Public sector backup strategy: Easier than ever; harder than ever

Public sector backup strategy is a complex beast that must operate in large and heterogenous IT environments.

Nothing struggles to keep up with change in IT more than backup and data protection.

Public sector backup strategy is a complex beast that must operate in large and heterogenous IT environments and amid ever-increasing compliance requirements.

Over the course of a mere decade backup and data protection built on the best practice of the time has soon begun to look like an artefact from the distant past.

And in the public sector this has been particularly acute, as generations of backup strategy have been layered on top of each other then come up against the drive to virtualised environments, contemporary disaster recovery and legal and regulatory compliance.

First there was tape. You backed up to it at main offices. You did the same locally at remote sites, and if something went wrong maybe there was someone who could fix it, otherwise that’s day’s work went un-protected.

Kent police quickly unifies backup strategy 

Kent police last year completed a revamp of its backup strategy that saw multiple backup and recovery platforms including Asigra, CA ARCserve, Symantec Netbackup and Syncsort replaced with Acronis Backup & Recovery across physical and virtual server estates.

The result has been a reduction in the backup window from several days to 16 hours and data recovery times down to less than one hour from three days. This is in an environment of around 500TB of data across a mix of more than 500 physical and virtual servers.

The force evaluated backup products that could do physical and virtual server backup from one interface with DR capabilities and granular recovery of files, said Andy Barker, ICT director at Essex and Kent Police.

“We required a tool that could backup all our infrastructure with one common interface and could support VMware, Linux and Microsoft platforms and also perform bare metal restores,” he said.

Kent Police bought 140 Acronis Backup & Recovery 11 physical server licences and 25 virtual edition licences to back up around 20TB a day from the virtual machine hosts and the VMs on them at its main datacentre and DR site using data deduplication functionality in Acronis that shrinks backups by up to 80 percent. 

Kent police’s experience demonstrates the achievement of best practice in backup strategy; achieving compliant data protection in a mixed virtual and physical environment from a starting point of very diverse backup arrangements.

It may also demonstrate what an organisation with an effective command structure and relatively few sites linked by adequate network connections can achieve.

Hopefully the tapes got taken off site too, but in many cases they didn’t and if disaster ever struck there was no way to get your data back.

And what backup product was in use? If you were lucky it was just one, at one main office. More likely there were more, perhaps the legacy of organisational consolidation where new and remote sites brought their own backup strategy into the mix.

The result was often a dizzying array of backup methods and products, each demanding different skills, onerous administration demands, and their own quirks and failures. Hopefully, you were – or are – on top all this and getting everything backed up outside production hours.

Compliance and virtualisation complicate backup strategy 

During the past decade the effects on data protection of legal and regulatory compliance have become ever greater too. No longer can effective backup and disaster recovery be an after-thought.

Now the Data Protection Act, the needs of legal e-discovery, credit card privacy requirements and Freedom of Information requests, among others, demand a first class data protection and backup strategy in which you must be certain of backup and recovery effectiveness across redundant sites.

To add to all this has come the virtualisation revolution, sending shock waves through the datacentre and backup strategy that continue to this day.

Virtual server backup has undergone a rapid and confusing evolution. Backup for virtualisation market leader VMware quickly cycled through several iterations of best and not-so-best practice, from an analogue of physical server backup with an agent per virtual machine, through the awkward two-stage process of VMware Consolidated Backup (VCB) to today’s use of VMware APIs that is now supported by all mainstream backup product suppliers.

Besides VMware there’s also Microsoft’s Hyper-V, which has its own peculiarities in backup terms and is not supported uniformly by all backup software products. Then there are Citrix, Red Hat and other players with small percentages of the virtualisation market that have even less support among backup software vendors.

All this which makes for massive heterogeneity in the landscape in which backup strategy must operate. Newer data protection methods have supplanted predecessors while rapidly diversifying IT environments and increasingly stringent legal and regulatory compliance requirements have placed increasing demands on their effectiveness.

But now, effective backup of physical and virtual environments that achieves compliance is perhaps simpler than ever – on paper – while more difficult than ever in real life.

Where the environment lends itself to a relatively speedy consolidation organisations have achieved the goal of a unified backup regime with best practices in disaster recovery provision quite rapidly. For many public sector organisations, however, negotiating complex IT environments and the needs of legal and regulatory compliance means a longer path.

Staffordshire council on a long road 

For instance, Staffordshire County Council had to deal with a massively dispersed and and diverse IT environment.

It has, nevertheless, made great strides from a heterogenous backup strategy environment to a unified physical and virtual backup regime, but still has decisions to make.

The council has 10,000 IT users and delivers Web apps, electronic document management, SAP, Exchange, and office apps from two sites in Stafford to hundreds of council offices throughout the county.

Working with so many backup products and solutions meant we had technical difficulties in backup and recovery, infrastructure failures and costly support and maintenance

Paul Hewitt, infrastructure manager, Staffordshire County Council

Currently it is part way through a major infrastructure refresh that will consolidate to mostly Microsoft Hyper-V on Cisco UCS servers and NetApp storage at one primary datacentre at Eastgate Street in Stafford linked to a secondary disaster recovery site at the Kingston Centre, just outside the town, via a 20Gbps link.

But in terms of backup strategy this refresh marks only the latest stage on a journey that stretches back several years and is set for completion in the next year or so.

The council consolidated onto IBM Tivoli Storage Manager in 2005 from an environment where many backup products were in use, including Veritas BackupExec and CA ArcServe at its main centres with dozens of local backup solutions at remote sites.

Paul Hewitt, infrastructure manager at the council, said: “There were big advantages in consolidating to TSM. Working with so many backup products and solutions meant we had technical difficulties in backup and recovery, infrastructure failures and costly support and maintenance. We just wanted to make it all easier to manage.”

Now the council is on TSM version 6 with full monthly backups and uses Predatar, a backup analysis and reporting tool from Oxfordshire-based supplier, Silverstring.

But, despite consolidating onto TSM, Staffordshire council has still to bring all backups under its wing. TSM can do virtual machine backup but the council is yet to utilise that functionality. Currently virtual machine backups are carried out by Microsoft Data Protection Manager for Hyper-V and using vSphere Data Protection in VMware.

Clearly there are disadvantages in running multiple backup environments and the council is undergoing a revision of backup strategy to overcome that. The discussion is not completed but key aims include placing TSM at the centre of the backup strategy, including for virtual machines, with some data still going to tape.

Hewitt’s team must also consider newer methods of backup, namely disk-based, for use cases where quick recovery of data is at a premium.

“We want to bring management of backups into one environment and at the moment we’re still working with backups within Hyper-V and VMware. We will move to TSM as the exclusive backup tool and we will still use tape in some cases. But we have to decide now to what extent we will use, for example, NetApp’s SnapMirror and Hyper-V Replica to backup to disk.”

Read more on Data protection, backup and archiving