Best practices for backup audit preparation Backup training for general IT admins in the wake of COVID-19

An easy 10-step guide for testing backups

Creating and adopting a data backup plan is only the first step. To achieve complete data protection, you also need a backup testing strategy.

The importance of scheduling regular data backups to protect against the possibility of a primary storage system failure is well understood. Less widely recognized, however, is the fact that backups can also fail, potentially preventing access to essential data and throwing IT and business operations into chaos.

To prevent such a crisis from happening to your organization, it's necessary to create a strategy to ensure that your organization's data will always be safe, secure and rapidly available. The following 10 steps will guide you toward that goal.

1. Understand why backup testing is important and necessary

If files can't be successfully restored from backup after a system failure or some other type of disaster, there's a very strong risk that your organization will someday face business and financial catastrophe, including the possibility of fines and lawsuits.

Testing backups ensures that essential data is being fully and accurately preserved. If a test fails, the problem can be fixed before the data is lost forever. Testing backups also validates the effectiveness of the organization's backup policies and schedules.

2. Create a documented backup testing plan

A documented testing plan ensures that employees have the guidance and rules necessary to successfully perform data recovery, providing confidence that essential files will be rapidly available and fully intact when needed in the event of a primary storage system failure.

The plan should designate the parties in charge of backup testing and how often tests should be conducted.

3. Make testing backups a routine task

To assure backup validity and integrity, it's essential to carry out regular data restoration tests. Don't assume that an absence of error messages indicates that backups are running successfully.

Test backups with a full restoration process every week or month -- or even more frequently if critical data is involved -- to ensure that a hardware or software issue isn't compromising successful backups. Routine and comprehensive backup testing is necessary to highlight anomalies so that corrective action can be taken.

4. Take a holistic approach to backup testing

Every enterprise needs to understand its unique data layout and backup needs. A backup testing strategy that works well for one organization might be entirely insufficient for another.

Every organization has different backup objectives. Banking industry firms, for example, need accurate backups to meet compliance, audit and legal obligations. Healthcare organizations, meanwhile, are responsible for protecting patient data, so they must focus on security, retention and meeting various legal requirements.

Decide on your backup needs and begin planning from that point. To be thorough, all restore and recovery testing should include data, application and system state testing.

5. Test frequently in sync with a regular schedule

Ideally, a test should be conducted after every backup completes to ensure that data can be successfully accessed and recovered. In the real world, however, such a schedule is usually impractical due to a lack of available resources and/or time constraints.

A general rule of thumb is to commit to a regular schedule of weekly and/or monthly restores of systems, applications and individual files with checks to ensure that the data is valid and accessible as intended. Such an approach will also provide your organization with a realistic time frame for recovery in the event a storage system failure or disaster strikes.

It's also important to remember that not all data is created equal -- a fact that should affect the frequency of backup tests. Some types of data is more important than others. Government- or industry-imposed compliance data, for instance, might be considered more important than marketing data. Advance planning should be used to determine which types of data backups should be subject to more frequent tests.

Backup test schedule
This chart shows a draft backup test schedule for several different types of assets.

6. Tap into the power of automation

Automation should play a key role in any backup testing strategy. Organizations should strive to automate as much of their backup testing as possible to ensure consistency and data validity, as well as to reduce the burden on staff charged with testing backups.

Automating the entire backup and testing process will save time and effort, enabling team members to focus on tasks that require their high-level skills and insights.

7. Ensure that the backup test covers all bases

If the backup test doesn't actually test the entire workload being restored, it can't be considered a real test. Simply restoring a handful of files from a random archive and declaring success is tempting fate.

Test effectively by restoring complete archives to databases, applications and virtual machines.

8. Make testing backups an integral part of internal app development and deployment

Backup testing should never be an afterthought. Testing should always be kept in mind when developing and introducing new applications to the organization.

The most successful enterprise data management strategies involve knowing how and when to perform backup validation tests before allowing data to move into a production workload.

9. Ensure backup accuracy

Whenever data is restored, storage and database administrators should perform an initial health check to ensure there are no abnormalities or omissions in the recovered files.

A cursory examination might not be sufficient, however. Data that appears accurate to an IT expert might actually contain subtle errors that only a trained eye can detect. The end users of specific business applications are often the individuals best positioned to determine if a set of restored data is accurate and consistent.

10. Create redundant backups

Although cloud backup services are generally reliable, you might want to use at least two services in the event one cloud provider is unavailable when a rapid full restore is necessary or a test reveals some form of data absence or corruption on the cloud provider's end.

Inside the data center, never back up to only one tape or set of tapes. Maintain multiple backup media sets and test them all before storing the tapes in separate locations. Replace the cartridges every year or two, or even more frequently if signs of damage or wear are detected. The same holds true if hard drives are used for backups.

Dig Deeper on Data backup security

Disaster Recovery