Chapter 34
Explain Business Continuity Concepts
In this chapter, you learn the steps needed to keep IT functioning in the event of a disaster. This chapter covers CompTIA IT Fundamentals+ Objective 6.7: which includes the following topics:
Fault tolerance, including replication, redundancy (data, network, power), backup considerations (data, file backups, critical data, database, OS backups), location (stored locally, cloud storage, on-site vs. off-site), and contingency plan
Disaster recovery, including data restoration, prioritization, and restoring access
Foundation Topics
Fault Tolerance
Fault tolerance refers to the ability of a system to continue to work properly even when some parts of the system have failed. The keys to fault tolerance in IT include replication and redundancy.
Replication
Replication is the act of copying information between devices so that if the primary device fails, another device can take over for it. To make replication possible, many other factors must be taken into account, including hardware and data redundancy, backups, backup storage, and contingency planning.
Redundancy
A fully redundant system can continue to function even if a major component fails because all components (hardware, software, and networks) are duplicated and are designed to switch over automatically to the secondary components in case of failure. Here are some examples of how redundancy can be achieved.
Data
Data redundancy can be achieved by using high availability databases, RAID arrays for storage, and backups.
Some database apps include high availability (the ability to recover from a failure quickly) as a configuration option. For example, some editions of Microsoft SQL Server and Oracle support high availability options.
Note
For more about SQL Server high availability editions, see https://docs.microsoft.com/en-us/sql/sql-server/failover-clusters/high-availability-solutions-sql-server?view=sql-server-2017 and https://community.spiceworks.com/topic/1998296-best-redundancy-option-for-sql-server-2016. For more information about Oracle high-availability, see https://docs.oracle.com/cd/B28359_01/server.111/b28281/architectures.htm#g1012375.
RAID Arrays
Redundant array of independent disks (RAID) is the collective name for storage technologies that use two or more physical disk drives as a single logical unit. Despite the name, RAID 0, also known as striping, is not redundant storage. RAID 0 treats two drives as a single logical unit by striping data continuously across both drives. This improves read/write performance, but if either drive fails, all data is lost.
Actual redundancy is available with all other RAID levels. The most common RAID levels are 1, 5, and 10 (also known as RAID 1+0). Some desktop computers and most servers have built-in RAID host adapters. RAID adapter cards can be added when necessary. Figure 34-1 illustrates setting up of a typical RAID Level 1 array.
Table 34-1 compares the features of the most common RAID levels.
Table 34-1 RAID Levels
RAID Level |
Number of Drives |
Notes |
Capacity* |
0 |
2 |
Data striped across both drives; good performance but no redundancy (fault tolerance). |
Total of both drives. |
1 |
2 |
Data mirrored from one drive to the other for redundancy. |
Half the total of both drives. |
5 |
3 or more |
Data and parity information striped across all drives; array can be rebuilt if a single drive fails, but performance suffers during the rebuild process. |
For a three-drive array, 1-1/3=2/3 total capacity of all drives. For a four-drive array: 1-1/4=3/4 total capacity of all drives (and so on). |
10 |
4 |
Two pairs of drives have data striped across them, but each pair of drives is mirrored. |
Half the total of all drives. |
*Assumes all drives in array have identical capacities. If one of the drives in the array is smaller, the smaller drive’s capacity is used to determine the array’s capacity.
For systems that do not have RAID-compatible host adapters, software RAID is supported by most operating systems. Software RAID supports the same types of RAID arrays as hardware RAID.
Note
To learn more about setting up RAID arrays in Ubuntu and similar Debian-based distributions, see https://www.digitalocean.com/community/tutorials/how-to-create-raid-arrays-with-mdadm-on-ubuntu-16-04.
To learn more about setting up RAID arrays in macOS Sierra and newer versions, see https://www.lifewire.com/make-raid-with-disk-utility-for-macos-4134293.
Windows 8 and later support a type of software RAID known as Storage Spaces. Two-way (two drives) and three-way (three drives) mirroring create two and three copies of your data in real time, respectively, similar to the way RAID 1 mirroring works. Parity, which requires at least three drives, is similar to RAID 5. Figure 34-2 illustrates setting up a two-way mirror using Windows 10 Storage Spaces.
Note
To learn more about Storage Spaces, see https://www.windowscentral.com/how-use-storage-spaces-windows-10. For a detailed discussion of performance and data safety, see https://betanews.com/2014/01/15/windows-storage-spaces-and-refs-is-it-time-to-ditch-raid-for-good/.
