Security Adviser: Backup software: Bah, humbug

Wondering why disk backup is prospering? Read this anti-tape backup rant.


There is no better computer security defense than having a known, good, safe data backup, right? Then why is nearly all backup software so complex and buggy? Why do backup drives frequently fail? Why do backup tapes fail so often?

I've been using backup software for 20 years now, and it doesn't seem to get any better. If you can name the popular backup vendor, I can tell you I hate their software.

Why? It's too complex, for starters. Backup software is something that should be reliable and simple -- a "Click here to back up all your data" kind of simple. Yes, I want to backup all data. Yes, I want to backup open files. Yes, I want you to verify the data you just backed up. Yes, I want to encrypt and password protect the data I just backed up.

I challenge you to find one product that doesn't require 20 clicks to do a simple backup job.

Data backup software is among the most sophisticated software products out there. These products have hundreds of options and call for numerous decisions to be made; you almost need to be a Ph.D. to understand all the options. And sadly, even if you make all the right decisions -- or just take the defaults -- you can't be sure your backup worked.

If you've been around backup systems enough, you know how often they don't work. Tell the truth: When you get called to restore a single file or directory, and the restoration works, don't you secretly heave a big sigh of relief?

I personally believe that some large minority of data backups, about 20 to 40 percent, aren't working. People are doing backups every day and putting the tapes in storage, but they never test them. Want to restore your Exchange server to working condition after a fatal crash? Good luck unless you really knew what you were doing ahead of time, before the crash.

I wonder how bad the day would be if a Slammer-style worm, which infected nearly every possible SQL server in about 10 minutes, deleted all the server data instead of spreading as usual. We'd wake up one day and find all our data is gone, deleted by a previously unknown zero-day exploit. How many companies would find out they really hadn't been backing up their data? The number would be higher than most people would expect.

I don't blame the companies though. I blame the extreme complexity of something that should be bulletproof and reliable. How many of us, when upgrading a file server to new hardware, don't just backup once, but backup twice, or even three times, because we were burned badly before. And just to twist the knife further, I love how the job says, "Successfully completed!", when no files were actually backed up or restored.

Backup software technical support is never free. It's expensive. Some vendors want you to pay them to help with the installation. You put the CD in, follow the screen prompts, and it bombs. What, no support contract? Pay up. Want to renew your backup support contract? "Well, there's a renewal fee, then we require you to pay two years up front." I'm not making that one up.

When you do get technical support, they will expend every effort to blame everything else besides the backup software. It's the tape drive. It's the lousy tapes. It's the drivers. And it often is -- the whole system is convoluted, broken, and unreliable.

Better make sure your tape drive is under warranty, too, as they don't seem to last very long anymore. That expensive tape drive seems to fail as frequently as an HP DeskJet printer. It's almost a consumable now, much like the tapes and backup cartridges themselves. You can buy the most expensive backup cartridges available, and you're lucky to get a few hundred hours of backup time before they start spitting errors and lost CRC sectors. I'm sure all the backup engineers have lots of reasons why backup cartridges fail so often, but it still doesn't solve the problem.

I know I'm in a ranting mood again this week (I love having my own column), but this is 20 years of frustration coming out. Show me a person without backup problems and I'll show you someone who either a) doesn't know they really do have problems, b) finally solved all their problems after months of troubleshooting and now baby-sits their backup solution like a newborn child, or c) has an expensive solution and dedicated staff.

Many readers have already bought newer solutions that don't involve tapes. These solutions are expensive. But they are fast, and they work more reliably. And I guess that is the ultimate lesson: You get what you pay for.

Still, I wish data backup for the masses was easier and more reliable. And if you haven't done a test restore in awhile, make time for it in your business schedule. It can head off a lot of pain later on.

"Recommended For You"

How to manually back up using Windows 7 Backup and Restore How resilient is your cloud service provider?