Do The Backups: You've Been Warned!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • simsim
    Senior Member
    • Nov 2005
    • 1625
    • 3.6.x

    Computer Chat Do The Backups: You've Been Warned!

    A blogging platform company just closed its doors after 6 years of successfully hosting thousands of user blogs.

    Reason: No off-site database backups! An angry ex-employee wiped up their servers in the blink of an eye by overwriting all their data, bearing it completely unrecoverable!

    Read the tragedy:
    Blogging platform JournalSpace (which I'd never heard of to date) has ceased to be, following a wipe-out of the main database for which there was no back-up in place. According to the JournalSpace blog, the database was overwritten as a result of a malicious act from a disgruntled ex-employee. It was the guy handling the IT (and, yes, the same guy who I caught stealing from the company, and who did a slash-and-burn on some servers on his way out) who made the choice to rely on RAID as the only backup mechanism for the SQL server. He had set up automated backups for the HTTP server which contains the PHP code, but, inscrutibly, had no backup system in place for the SQL data. The ironic thing here is that one of his hobbies was telling everybody how smart he was. More information is available here.


    Blogging service JournalSpace has been completely wiped out after the drives that housed their entire database were overwritten.The problem was that t
    You're spending millions of dollars on a website?!
  • Floris
    Senior Member
    • Dec 2001
    • 37767

    #2
    Offsite backups are quite important.
    It is quite difficult to do frequently when we're talking terabytes of data .. but for a company it is worth investing in someone who knows how to do this, and how to make incremental backups.

    Comment

    • Nintendo
      Senior Member
      • Apr 2001
      • 178
      • 3.6.x

      #3
      Ouch! I learned that the hard way four years ago when a hacker used my server to do a DOS attack...on a governemnt web site!!!!!! Gah!!! Geting a call from the government is not good!!!
      Public Domain Content
      Amazon/Webmaster Services

      Comment

      • Chousho
        Senior Member
        • Jan 2004
        • 967
        • 3.8.x

        #4
        Originally posted by Floris
        Offsite backups are quite important.
        It is quite difficult to do frequently when we're talking terabytes of data .. but for a company it is worth investing in someone who knows how to do this, and how to make incremental backups.
        I wouldn't say difficult as much as time consuming. Well, maybe difficult if there isn't a regiment taken with backing up, but I know a few of companies around here that do tape copies and send them off-site every other day or so.

        This site that got wiped did a stupid thing, actually. They were relying on a raid 1 setup to get them out of trouble, rather than an actual full backup. What would have happened if the building had caught on fire? The information would have been gone just the same.

        Comment

        • Martz
          Senior Member
          • Apr 2001
          • 1051

          #5
          Just taking backups isn't enough - the most important process is the restore.

          Testing the data restore is worth trying when things are running good. The last thing you want to find out is that the backup is incomplete/missing dependencies/doesn't work, when your application(s) are on their knees and you need it. And that won't be known unless it's actually tested - in an exercise scenario.

          Sleeping well at night knowing backups are being done can be is a false sense of security, the sickening realisation that the data cannot be restored from your backups is just as bad as not doing them in the first place.

          Unfortunately I speak from past experience.
          HP DL-380 G6, 2x E5520, 28GB RAM, 4x300GB SAS, VMWare ESXi
          -
          Unreal Tournament : Assault forums - irc://irc.utassault.net:6667 -

          Comment

          • kat00
            Senior Member
            • Dec 2006
            • 259
            • 4.0.0

            #6
            Backup the DB daily via cron, download it to local PC daily with a good FTP program using a scheduled task. Upload the DB daily to a different test server by the same method. Backed up DB stored in 3 places, completely automated. Idiot proof.
            ttttt

            Comment

            • Deriel
              Senior Member
              • May 2005
              • 202
              • 3.8.x

              #7
              Originally posted by kat00
              Backup the DB daily via cron, download it to local PC daily with a good FTP program using a scheduled task. Upload the DB daily to a different test server by the same method. Backed up DB stored in 3 places, completely automated. Idiot proof.
              Except in the cases where your DB have more than a few GB in size

              Comment

              • DoE
                Senior Member
                • Sep 2007
                • 763

                #8
                Why did an ex-employee still have rights? His rights to everything should have been terminated before the person in question was.

                If the person was fired and then told to clean out his desk, then that is not the way to do it either. Security should have escorted him out of the building first (that tells you that you are terminated), and then send his personal stuff to his home. This is how big companies let you know you are fired... just in case,

                Comment

                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                Working...