Real-time data redundancy for any type of data can be achieved by using RAID 1, RAID 5, or RAID 10 storage arrays. However, RAID is not a substitute for backups. Depending on how backups are created, backup files can be used immediately or might need to be restored before use. For more information about backups, see the section “Backup Considerations,” in this chapter.
Network
Network redundancy provides for multiple connections between network components. For example, if an organization has two offices, network redundancy would require two routers in each location, with each router connected to a different wide area network (WAN). If one WAN fails, the other one could take over.
Network redundancy in a local area network (LAN) can be achieved by using two switches connected to two routers in a mesh configuration. If one router or one switch fails, the other can maintain LAN and WAN connections.
Network redundancy at a device level can be achieved by using two network interface cards (some motherboards have two NIC ports) and connecting both to the network. If one card/port fails, the other can maintain the connection. This is called multihoming.
Network redundancy is designed to help businesses achieve 99.999% (“five-nines”) network reliability, meaning minimal downtime and maximum availability. Five-nines is also the goal of high availability databases.
Note
For more about this topic, see http://techgenix.com/importance-network-redundancy/ and https://www.lifewire.com/what-is-multihoming-818136.
Power
Redundant power supplies are frequently used in servers and are essentially two power supplies in one. A redundant power supply fits into the same space as a standard power supply but is composed of two separate power supply modules, each with its own on/off switch and quick-removal handle. The unit is designed to switch automatically from the primary module to the secondary module in the event of primary module failure, and the failed module can be pulled out and replaced. Most redundant power supplies are designed for rack-mounted use.
To provide replacement power for a particular device in the event of AC power failure, connect it to a battery backup unit (also known as an uninterruptible power supply, or UPS).
To provide redundant power protection against a failure of the electrical service to a location, use a backup standby generator.
Backup Considerations
When hardware fails, you can purchase replacements, but when storage devices fail, the data is lost unless you have backup copies.
A backup is a copy of information stored on a computing device (laptop, desktop, server, or mobile device). A backup can be restored in the event of data loss.
A backup copy of information on a system can be used by the system in case the original is lost or corrupted. There are many backup methods designed for different requirements. The following sections discuss backup methods and when to use them.
Note
When backing up data or entire systems, you have three different backup types: A full backup backs up all files, whether they were backed up previously or not. When a file is backed up, a file attribute known as the archive bit is changed to indicate the file has been backed up. A differential backup and incremental backup are two different methods of backing up only changed files. A differential backup backs up all files changed since the last full backup. An incremental backup backs up only the files changed since the last full or incremental backup. See https://searchdatabackup.techtarget.com/definition/incremental-backup for a chart showing the differences between these backup types.
If incremental backups are used between full backups, in the event that a full restoration is needed, the last full backup and all incremental backups must be restored. However, if differential backups are used between full backups, only the last full backup and the last differential backup must be restored.
Data
The most fundamental backup concerns include what to back up, and where to store the backup. In the following sections, we discuss the question of what to back up.
File Backups
The term file backups refers to the information created by apps (software), such as documents, spreadsheets, photographs, videos, and so on. This type of data can be backed up using several methods:
File synchronization: Files are copied from the original location to a matching folder on another local or network storage device by an app that tracks additions, changes, and deletions (see Figure 34-3).
File copying: Files are copied from the original location to another location by the operating system’s built-in copy commands.
File history: Files are copied to another location in such a way that different versions of the same file can be restored when desired (see Figures 34-4 and 34-5).
File backup with compression: Files are compressed into archives that are created on another location by a backup utility that might be provided with the operating system or a third-party provider. Files must be retrieved by the backup utility. Depending on the utility, the files might need to be restored to their original location or another location before they can be used. The operating system tracks which files have been backed up so they are not backed up again.
Examples of file synchronization apps include Microsoft SyncToy (Windows) and rsync (macOS and Linux). File history backups include File History (Windows), Time Machine (macOS), and rsnapshot (Linux). File backup apps with compression are available from many vendors, including Acronis (Windows, macOS, iOS, and Android; www.acronis.com) and StorageCraft (Windows, macOS; www.storagecraft.com).
