WEBVTT

00:00.180 --> 00:05.940
There are two types of people on earth those who have lost data and those who do not backup.

00:05.940 --> 00:11.860
So in this episode I want to talk about backups in today's highly automated cloud based world.

00:11.880 --> 00:17.040
Backing up seems almost trivial I don't know about you but with my high end Android phone I can pretty

00:17.040 --> 00:22.410
much break it in half by a new phone and everything pretty much magically comes back to life.

00:22.410 --> 00:28.470
So backing up is important but from an enterprise level in particular when we're talking about I.T.

00:28.470 --> 00:33.570
security there are certain issues you're going to see on the exam and I want to delve into these a little

00:33.570 --> 00:34.050
bit.

00:34.050 --> 00:37.640
So let's go ahead and get started first by talking about backup methods.

00:37.740 --> 00:41.360
Here I have a little computer and I want to back this computer up.

00:41.430 --> 00:44.740
Now we can back this up to an external hard drive.

00:44.820 --> 00:47.040
We could back it up to a tape.

00:47.130 --> 00:49.470
We could even back it up to the cloud today.

00:49.470 --> 00:55.080
But the problem is is that when we do a backup The only thing we can do is backup everything.

00:55.080 --> 00:58.870
Now if we do a backup of everything better known as a full backup.

00:59.040 --> 01:04.330
That's absolutely fantastic and it is an important part of any backup methodology however.

01:04.410 --> 01:11.250
And let's assume we backup every day at the end of the day as we go from Monday Tuesday Wednesday Thursday

01:11.250 --> 01:12.110
and Friday.

01:12.120 --> 01:16.520
That means every day we are spending X amount of time doing a full backup.

01:16.740 --> 01:19.380
And do we want to keep making full backups every day.

01:19.380 --> 01:20.320
The answer is No.

01:20.340 --> 01:21.920
It takes a long time.

01:21.960 --> 01:23.470
It puts in a lot of overhead.

01:23.490 --> 01:30.510
So if we can avoid that let's go ahead and avoid that and we can we can do this because all file systems

01:30.510 --> 01:35.380
have features built into them that give us clues as to when files have been changed.

01:35.550 --> 01:43.280
Here for example is a Linux system and I'm typing a command called stat on a file called cleverly file.

01:43.380 --> 01:48.660
And if we look at this file we'll see that it has a modified date and we could use that information

01:48.660 --> 01:51.720
to be able to determine from our last backup.

01:51.720 --> 01:54.770
Has this been modified or not in a Windows system here.

01:54.780 --> 01:57.270
I'm running Windows on top of NTFS.

01:57.270 --> 02:03.930
We have what's known as the archive attribute the archive attribute is turned on when ever a file is

02:03.930 --> 02:05.820
created or changed.

02:05.820 --> 02:10.370
So as we look at these three files here you'll see the first two you see that letter A.

02:10.560 --> 02:12.480
That shows that they've been changed.

02:12.480 --> 02:15.710
The third one is that the bottom has not been changed.

02:15.720 --> 02:18.220
Now using that we can do some cool things.

02:18.240 --> 02:20.230
We have two different options here.

02:20.250 --> 02:26.430
The first one is called a differential backup a differential backup basically means to backup all changes

02:26.430 --> 02:28.590
from the last full backup.

02:28.590 --> 02:35.730
The alternative is an incremental backup the incremental backup only backup changes from the last backup

02:35.820 --> 02:37.220
of any type.

02:37.230 --> 02:41.030
Let me show you how that works starting with a differential backup.

02:41.040 --> 02:45.990
So here we have Monday Tuesday Wednesday Thursday Friday at the end of the day on Monday we make a full

02:45.990 --> 02:47.070
backup.

02:47.070 --> 02:54.690
Now on the end of the day on Tuesday by reading this file information we can only make backup of the

02:54.690 --> 02:57.990
files that have changed on that one day.

02:57.990 --> 03:03.360
Now on the next day we make backups of all the files that have changed remember differential means since

03:03.360 --> 03:04.670
the last full backup.

03:04.950 --> 03:11.760
So this backup is going to be all the changes on Tuesday and Wednesday on the end of the day on Thursday

03:11.760 --> 03:13.450
we do another differential backup.

03:13.470 --> 03:19.320
And in this case we have all the changes of Tuesday through Thursday and then on Friday.

03:19.320 --> 03:22.890
Everything from Tuesday through Friday.

03:22.890 --> 03:28.770
The nice part about a differential backup is that you only need two backups to be able to restore.

03:28.950 --> 03:34.950
So let's say it's Friday and we've lost everything in that case what we do is we grab our full backup

03:34.950 --> 03:41.910
from Monday and we grab our backup on Thursday which reflects everything that's happened since that

03:41.910 --> 03:43.040
last backup.

