Server Backup & Recovery — Disaster Planning & Business Continuity | ITVedas

Server Backup & Recovery

Backup and recovery are not luxuries—they're necessities. Hardware fails, data gets corrupted, ransomware attacks occur, and human error happens. A comprehensive backup strategy ensures your organization can recover from any disaster with minimal data loss and downtime.

Backup Strategy Fundamentals

The 3-2-1 Rule: Keep 3 copies of your data, on 2 different media types, with 1 copy off-site.

  • 3 Copies: Original + 2 backups (protection against single backup failure)
  • 2 Media Types: e.g., disk + tape (guards against media-specific failures)
  • 1 Off-Site: Protects against natural disasters, theft, sabotage

Key Recovery Metrics

Metric Meaning Example
RTO (Recovery Time Objective) How long system can be down 4 hours = system must be back online in 4 hours
RPO (Recovery Point Objective) Maximum acceptable data loss 1 hour = okay to lose 1 hour of data
MTBF (Mean Time Between Failures) Average time between equipment failures Hardware lasts ~5 years before failure
MTTR (Mean Time To Repair) Average time to fix equipment after failure 2 hours for hardware replacement
💡 Example Scenario: For a company with 1-hour RPO and 4-hour RTO, you need hourly backups stored redundantly and tested recovery procedures that complete within 4 hours.

Backup Types

💾 Backup Classification

Full Backup: Entire dataset copied

  • Slowest to perform
  • Uses most storage space
  • Fastest to restore from
  • Each backup is independent

Incremental Backup: Only changes since last backup (full or incremental)

  • Fastest to perform
  • Uses least storage space
  • Requires multiple backups for restore (chain of backups)
  • Suitable for nightly backups

Differential Backup: Only changes since last full backup

  • Medium speed to perform
  • Medium storage usage
  • Requires only 2 backups for restore (full + latest differential)
  • Good balance for weekly/daily backup cycles

Backup Schedule Strategies

Strategy Schedule Backup Time Storage Restore Time
Full Daily Full backup every day Long Very High Very Fast
Full Weekly + Daily Incremental Full Sunday, Incremental Mon-Sat Medium Medium Medium
Full Weekly + Daily Differential Full Sunday, Differential Mon-Sat Fast Medium-High Fast
Continuous Replication Real-time to secondary location Minimal High + Secondary Server Seconds

Recommended for Most Enterprises: Full backup weekly (Sunday) + daily incremental (Mon-Sat). Good balance of performance, storage, and recovery capability.

Windows Server Backup

Installing and Configuring Backup

  1. Open Server Manager
  2. Add Roles and Features
  3. Select Windows Server Backup feature
  4. Complete installation
  5. Open Windows Server Backup from Tools menu
  6. Click "Backup Schedule" to configure
  7. Select "Full Server" or specific volumes
  8. Choose frequency (daily, multiple times per day)
  9. Select time for backup (preferably off-peak hours)
  10. Choose backup destination (external drive, network share)
  11. Complete wizard and start backups
# PowerShell: Windows Server Backup commands # Get backup policy Get-WBPolicy # Start backup manually Start-WBBackup # Schedule daily backup at 11:00 PM $policy = New-WBPolicy Add-WBFileSpec -Policy $policy -FileSpec "C:\Data" Add-WBBareMetalRecovery -Policy $policy Set-WBSchedule -Policy $policy -ScheduleTime (Get-Date -Hour 23 -Minute 0 -Second 0) Set-WBPolicy -Policy $policy

Active Directory Backup

Special consideration for Domain Controllers: You must backup the System State (Active Directory database) in addition to files.

🔑 What is System State?

System State includes:

  • Active Directory database (ntds.dit)
  • SYSVOL (Group Policy files)
  • Boot files and system files
  • COM+ Class Registration database
  • Certificate Services database (if applicable)

DC Backup Strategy: Backup System State daily, full server weekly. Keep System State backups for entire AD tombstone period (default 180 days).

