kmcferrin makes some excellent points.
I work in a situation where we have to be both HIPAA and DOC (Department of Corrections) compliant.
RAID will keep your system up in the event of a hard drive failure (if properly implemented; striping and hot-swappable)... note I said "A" hard drive failure. If you lose two at the same time, you're in a world of hurt (referring to Raid 5)
However, every company should have a disaster recovery management (DRM) plan.
Here's how ours works.
I currently have 14 servers in my server room; we migrated to about 90% thin clients about a year ago. So no user files are stored on local machines; they're stored on servers.
Servers all have redundancy; RAID 5, redundant power supplies, UPS capable of keeping all servers running, and tied in with UPS management software so that when the batteries reach a critical drain point, the servers to a graceful shutdown, instead of just losing power.
We have a Dell PowerVault DLT-4 tape library, 8 slot. The 8th slot is loaded with a cleaning tape. We have 4 sets of 7 tapes in each set. We run a full backup every night (not incremental... complete). Each Tuesday morning, the tapes are rotated; the oldest tapes taken from a fire-proof filecabinet and inserted; the tapes that were just removed from the library go to a bank where they are put in a safe deposit box.
GHOST images of all the servers are done every 6 months, written to DVD-R's, and put in the bank vault.
Every month, an additional "monthly backup" is run; a complete backup of all servers on a separate blank tape, which is labeled and taken home with me. When I take a new monthly home, I bring the old monthly back, which is put in the fire-proof cabinet. This way, the most recent daily backups are in a safe-deposit box offsite, and the most recent monthly backup is stored offsite at my residence.
At the completion of every tape backup, the software fires off an e-mail to me telling me if the backup was a success.
Tape overwrite on daily backups is set to 3 weeks, since we're on a monthly rotation.
Critical systems, such as our intranet web server information is backed up on CD, so that it can quickly be deployed onto another server if necessary.
Users understand that if they *do* have a PC or laptop, that there are no backups done of their system. If they feel something is valuable, it is to go on their user share.
We have images for every type of computer on a dedicated GHOST server. Those images are also at our corporate office 1200 miles away.
In the event of hardware failure, we have a 4-hour contract with the manufacturers. I had a new SCSI drive for one of our RAID arrays in my hands in 4 hours 10 minutes, which isn't bad considering how far out in the boonies we really are.
RAID is not a backup. It's a redundancy. Ask yourself this question, when thinking about your DRM Plan... if your server room flooded from a busted sprinkler head, or caught fire, how long would it take you to get up and operational again? Could you be limping along with data restored by the next day? Same day? Within 7 days? And how much of an impact would that have on your business? Would your business even survive the amount of downtime?
Just my 2¢
"In order to start solving a problem, one must first identify its owner." --Me
--Greg
![[wink]](/data/assets/smilies/wink.gif "[wink] [wink]")
