"Data that isn't backed up is data you don't care about." In a world of ransomware and hardware failures, reliance on manual or sporadic backups is negligence. A robust backup strategy is automated, verifiable, and redundant.
The 3-2-1 Rule
This is the golden standard of data protection:
- 3 copies of your data (1 production, 2 backups).
- 2 different storage media (e.g., local disk and cloud storage).
- 1 copy located offsite (physically separate from the server).
Incremental vs. Snapshots
copying everything every night (Full Backup) is too slow for large servers.
- Incremental Backups: Save only what changed since the last backup. Efficient but restoration requires piecing together the chain.
- Snapshots: Filesystem-level "pictures" (like ZFS/LVM snapshots). They are instant and take zero space initially. They are excellent for quick rollbacks before updates but are NOT true backups until replicated to another device.
Testing Restores
A backup is only a potential restore. Until you have successfully restored data from it, you have Schrödinger's Backup—it might exist, or it might be a corrupted empty file. Automate "Test Restores." Scripts should periodically spin up a temporary VM, restore the backup, verify the database boots and contains data, and then report success/failure.
RPO and RTO
Define your business limits:
- RPO (Recovery Point Objective): How much data can you lose? (e.g., "Max 4 hours"). This dictates backup frequency.
- RTO (Recovery Time Objective): How long can you be offline? (e.g., "Max 2 hours"). This dictates your restoration method (fast disk clones vs. slow cloud downloads).
Align your technical strategy with these business requirements.