Testing Backups (Critical!)

An untested backup is not a backup—it's a backup "failure waiting to happen." Test backups regularly to ensure:

  • Backup completed successfully
  • Data can be restored
  • Recovery procedures work correctly
  • Recovery time meets RTO requirement

Monthly Backup Test Procedure

  1. Select a backup from the previous month
  2. Document current state and baseline metrics
  3. Perform full bare-metal restore to test system
  4. Boot restored system and verify functionality
  5. Check file integrity and permissions
  6. Verify all services start correctly
  7. Document actual recovery time and any issues
  8. Compare with RTO requirement
  9. Document results in recovery log
⚠️ Critical: Never test backups on production systems. Always use isolated test environment. A failed test backup that corrupts data is worse than no backup at all.

Off-Site and Cloud Backups

On-Premises Only Issues:

  • Natural disasters (fire, flooding, earthquakes)
  • Site theft or sabotage
  • Ransomware affecting all copies

Off-Site Solutions:

  • Cloud Backup Services: Redundant, geographically distributed, managed for you
  • Partner Data Center: Alternate facility in different geographic location
  • Physical Backup Copy: Tape or external drive stored off-site

Cloud Backup Providers: Microsoft Azure Backup, AWS Backup, Veeam Cloud, Backblaze

Disaster Recovery Plan

Disaster Recovery Plan (DRP) Components:

  • Critical Systems Inventory: Which systems are most critical?
  • Recovery Priorities: Restore order (e.g., DC → DNS → Exchange → file server)
  • Contact Lists: Who to call during disaster?
  • Backup Locations: Where to get backup media?
  • Alternate Sites: Where to operate from if primary data center is down?
  • Recovery Procedures: Step-by-step instructions for each system
  • Testing Schedule: Quarterly full DR test at minimum
  • Documentation: Hardcopy procedures (network might be down)

Common Recovery Scenarios

Scenario 1: Single File Recovery

Problem: User accidentally deleted a file

Recovery:

  1. Mount backup volume
  2. Locate file in backup
  3. Copy file to original location or user's directory
  4. Verify file integrity and permissions

Time: 5-10 minutes | Complexity: Low

Scenario 2: Volume Failure

Problem: Storage array fails, entire volume lost

Recovery:

  1. Replace failed hardware
  2. Boot from backup media
  3. Perform bare-metal restore
  4. Rebuild RAID array
  5. Restore incremental backups since last full backup

Time: 2-4 hours | Complexity: Medium

Scenario 3: Ransomware Attack

Problem: Ransomware encrypts all files on server

Recovery:

  1. Isolate infected server immediately
  2. Identify infection source and timeline
  3. Verify backups taken before infection
  4. Restore from clean backup
  5. Scan restore process thoroughly
  6. Deploy patches/updates to prevent re-infection

Time: 4-8 hours | Complexity: High

Backup Best Practices

  • Automate backups: Manual backups get skipped and forgotten
  • Test monthly: Untested backups are just expensive failures waiting to happen
  • Verify success: Check backup logs daily, alert on failures
  • Encrypt backups: Protect sensitive data in transit and at rest
  • Version retention: Keep 4 weeks of daily, 12 months of weekly, 7 years of yearly
  • Off-site copies: Follow 3-2-1 rule religiously
  • Document procedures: Keep hardcopy documentation accessible
  • Maintain inventory: Track backup media locations and status
  • Regular testing: Perform full DR test at least quarterly
  • Update DRP: Update Disaster Recovery Plan as infrastructure changes

Key Takeaways

  • Backups are essential insurance against data loss
  • 3-2-1 rule provides comprehensive protection
  • Choose backup type/schedule based on RPO and RTO requirements
  • Always test backups—untested backups don't exist
  • Off-site backups protect against site-wide disasters
  • Maintain updated Disaster Recovery Plan
  • Regular testing ensures recovery capability when needed