Note
The Microsoft SyncToy app (download from https://www.microsoft.com/en-us/download/details.aspx?id=15155; see https://windowsreport.com/synctoy-windows-10/ for use) works with any current version of desktop Windows. The official rsync website is https://rsync.samba.org/. Learn how to set up File History from https://www.winhelp.us/file-history-in-windows-8.html. The official Time Machine page is at https://support.apple.com/en-us/HT201250. The official rsnapshot page is at http://rsnapshot.org/.
Critical Data
When it comes to data, not all data is created equal. A four-year-old wedding mailing list you made for your last child may not be as important as the photos of your children’s latest birthday. The company’s quarterly budget is more important than banners for the former president’s retirement party. Critical data is data that is used in the day-to-day life of your company, organization, or family. It needs to be backed up and available more quickly than old or stale data.
Hierarchical storage management (HSM) is used by large organizations to automate the transfer of older data from high-speed (hard disk) to lower-speed (tape library) storage.
Note
To learn how the University of Virginia uses HSM, see http://its.virginia.edu/hosting/storage/hsm.html.
If HSM isn’t feasible, you can make access to your latest data easier in case of loss with these steps:
Move outdated information to a separate drive.
Use file synchronization and versioning on current folders only.
Run periodic backups on current folders only.
Note
Backup tapes can wear out with repeated use. To avoid excessive media wear, several backup rotation schemes have been developed, including grandfather-father-son backup, Tower of Hanoi, and ten-tape rotation. To learn more, see https://searchdatabackup.techtarget.com/tip/How-to-optimize-your-backup-tape-rotation-strategy.
Database
Backing up a database is different from backing up documents, photos, or videos because a database is more than data files. A database includes data files, relationships, SQL or other types of statements, transaction logs, and more. For this reason, database backups are normally performed by the database app itself. Depending on the app, the backup might be performed from the command line or from a GUI menu selection.
Note
For a comparison of simple recovery and full recovery backups with Microsoft SQL Server, see https://docs.microsoft.com/en-us/sql/relational-databases/backup-restore/full-database-backups-sql-server?view=sql-server-2017. For information about backing up an Oracle database, see https://docs.oracle.com/cd/E11882_01/backup.112/e10642/toc.htm.
OS Backups
OS (operating system) backups enable a crashed system to be returned to use quickly or migrated to new hardware. An operating system backup also includes installed apps, is usually created as an image backup, and often uses different backup software than file-oriented backups. Operating system backups are often known as disaster recovery backups.
Note
Image backups (also known as snapshot backups) store the operating system and current settings into a special archive file that can be restored with bootable media. Many image backups can make bootable media as an optional part of the backup process. Depending on the backup app, an additional step may be necessary to enable the backup to be restored to a system that uses a different type of motherboard, processor, video card, and so on (“dissimilar hardware”). Windows System Restore backs up operating system files and driver configurations. It is run from the System Protection section of the System properties sheet in Control Panel.
Image backup software is available from third parties for Windows and macOS (see Figure 34-6). Linux image backup software is included in typical Linux distributions (dd, ddrescue), can be installed with apt-get or yum (partimage), and third-party apps are available from many vendors.
Note
The file backup with compression apps for Windows and macOS can also be used for operating system backups. For more about Linux image backups, see https://www.cyberciti.biz/open-source/linux-based-disk-cloning-imaging-software/.
Don’t confuse operating system backups with recovery media, which is stored in compressed form on many Windows computers. Recovery media, as the name suggests, recovers the computer to its as-shipped condition, wiping out all user data and apps installed after the computer was first set up.
Location
Making backups is important, and so is deciding where to store them. The following sections compare and contrast backup storage locations.
Stored Locally
Backups that are stored locally can be restored immediately to local systems in the event of file corruption, limited data loss, or widespread data loss. However, if your organization uses mobile systems, locally stored backups might not be restorable until the mobile systems are back in the home office.
Cloud Storage
Many backup vendors now offer cloud-based backup. Cloud-based backup runs continuously whenever a device is connected to the Internet, and devices that suffer data loss can restore a backup in the same way. Some backup vendors also offer the option of receiving backup files on a portable hard drive for faster restoration.
Note
If users have a large amount (1TB or more) of cloud storage in plans such as OneDrive, DropBox, Google Drive, and others, it could be used as an alternative to cloud-based backup. Although not as convenient, files can be manually uploaded to cloud-based storage and downloaded back to client devices in the event of data loss.
