The cost-benefit analysis of database backup strategies

In the Asia-Pacific region, six in 10 organizations experienced a data breach last year, according to a recently released Forrester Decisions study.

In addition to the strain on management and company resources, it also took an average of 33 days for the impacted organization to eradicate the attack and another 11 days to recover, with the costs of each breach averaging $2.2 million.

In Southeast Asia, data protection as a business culture is still gaining awareness, and with remote working becoming more common, greater urgency and action are needed. Data plays a vital role in any successful business, and backups are central to any data protection strategy. Protecting this data is mission-critical, and it falls to database administrators (DBAs) to organize, maintain, and secure it.

The most effective way for DBAs to protect data is through database backups, a process designed to copy the data and schema from an existing database and save it elsewhere for future retrieval.

Like any process in IT, however, there are a few factors to consider when devising a database backup strategy to ensure it meets your business needs.

Set clear objectives

There are two objectives any organization or DBA should know when backing up data: recovery time objectives (RTOs) and recovery point objectives (RPOs).

RTOs refer to the amount of time needed to recover data, and RPOs refer to the point in time to which they must be able to recover. For example, the business might need DBAs to recover data to a backup made within the last day (the RPO) and may need it to be done within an hour of a disaster (the RTO).

Before a DBA devises a database backup strategy, they must be clear on these objectives and ensure the recovery strategy they devise will deliver on these goals. Backups by themselves are useless, but restores are priceless. Start by planning a recovery strategy, and let it guide your backup strategy.

The cost-benefit analysis

When building a strategy of any kind, it’s important to conduct a cost-benefit analysis for every aspect. For a database backup strategy, this filters down into the frequency of the backups and where the backups are stored.

Too much time between backups leaves data vulnerable. Businesses often lose track of the expanding data in their databases. If the recovery process isn’t tested frequently, you may find the backups are unusable or no longer meet the RTO/RPO requirements. This, of course, is when disaster will strike.

Another cost to consider is where your data is stored. A business can pay for offsite or cloud storage, both of which have their own—often large—price tags. Paying for larger storage space and performing frequent backups will increase a business’s ability to recover and secure its data, but it comes with a cost. This is an essential consideration for businesses, especially as their data sets grow.

Optimizing database backup strategies

Once the costs and benefits have been weighed, it’s time to optimize the database backup strategy.

First—and most importantly—DBAs should restore databases periodically to ensure they can perform recovery when it matters most, such as in the face of a ransomware attack. However, it isn’t feasible to constantly test each backup. This is where statistical sampling comes in. With statistical sampling, DBAs can figure out how many databases to restore periodically to minimize cost and maximize their ability to restore all databases in case of disaster. Instead of wasting time, energy, and money testing every backup every day, implementing statistical sampling allows DBAs to be 95% confident all the backups can be restored.

In theory, a backup shouldn’t impact any other operations happening inside the engine. But backups are often stored within a business’s shared systems, causing a major bottleneck every time a backup is performed. To avoid this, stagger your backups—undertake some at 2 a.m. and others at 5 a.m., for example—to avoid throttling the network and interfering with other systems and the normal course of business.

Implementing an effective database backup strategy is a no-brainer. But for it to be successful, businesses must appropriately analyze costs, risks, and benefits to determine the scale of the strategy. It’s also important for IT managers to understand their backup strategies holistically—from a business and an IT perspective—to ensure a cost-effective and robust database backup strategy is in place.

Thomas LaRock is the Head Geek™ at SolarWinds.

TechNode Global INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.

CISOs: Collaboration and Visibility into OT networks is necessary to mitigate future OT cyber risks