[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Official Backup Solution Thread

From: ry
Subject: Official Backup Solution Thread
Date: Mon, 6 Dec 2021 17:23:52 -0800

Hey all!

I'd love to generate some discussion on what backup solution we'd like to implement. For this, I'd like to point all of us unfamiliar with the topic to a great questionnaire presented in an excerpt UNIX and Linux System Administration Handbook by Evi Nemeth (which I highly recommend, as it is the bible for SysAdminning, and a wealth of great fun knowledge imo).

Regardless of the exact technology you use to implement backups, you need a written plan that
answers at least the following questions:

Overall strategy:
What data is to be backed up?
What system or technology will perform the backups?
Where will backup data be stored?
Will backups be encrypted? If so, where will encryption keys be stored?
How much will it cost to store backups over time?


How often will backups be performed?
How often will backups be validated and restore-tested?
How long will backups be retained?

Who will have access to backup data?
Who will have access to the encryption keys that protect backup data?
Who will be in charge of verifying the execution of backups?
Who will be in charge of validating and restore-testing backups?

Use and protection:
How will backup data be accessed or restored in an emergency?
How will you ensure that neither a hacker nor a bogus process can corrupt, modify, or
delete backups? (That is, how will you achieve immutability?)
How will backup data be protected against being taken hostage by an adversarial
cloud provider, vendor, or government?

The best answers to these questions vary by organization, type of data, regulatory environment,
technology platform, and budget, just to name a few potential factors.
Take time today to map out a backup plan for your environment or to review your existing
backup plan.

This is just a food for thought e-mail to get us all thinking about how we would like to tackle this. If we could come up with a solution and implementation before the years end that would be ideal. Especially because zaeph and sachac are pulling no punches in getting serious work done and it'd be nice to support that hard work with safety of their work off-site.

I'll make a separate e-mail with my ideas to keep this one from being too long. :)


-opalvaults (Ry)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]