On-Site vs. Off-Site
When you’re looking at backup locations, the major considerations are backup access and backup safety. On-site backups can be accessed immediately for restoration to on-site systems. However, in the event of robbery, fire, earthquake, or civil disturbance, on-site backup files can be lost.
Off-site backup files are stored away from the point of need but must be delivered to the device location for backup. Via a combination of on-site and off-site backup storage with local and cloud components, backups can provide both quick access and off-site security.
Contingency Plan
A contingency plan for keeping IT running in the event of any type of interruption helps ensure a fast response in the event of problems. Some elements of the plan should include the following:
Quick access to backup information
Availability of replacement systems that can be used to continue business
Email, website, and social media accounts that can be used to update current and potential customers of any changes in phone numbers or physical addresses during a crisis
Rapid deployment of replacement IT hardware and software systems
Part of the development of a contingency plan is to decide what level of disaster recovery site preparation the organization needs and can afford. Disaster recovery sites are sites where IT functions can be set up when a disaster prevents the use of the original location. These fall into three categories:
Cold site: A cold site has power, HVAC, and network connections, but would need equipment and data before it could be used for IT functions. This is the least expensive to maintain before a disaster but takes the longest time to set up during a disaster.
Warm site: A site that has power, HVAC, network, and hardware suitable for IT functions is a warm site. Systems at the warm site might need to have operating systems, apps, and data restored, or operating systems and apps could be already installed to save time. A warm site costs more than a cold site, and would require ongoing maintenance of hardware and possibly software, but can be made ready in hours, rather than days, compared to a cold site.
Hot site: A hot site is, in IT terms, a duplicate of your primary IT functions, with hardware, apps, and data ready to run in minutes or less in the event of a disaster. This is the most expensive of the three disaster recovery plans, but for an organization that can afford no downtime, it might be the only one that is worth considering.
Note
For more detail about site strategies, see https://biztechmagazine.com/article/2012/06/which-disaster-recovery-site-strategy-right-you.
Disaster Recovery
Disaster recovery is the implementation of the policies and procedures that have been prepared in advance in case of disaster. From an IT standpoint, there are three parts to disaster recovery:
Data restoration
Prioritization
Restoring access
Note
AT&T offers a helpful guide to planning at https://www.business.att.com/learn/secure-networking/6-things-to-consider-when-implementing-a-disaster-recovery-plan.html. The Ready.gov IT Disaster Recovery Plan page is at https://www.ready.gov/business/implementation/IT.
As you develop a disaster recovery and business continuity plan, make sure you test and evaluate the policies and procedures you create. Look for weaknesses and resource gaps and fix any problems you discover. Train personnel, making sure to clearly define each person’s roles and responsibilities to help improve performance, communication, and coordination and to avoid panic. Make sure your plans and procedures meet legal and regulatory requirements.
Data Restoration
Data restoration is job number one in disaster recovery. What can be done in advance to make sure that data can be restored as quickly as possible?
Use the fastest local or network connections available for restoring backups.
Migrate backups on slower media to faster media.
Restore only the data needed for current operations.
The fastest local connection in general use for external drives is USB 3.1 Gen 1 (USB 3.0), which runs at 5Gbps. If any backups needed for immediate use are stored on older USB 2.0 drives (480Mbps, or ten times slower than USB 3.1 Gen 1), that data should be migrated to USB 3.1 Gen 1 drives before a disaster.
The fastest LAN connections in general use are Gigabit Ethernet (1000Mbps) and Wireless AC (433-1669Mbps). If data will be restored via LAN or LAN/WAN connections, USB 3.1 Gen 1 adapters using these standards should be used to replace slower built-in network adapters.
Prioritization
All data is important, but current data is more important than old data. The exact rules for data prioritization vary with the industry and with the organization, but here are some useful rules:
Define your key assets and restore them first.
Make sure you restore information that enables you to do current business before you restore historical information.
Make sure the information you need first can be restored as quickly as possible.
What are key assets? With any organization, key assets include the following:
Customer or client information
Accounting information
Products and marketing plans
Line-of-business information
Note
Line of business refers to the specific information needed for your business to function. For example, a manufacturer’s line-of-business information includes component, bill of materials, and raw materials information.
Restoring Access
A disaster recovery plan also needs to cover restoring access to your business by your current and potential customers. Telephone, Internet, email, and social media connections all need to be restored as quickly as possible.
