[DUG] Disaster recovery - was API to Windows explorer

John Bird johnkbird at paradise.net.nz
Fri May 13 13:32:43 NZST 2011 

In my IT years I have personally seen snippets like

-Firm A 1980's greymouth floods - minicomputer with 2 hard disks.   Backup 
disks were stored on highest shelf when flood was coming.   Office furniture 
floated and knocked some backups off top shelf into muddy water.
lower hard disk was flooded and ruined.  Upper hard disk was 2 inches above 
flood line.  Upper hard disk was one that had backups land in muddy water. 
Lower hard disk backups did not fall into water.

-Firm B 1980's Greymouth floods office computer just above water line. 
Offsite backups in bank vault  ruined when vault flooded.

-Firm C backed up network to tape and removable disk.   PC with crucial data 
trashed working data, and instead of restoring from backup media backed up 
corrupted data onto it.   Only had one copy of backup media.   Tape backups 
had omitted workstation with data due to network connection lost for 5 
months.   One 5 month old backup found.    Crucial missing data file was 
found after running chkdsk and examining data in the lost clusters and 
discovering the lost datafile was contained in one of these.  This saved 5 
months work being redone.

-Firm D employed consultant to install backup software.  Consultant 
disparaged system that was being backed up and previous backup methods, and 
set up an ultra smart backup system using more sophisticated software. 
Consultant left his company 1 week later, 3 months later was discovered that 
sophisticated backup did not include folder where all the data files were.

-Firm D had junior operator running payroll package for hundreds of small 
firms.   Run did not work properly, so operator restored from backup to redo 
the operation, except got confused and backed up instead, ruining that 
backup.   After that did not fix problem, operator worked through all the 
levels of backups trying to restore from each and backing up instead onto 
them.   Finally stopped when only one good backup remained, requiring two 
months work to be redone.   Operator fired.

-Firm E had 2 USB hard drives for complete server backups.  1 of these was 
swapped with its twin and taken home each day.  Data files were accidentally 
deleted, and at that stage the daily swapped USB drives were found to not be 
backing up for nearly a year.   The other, permanent USB drive backup had a 
power button that had to be pressed after a power cut to restart it, and it 
had not been pressed after the previous power cut....3 months before.

-Firm F has offsite backup to network provider done over internet each 
night.   both offices rendered inaccessible after Feb 22 earthquake, so no 
backups available.  Eventually server rescued after 5 weeks from building 
which has split into 3 pieces army rescue staff on standby outside.  5 weeks 
with no access to data.

-Firm G has UPS for server.   Severe lightning storm has lightning hit main 
grid 100+ miles away in high country, sending large spike down line.  All 
computers in office after restart OK except the UPS which is killed dead by 
the spike, so server crashed too.

-Firm H still backs up zipped data to floppy disk.   2 networked PCs, one 
with floppy disk broken, other PC produces floppy disks that cannot be read 
in any PC except the original drive.

-Firm I extracts data from server still running on UPS after Feb 22 
earthquake via Wifi router also plugged into UPS from laptop in street. 
Front of building is also in the street.  Jolyon fails to quote the 
important part of the sentence - "
"Thats a cool idea for an emergency backup after the event."   (last 3 words 
change the sense of the story)

-Numerous cases with tape or zip drive backups where backup media could not 
be read when data was needed to be restored from backup.

Main points:

-Multiple backup methods are better, in case technology behind any one 
method fails.
-Whatever method is used, backups have to be checked from time to time.
-For offsite backups there has to be some thought about having them as up to 
date with the live files as possible.   Many firms with offsite backups in 
Christchurch after the earthquake decided to not use them until they 
retrieved their server as the offsite backup was 1 or 2 weeks old and the 
week or two's work to be redone could not be reconstructed as the paper 
records also were in the office with the server.   In many cases even having 
the offsite backups even a few hours work behind the live data created 
immense logistical and legal problems.

John

More information about the Delphi mailing list