Taking Backups out of Users' Hands

By Bruce Schneier
MacWEEK
October 19, 1992

Convincing people to back up their hard disks is a universal struggle. Most people make backups irregularly, if at all. And whether or not the backups are labeled or even if they can be used to restore data in the event of a disk crash is usually the responsibility of the individual user.

As companies downsize their computing centers, more critical applications are moving from mainframe computers to networked microcomputers.

The data on these microcomputers can be crucial to the life of the company, and network managers are loathe to leave the important task of backup to chance.

More companies today are moving to network backup strategies. Products such as Retrospect Remote from Dantz Development Corp. of Berkeley, Calif., SnapBack from Golden Triangle Computers Inc. of San Diego, NetStream from Personal Computer Peripherals Corp. of Tampa, Fla., and SafeDeposit from TerraNetics of Los Angeles are making the backup process simpler by taking it out of the hands of the user.

Backup Gammon

Each of these remote backup packages consists of a program residing on a machine designated as the backup server and extensions for the client machines on the network.

The network administrator works out a backup schedule: when the backups will occur, which machines will be backed up, whether the backup will be full or incremental, and what security or filtering options will be applied. At the assigned time, these programs go from computer to computer on the network, backing up appropriate files and folders. Some packages perform file restoration over the network as well.

One $449 Retrospect Remote package supports 10 remote Macs, and users can add more with $249 Remote 10-Packs or $1,095 50-Packs. SnapBack is marketed similarly: The initial package costs $129 and supports three remote Macs; additional remote packages can add six ($229) or 12 ($329) more remote machines, and site licensing is available.

What these programs do is lift the burden of backups from individual users.

Instead of constantly reminding users to make regular backups, network administrators are installing these network backup programs and taking the matter back into their own hands.

Backdoor Backup

"Most users don't bother with regular backups, so any solution that takes them out of the picture has a better chance of working," said John O'Leary, director of education at the Computer Security Institute in San Francisco.

Mark Goldenberg, senior systems support engineer for Hughes Aircraft Co. in Fullerton, Calif., agreed: "It makes a lot more sense than individual backup." It was far cheaper for Hughes to buy a centralized system than to buy tape drives for each of the 450 Macs on the network. And more effective: "Most of my users don't bother to do backups," Goldenberg said.

Goldenberg chose Retrospect Remote and a set of 1-Gbyte tape drives. Software for all machines on the network was expensive (more than $10,000), but Goldenberg said it was the most cost-effective solution. "The hard part was convincing management that the centralized backup software was worth the investment," Goldenberg said.

Glenn Fleishman, course manager at Eastman Kodak Co.'s Center for Creative Imaging in Camden, Maine, made a similar choice. "We have as many as 48 students in the building who can create as much as 2 Gbytes of graphical data a day." The students couldn't be responsible for their own backup, so the center bought a WangDAT 2600 that stores 2.6 Gbytes with hardware compression.

"Retrospect Remote handles the compression for us automatically," Fleishman said. "And I wrote a series of scripts to select only documents and not applications."

Craig Mchugh, president of Computer Support Associates in Costa Mesa, Calif., installed SnapBack for two clients, one with 14 Macintoshes and the other with seven Macintoshes.

"SnapBack is easy to get up and running," Mchugh said. "I do a daily backup of important data files. I set the labels on the files across the network, told SnapBack when to do the backup, and it just happened."

Roy Roper, assistant director of network information technologies at the School of Life Sciences at the University of Illinois at Urbana-Champaign, uses remote backup as part of a larger backup strategy. "We feel that part of our responsibility for training individuals is to make sure they take primary responsibility for their own drive and their own data. We take secondary responsibility and use Retrospect Remote, backing up all the drives once a day."

Mirror, Mirror on the WAN

For users for whom even regular backups are not enough, TerraNetics sells SafeDeposit for $595. (TerraNetics was recently acquired by Dayna Communications Inc. of Salt Lake City but will continue distributing SafeDeposit for several months.)