Exam Preparation Tasks
Review All Key Topics
Review the most important topics in this chapter, noted with the Key Topics icon in the outer margin of the page. Table 34-2 lists these key topics and the page number on which each is found.
Table 34-2 Key Topics for Chapter 34
Key Topic Element |
Description |
Page Number |
Paragraph |
High availability databases |
|
RAID levels |
||
Paragraph |
Network redundancy |
|
Paragraph |
Redundant power supplies |
|
List |
File backup types |
|
Paragraph |
Database backup |
|
Paragraph |
Image backup |
|
List |
Contingency plan |
Define Key Terms
Define the following key terms from this chapter, and check your answers in the glossary:
hierarchical storage management (HSM)
Practice Questions for Objective 6.7
1. A high availability database is which of the following?
A database that never has a problem
A database that uses a RAID array for storage
A database that can recover from a failure quickly
A database after being backed up
2. Which of the following provides data mirroring and striping using four drives?
RAID 4
RAID 10
RAID 0
RAID 5
3. You are building a RAID 1 array using two drives, a 1.5TB drive and a 2TB drive. What is the total capacity of this array?
3.5TB
2TB
1.5TB
1.75TB
4. Your organization has set up two routers, each connected to a different Internet Service Provider. This is an example of which of the following?
Network backup
Network redundancy
High availability
RAID
5. You run an app that compares the contents of a local folder to a cloud folder and copies only new and changed files from the local folder to the cloud folder. This is an example of which of the following?
File copying
File history
File synchronization
Compression
6. You are in charge of the IT disaster planning team for a retailer. Which of the following types of data is critical data?
Old catalog files
Current orders
Last year’s inventory summary
Last quarter’s promotions
7. You are responsible for planning the backup strategy needed for disaster recovery. You have already identified the need to back up the database and transactions. In case the server crashes and the drive must be replaced, you also need which of the following?
OS backup
Redundant power supply
HSM
RAID
8. As part of your disaster recovery planning, you have purchased replacement servers to run essential operations. Unfortunately, you were unable to purchase exact replacements. The new servers have different motherboards and processors. Which of the following steps might need to be taken during the OS backup process to ensure that the backups can be restored?
Configure the dissimilar hardware options.
Run emulation.
Determine if motherboards and processors from the old servers work in the new servers.
Set up virtual machines.
9. Which of the following costs more than a cold site, and would require ongoing maintenance of hardware and possibly software, but can be made ready in hours, rather than days, compared to a cold site?
Redundant site
Warm site
Hot site
Mirrored site
10. Which of the following has a duplicate of your primary IT functions, with hardware, apps, and data ready to run in minutes or less in the event of a disaster?
RAID 10 site
Identical site
Hot site
Disaster recovery site
11. Which of the following is not a true statement regarding redundant power supplies?
They are not often used in servers.
They are designed to switch automatically from the primary module to the secondary module in the event of primary module failure.
They fit into the same space as a standard power supply but are composed of two separate power supply modules.
They are often designed for rack-mounted use.
12. Which RAID level offers good performance but no redundancy (fault tolerance)?
RAID 1+0
RAID 10
RAID 1
RAID 0
13. Which of the following specifically refers to the ability of a system to continue to work properly even when some parts of the system have failed?
Replication
Fault tolerance
Resiliency
Disk mirroring
14. Which of the following is designed to keep IT running in the event of any type of interruption and helps ensure a fast response in the event of problems?
Contingency plan
Hierarchical storage management (HSM)
File backups and compression
Restoring only the data needed for current operations
15. You are considering backup storage options. Which of the following is not a good option in the case of robbery, fire, earthquake, or civil disturbances?
Database
Cloud
Off-site
On-site
Your Next Steps (More Certs)
If you want to specialize in preparing for disasters, disaster recovery and business continuity certifications are available from several organizations, including the following:
Business Resilience Certification Consortium International’s (BRCCI’s) Certified Business Resilience IT Professional (CBRITP): https://www.brcci.org/index.php/certification/it-disaster-recovery-certification
Business Continuity Institute’s Business Continuity Certification (CBCI): https://www.thebci.org/training-qualifications/business-continuity-certification-cbci.html
Certified Information Security’s ISO 22301 Certified Business Continuity Manager (CBCM): https://www.certifiedinfosec.com/iso-22301-bcm-certification/cbcm
For additional certifications, see https://www.businessnewsdaily.com/10802-business-continuity-disaster-recovery-certifications.html.