your data, you may think your systems are safe against the risk of data loss or destruction.
But when it comes time to restore data, you might be in for an unpleasant surprise: Discovering that, despite having snapshots on hand, you’re not able to restore data successfully or maintain acceptable levels of business continuity.
This, in a nutshell, explains the differences between snapshots and comprehensive data backups. For details, keep reading as we unpack everything you need to know about snapshots vs. backups and the role that each plays in a modern data protection strategy.
What are Snapshots?
In the context of data management and protection, snapshots are copies of a data resource (such as a database or file system) that you create on a one-off basis. They’re called snapshots because they’re akin to taking a picture with a camera: Snapshots provide a copy of your data at a particular point in time, just as a photo that you snap with your camera records a scene at a particular place and time.
Snapshots are typically defined by the following key characteristics:
- Periodic and sporadic nature: Snapshots are often taken sporadically, usually when an admin manually clicks a button or runs a command to generate a snapshot.
- Stored in production: Snapshots are stored alongside production data – meaning that if you take a snapshot of a database, for example, the snapshot is likely to reside on the same server as the database itself.
- Unpredictable retention: It’s common for admins to remove snapshots frequently to free up disk space. Usually, there is no deliberate, systematic retention or deletion policy for snapshot data.
- Manual recovery: Due to the way snapshots are created and stored, they’re not usually set up to be part of an automated data recovery process. Instead, restoring data from a backup usually requires manually copying data from the snapshot to a recovery environment.
- Environment-dependent: Because snapshots create an exact copy of data, they can usually only be used for recovery if the recovery environment is an exact match of the original environment. Otherwise, variables like configuration settings or operating system version differences could prevent successful recovery.
- Lack of encryption: Snapshots are usually not encrypted by default. As a result, anyone who is able to access the snapshot can view data within it – including sensitive data, such as Personally Identifiable Information (PII).
In short, snapshots are irregular data backups that are not usually managed in a systematic or secure way. This may be useful if your goal is simply to create a one-off copy of a specific database, file system or other resource. But snapshots fall far short of serving as adequate backup solutions or providing comprehensive data protection.
What are Backups?
In contrast to snapshots, backups are copies of data that an organization can reliably, efficiently and securely use to recover systems in the event of failure.
To enable this outcome, backups provide the following capabilities and features:
- Regularity: Instead of copying data on a sporadic basis, backups are based on systematic copies of data created on a regular schedule – which typically reflects an organization’s RTO and RPO goals.
- Dedicated storage: To help ensure that backups will remain available if production systems are disrupted, backup data is typically stored on separate infrastructure. For example, you might store backup data in a separate cloud or an offsite data center as part of a 3-2-1 backup strategy.
- Immutability: Backups can be configured to be immutable backups, meaning that the data inside them cannot change. This also helps to ensure recoverability by preventing tampering with backup data.
- Clear retention policies: Backups are subject to clear and consistent retention policies that define how long each backup remains on hand and when old backups are deleted to make room for more recent copies of data. Retention policies are also based on RTO and RPO priorities.
- Automated and flexible restoration: By integrating backups into preconfigured recovery workflows, organizations can use backups to drive automated, flexible data recovery.
- Environment-agnostic recovery: Backups can be configured to support flexible recovery that works across different types of environments – meaning that even if your recovery environment is not identical to your original environment, you can still successfully restore operations.
- Encryption: Backup data can be encrypted both at rest and in transit to prevent unauthorized access to sensitive information.
In each of these respects, backups help to protect against data loss and ensure businesses continuity in the event of disruptions like server failures or ransomware attacks.
Snapshots vs. Backups: Comparison Table
Characteristic | Snapshot | Backup |
---|---|---|
Regularity | Often sporadic, with no way to track snapshots on an organization-wide level. | Regular, automated backups that can be centrally monitored via a backup management console. |
Storage | Often stored on the same infrastructure as the original data, making it prone to ransomware or data loss in the event of infrastructure failure. | Backups are stored on dedicated storage. Storage can be immutable and redundant to provide extra protection. |
Retention | May be removed with no warning to clear space. | Clear and predictable retention policy. |
Restoration | Often manual and inflexible. | Flexible and automated. |
Environment and system dependency | Depends on the original system; often, must be restored to a similar or identical machine or environment. | Environment- and system-agnostic backups enable restoration without requiring an identical recovery environment. |
Encryption | Not encrypted by default. May contain sensitive data that is viewable by anyone who can access the snapshot. | Data is encrypted at rest and in motion, safeguarding sensitive information. |
The Role of Snapshots in Data Backup
Now that we’ve outlined the key aspects of both snapshots and backups, let’s explain the relationship between the two.
There are many ways to create data backups, and snapshots are one possible option. However, to serve effectively as backups, snapshots must be:
- Created on a regular, consistent schedule
- Subject to consistent retention policies
- Configured such that they enable automated, flexible, environment-agnostic recovery.
Ad hoc or sporadic snapshots don’t have these qualities, so they’re not effective as a backup solution.
Thus, while it’s possible that having snapshots on hand means your data is protected, this is not necessarily the case. It depends on exactly how you manage your snapshots.
It’s worth noting as well that in some cases, backup methods other than snapshots may be a better option. For example, file-level backups (which create copies of individual files instead of generating a snapshot of an entire system) are typically preferable if you want the option to recover specific files easily.
Likewise, transactional backups (which back up transactional data instead of creating a complete copy of a database) can save storage space and may be appropriate for systems (like transactional databases) that can be reconstructed based on transaction logs, without requiring a complete snapshot to be available.
When to Use Snapshots vs. Backups
Snapshots and backups serve useful, but distinct, purposes.
The main use case for sporadic or periodic snapshots is creating copies of data at a specific point in time in case you want to restore a system to that point in time at a later date. For instance, if you’re planning to upgrade a database, you could create a snapshot before the upgrade so that you can restore the database to the original version in the event that the upgrade fails.
Snapshots can also be useful in data migration scenarios, such as migrating the file system for an on-premises server into the cloud. In that case, you can create a snapshot of the server’s local file system and convert it into a storage resource supported by your cloud provider (such as an EBS volume on AWS).
Meanwhile, if you want to protect your data against unexpected loss, corruption or cyberattack, you should use backups. Sporadic snapshots aren’t sufficient for data protection because they don’t provide the comprehensive coverage or recovery automation capabilities necessary to ensure that you can restore operations quickly following a data loss event.
Conclusion
In short, snapshots and data both have valuable roles to play. But when it comes to protecting against data loss and mitigating risks like ransomware, backups are the only real solution.