Security Watch

New Hope for File and Data Recovery

Microsoft's Data Protection Server backs up file changes instead of whole files.

If you and I are going to survive in this industry, we've got to be looking not just at patching systems and making what we have work. We can't just concentrate on protecting systems; we've got to be prepared to restore systems and data for when protective strategies don't work. Weather, hardware failure, malicious intent and human failure can put you in recovery mode in a hurry.

While most of us share a similar problem, few have a good solution: how to quickly recover from data loss or corruption. Oh, we do our backups, rotate our tapes, and store copies offline. Some of us even have dedicated sites ready to help us build an entirely new data center in the event of a disaster. But what we lack is the ability to restore data to the exact point at which the failure occurred.

A daily backup is just that; the status of our data at the point the tape was made. The problem is that it might be some 20-odd hours ago. In some industries, losing a few minutes' worth of transactions can threaten business continuity. For others it means large amounts of manual updating. For all it may mean permanent data loss.

There are ways to reduce reliance on that daily backup, including:

  • Data replication. This is the process of copying transactions to duplicate servers.
  • Data mirroring and striping. This is the process of duplicating data across disks or splitting data and parity information over disks so the loss of a single disk doesn't mean the loss of all data.
  • Data vaulting. This involves sending duplicate data to data centers miles away from the point at which the original transaction was recorded.

These solutions, while fine for many setups, aren't practical for all environments and don't solve all problems. For example, recovery of a single user file can require hours of time and simply isn't practical unless the value of the deleted or damaged file is greater than the administrative time necessary for recovery.

But a new solution is on the horizon. Data Protection Server (DPS) is a Microsoft product now in beta that offers backup of changes within data files. The idea behind it is that instead of making a backup of an entire file, only the file's changes are backed up. DPS achieves this through a combination of data replication, the Volume Shadow Copy Service and advanced disk technologies. DPS will hopefully allow an admin to more quickly restore entire servers, and the end user to easily recover deleted files. It's too soon to know if Microsoft's got the answer to the requirements for swift, up-to-date data recovery, but DPS appears to be a move in the right direction. Would you like to test it for yourself? Register to be part of the product evaluation at http://www.microsoft.com/windowsserversystem/dps/default.mspx.

About the Author

Roberta Bragg, MCSE: Security, CISSP, Security+, and Microsoft MVP is a Redmond contributing editor and the owner of Have Computer Will Travel Inc., an independent firm specializing in information security and operating systems. She's series editor for Osborne/McGraw-Hill's Hardening series, books that instruct you on how to secure your networks before you are hacked, and author of the first book in the series, Hardening Windows Systems.

comments powered by Disqus
Most   Popular