Database Backup and Recovery

1. DATABASE BACKUP AND RECOVERY 

An integral part of any overall database security strategy should be providing for database backup and recovery. Backups serve many different purpose. Most often, in seems that systems administrator perform backups to protect information in the case of server hardware failures. Although this is very real danger in most environments. It is often not the most likely. Data can be lost due to accidental human errors, flawed application logic, defects in the database server or operating system platform and, of course, malicious users who are able to circumvent security measures. In the event that data is incorrectly modified or destroyed altogether, the only real method to recover information is from backups.

Since all relational database systems provide some method for performing database backups while a server is still running, there is not much of an excuse for not implementing backups. The real challenge is in determining what backup strategies apply to your own environment. You will need to find out what your working limitations are. This was not an easy task, even in the best-managed organizations. It involves finding information from many different individuals and departments within your organization. You will have to work hard to find existing data, and make best guesses and estimates for areas in which data is not available.

To further complicate issues, there are many constraints in the real world that can affect the implementation of backup processes. First, resources such as storage space, network bandwidth, processing time, and local disk I/O bandwidth are almost always limited. Additionally, human resources—especially knowledgeable and experienced database administrators—may be difficult to find. And, performance requirements, user load, and other factors can prevent you from taking all the time you need to implement an ideal backup solution.

So, how do you decide what to protect? One method is to classify the importance of the relative types of information you need to protect. For example, your sales databases might be of "mission critical" importance, whereas a small decision support system might rank" Low priority" on the scale (since the data can relatively easily be re-created, if necessary). It is also importance to keep in mind that business managers may have a very different ideas of the importance of data when compared to other users who actually deals with this information frequently. Keep in mind that determining how to protect information must be a team effort if it is to be accurate and successful. 

It is important to keep in mind that the purpose of data protection is not to create backups. The real purpose is to provide the ability to recover information, in case it is lost! To that end, a good practice is to begin designing a backup solution based on your recovery requirements you should take into account the cost of downtime, the value of the data, and the amount of acceptable data loss in a worst-case scenario. Also, keep in mind the likelihood of certain types of disasters.