Information Technology Navigator

Tips, Advice & Insights from Technology Pros

Secure Cloud Backup – Part 3: Ensuring Integrity

Posted by Blog Administrator

Thu, Aug 15, 2013

By Matthew Brady, Daymark Consultant

How do you know the data you backed up is the data that can be restored?  That question is at the heart of integrity as it relates to secure cloud backup.

Ensuring integrity can be a tough task.  It definitely requires a leap of faith as you put your data into the cloud.  The way to transform that leap of faith into a sense of assurance is through logging, restore validations, and continuous corruption detection and repair processes.

Detailed Logging

Secure cloud backup provides an in depth set of logs that illustrate exactly what was done during a backup or restore session including which files were backed up or restored.  Those logs are readily available from the customer side. 

Detailed activity and event logs provide insight as to what tasks were completed in order to perform a backup.  Think of your activity and event logs as a map.  The more detailed the map is, the more information you can glean from it.  Presenting detours or traffic bottlenecks increases the intrinsic value of the map.  A good map also includes easy-to-decipher symbols and legends. Secure cloud backup logs should be the same way.  They paint a clear picture of the backup.

A backup that runs, but runs with catastrophic errors, has no worth.  The logs have to tell you if the backup failed.  Secure cloud backup provides clear logging with informational, warning, and error messages to identify where the path was smooth or where the bumps may have occurred.  Additionally, secure cloud backup provides other useful information such as how long a backup took, how much data was transmitted, and the level of compression that took place.  Inside the individual activity entries, secure cloud backup will identify all the events along the way.  Secure cloud backup removes the possibility of a null backup finishing with catastrophic errors without you knowing why or how it happened.

Detailed activity and event logs are just part of it.  You also need answers to some of the most common backup questions:

“What files were backed up last night?” 

“The backup ran longer than normal.  We also transmitted 6GB more than normal.  What files were backed up that caused this?”

These types of questions can only be answered by having granular logs on the file level. Granular file-level logs present detailed information about the files backed up in a useful manner.  They allow you to identify what the big files were or if a particular file was backed up.

Once you have good logs, that data must be accessible.  Secure cloud backup has the capability of exporting the logs so they can be sorted and manipulated.

Restore Validations

A restore validation allows you, the customer, to initiate a process to basically unpack a backup set for examination to determine if the data is restorable.  Secure cloud backup provides a way to perform this validation on both an on-demand basis and a scheduled basis.  The process is initiated in a secure fashion from the customer location, and then it runs on the provider’s system.  Finally, logs will be produced that can be examined to determine the validity of the backup set.  That means you can see how restorable your data is without having to do a restore.

Continuous Corruption Detection and Repair Process

This final component of ensuring integrity is one that you, as a customer, should never see, but should know it exists.  When data is backed up to the provider’s system, that data is stored on storage and then entered into a database.  When that relationship between the database and the stored data is as it should be, the data is healthy.  Simply put, there is no corruption.  If the database link or the data itself becomes something different than what it should be, you have a situation where data is potentially not restorable.

Secure cloud backup offers a way to make sure this relationship is reliable  Additionally, it has a mechanism to correct an issue if there is a problem.  That means that there is a continuous process of examining the database and the data on the storage to make sure that all aspects are healthy.  And what if it is not healthy?  The system has a process to repair the stored data or recover it from the customer site if it cannot be repaired.  This process of healing the data takes place behind the scenes and does not interfere with backups or restores.

Now be careful when you start thinking about an automated process to heal data.  Remember, garbage in = garbage out.  If you back up corrupted files, you restore corrupted files.  This healing process is meant to heal data that was backed up free of corruption, but became corrupted while being moved and stored with the provider. 

Some questions worth asking about healings

So, we have established that secure cloud backup will have self-healing capabilities.  But be careful here.  Not all providers are created equal.  How healing processes take place and how often the complete will depend on the hardware and configuration of the cloud backup platform.  Here some easy questions to ask when looking at a secure cloud backup solution:

  1. How often do healing processes run on any set you store?
  2. There should be an SLA stating healings are performed.  Where can I find that SLA?
  3. How do you monitor to make sure that all my data has had a healing process completed on it on a regular basis?


Integrity of secure cloud backup has three areas to address.  First, backup activities need to be logged so that you can see what is happening during the backup sessions.  You should be able to see what files are being backed up, when they were backed up, and how big they were when they were backed up.  Second, you should be able to validate backed up data without doing a full-blown restore.  Finally, integrity is maintained with system processes that look for and fix any database or storage inconsistencies. 

Ensuring integrity does not need to be scary.  You should have tools to do some integrity checks on your own.  Then you should have a contract that states how your service provider is working to make sure your data is restorable.  Your leap of faith can be transformed into just taking the next step.

Think about it this way.  Backup is easy.  Recovery truly is everything. 

Thus far, we have looked at the confidentiality and integrity aspects of secure cloud backup.  The next blog will explore the final component:  availability.

Next blog:  What features are needed to meet availability requirements?