SafeDeposit is an automatic backup utility and offers full-time protection from file loss. Instead of backing up disks nightly or hourly, SafeDeposit maintains an up-to-the-minute shadow of user-selected files and folders on a remote machine. This is similar to disk-mirroring or duplexing systems, but SafeDeposit does not mirror file deletions.

If a user accidentally deletes a file from a local hard disk, SafeDeposit's copy on the remote machine is still there.

The errant user then can restore the lost file via the Finder and AppleShare or through the program's own restoration utility. SafeDeposit also can be configured to back up files at specific times or by command, like other network backup programs.

"The problem with duplexing is that if you write garbage to one file, you write garbage to the other file instantaneously," said Computer Support Associates' Mchugh. "It's fine for catastrophic failure of the hard drive, but for general backup it's scary."

Mchugh installed DiskTwin 2.0 for two clients, a real-time disk-duplexing product from Golden Triangle. "If you're going to use something like DiskTwin, do a daily backup as well, because otherwise you're going to lose data. It happened to me."

User Responsibilities?

If you use a network backup program, should you still have users make individual backups? Managers disagree. "If users are on a network that is Retrospect Remote-equipped, then they don't have to worry about individual backups," said Bob Bowman, vice president and manager of PC support at Seattle First National Bank.

The Center for Creative Imaging's Fleishman agreed: "We don't do any other backup. Our users don't worry about it at all."

University of Illinois' Roper took the other side: "Backup is still the responsibility of the user. Our network backup is supplemental; we don't unload people from their user responsibilities."

Said the Computer Security Institute's O'Leary: "You have to make it easy for users to do backups. That might mean giving them a course; that might mean automating the process. Backups are too important to leave to chance."

Backup Strategies are Vital for Networks -- Choose Wisely

It's easy to make backup copies but hard to make backup copies that will work when they have to.

"I recently met someone who made backup copies every day. He carefully labeled each disk with the date and contents, and then stuck them to his file cabinet with magnets," said John O'Leary, director of education at the Computer Security Institute in San Francisco.

After you make your backups, you have to decide where they go. Putting them in a drawer near the computer isn't good enough. "You need backups off-site in case on-site isn't there any more," O'Leary said. "Last month, Hurricane Andrew relocated some south Florida computing centers to central Florida."

Computer networks need a backup strategy. Where are backups stored? What is the restoration procedure? Where are the backups to the backups stored? The answers to all these questions should be written down.

Exactly what backup strategy is best depends on the size and usage of your network. Most backup programs can be configured either to back up the entire network or to back up just the files that have been modified since the previous backup.

A full backup every time is ideal but may not be feasible. Some managers make incremental backups every day and a full backup every week. Some managers make incremental backups multiple times a day for critical databases, such as billing and customer information.

"I do an incremental backup of everything created within the last 36 hours every night. Once a week I do a full backup of all the office machines," said Glenn Fleishman, course manager at Eastman Kodak Co.'s Center for Creative Imaging in Camden, Maine.

Even if you are not going to save your backup copies for any length of time, backups should not be made to the same disk or tape every time. If a disaster should strike during the backup process, both the original and the backup copies may be lost. At a minimum, alternate between two complete sets of backup media. That way, there is always one available if the other is lost.

How long you should store your backup copies also depends on your particular needs. Some companies overwrite their backup copies as quickly as they use them. Others store weekly or monthly backups for years. Such archives can be useful in recovering files that have long been deleted or to reconstruct data for legal purposes.

"We save our backups for about six months and have used them to recover some important files," said Roy Roper, assistant director of network information technologies at the School of Life Sciences at the University of Illinois at Urbana-Champaign.

O'Leary offers this final advice: "Whatever your backup strategy is, make sure it works. Taking backups is not enough. You must see if you can restore from them. Can you do it? How long does it take? If the answers to those questions aren't satisfactory, rethink your backup strategy.

"Backups are a pain in the neck, but they will save yours," he said.

earlier essay: Remote-Link Details Matter: Gatorlink Vs. LanRovers
later essay: Different Configurations a Problem: Managers Adopting Varied Approaches
categories: Computer and Information Security
back to Essays and Op Eds

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..