03:43.140 --> 03:50.160
And with these two backups we can completely restore the system differential backups are fantastic because

03:50.220 --> 03:56.080
if you're using a weekly backup format as many many people do you're only going to have two backups

03:56.090 --> 04:02.940
that you worry about at any given moment your full backup and then whatever differential backup is important

04:02.940 --> 04:05.410
for you for whatever you want to do your restore from.

04:05.580 --> 04:07.340
So differentials fantastic.

04:07.350 --> 04:09.900
You have a very small number of backup sets.

04:10.050 --> 04:15.670
However backup sets get bigger and bigger and bigger over the course of your backup period.

04:15.840 --> 04:17.840
So there's an alternative to this.

04:17.850 --> 04:19.620
The alternative is incremental.

04:19.620 --> 04:21.610
Let me show you how that works.

04:21.660 --> 04:25.300
So let's start off once again by having our full backup on Monday.

04:25.310 --> 04:28.180
Now keep in mind we're going to be doing an incremental backup.

04:28.260 --> 04:34.440
So in this case what we're going to do is we're going to at the end of the day on Tuesday make a backup

04:34.680 --> 04:38.280
of only that which is changed on Tuesday.

04:38.430 --> 04:43.340
Now when Wednesday comes along we'll make another backup a separate backup of everything that changes

04:43.350 --> 04:47.250
on Wednesday and the same with Thursday and Friday.

04:47.250 --> 04:53.250
Now let's imagine that Friday comes along and we've had a corruption and we need to restore using an

04:53.250 --> 04:54.390
incremental backup.

04:54.390 --> 05:00.400
I'm going to need my full backup plus everything from Monday plus everything from Tuesday everything

05:00.440 --> 05:06.360
Wednesday plus everything from Thursday in order to create a complete backup.

05:06.380 --> 05:11.180
So generally when we're talking about backups I don't care what your methodology is I don't care what

05:11.180 --> 05:16.730
you're backing up to but you're almost always going to be in a situation where you're using full backups

05:17.000 --> 05:21.160
combined with either incremental or differential depending on your needs.

05:21.170 --> 05:23.030
The answer's easy differential.

05:23.060 --> 05:28.880
There are less back ups sets but they get bigger incremental more backup sets but smaller.

05:28.880 --> 05:29.510
All right.

05:29.510 --> 05:34.420
Now there is one other type of backup that comes into play and that is snapshots.

05:34.430 --> 05:40.910
Now we see snapshots typically under virtual machines and they are an absolute perfect way of making

05:40.910 --> 05:43.540
a copy of something that's happened in the past.

05:43.550 --> 05:48.710
The only downside to these types of things is that stamp shots are traditionally not stored on separate

05:48.710 --> 05:49.510
media.

05:49.520 --> 05:53.680
There's nothing against doing that here at total seminars when we make important snapshots.

05:53.810 --> 05:59.130
We add them to our backup sets and they're part of our overall backup process.

05:59.960 --> 06:02.690
So you've got all of these backups.

06:02.750 --> 06:04.070
So what are you going to do with them.

06:04.070 --> 06:07.160
So first of all you have to decide on your media.

06:07.160 --> 06:11.130
Number one if you go old school here you're talking about local backups.

06:11.180 --> 06:18.010
Now these could be tapes these could be external hard drives and they could be a separate backup that's

06:18.010 --> 06:21.390
stored locally local backups have one big benefit.

06:21.530 --> 06:24.130
Nearby in case anything messes up.

06:24.380 --> 06:30.740
So you can imagine the alternative which is an offsite backup is not nearly as convenient.

06:30.740 --> 06:32.510
However that's one big benefit.

06:32.600 --> 06:39.400
And that is if you catch fire or explode or something terrible happens you have a remote backup.

06:39.410 --> 06:45.500
What we'll see in a lot of situations is that we will keep local backups but then we also have a second

06:45.830 --> 06:48.550
offsite backup just in case.

06:48.560 --> 06:54.650
Now if you really want to be cool the fun way to do things is using cloud backup cloud backups work

06:54.650 --> 07:01.330
beautifully However they have one big downside and that is they take up a tremendous amount of time

07:01.330 --> 07:03.440
to get the initial backups going.

07:03.490 --> 07:07.450
So that first full backup that you're going to do can take quite a while.

07:07.450 --> 07:14.620
However once that's made what you'll see with most cloud backup providers is they do pretty much a continuous

07:14.920 --> 07:16.900
ongoing incremental backup.

07:16.900 --> 07:23.200
So once it's made it can be a very very powerful tool for keeping your data intact.