Backup is one of the most important practices for any business and should be approached with care and attention to detail. Your choice of retention and scheduling scenarios should be based on your business needs.
In this article we’ll talk about essential retention considerations and assets which will help you set up your backups properly.
What Is a Retention Policy?
A data retention policy is an organization's established protocol for keeping information for operational or regulatory compliance needs. In MSP360 Backup, the Retention Policy feature allows you to automatically create and delete copies of your files. We call each copy of a single file a version. You can create several versions of a file during its lifespan according to your security settings. We track each version of every file that was created and give you full control over it. All user files are accompanied by a list of their previous versions in the backup system. All options of the Retention Policy feature are available in the backup plan settings. Refer to the following article for more details:
Further reading Backup Retention Policies and Versioning in MSP360 Backup
Data Backup Retention and Lifecycle Checklist
When you are creating a data retention policy, follow the steps below with the baseline retention and lifecycle recommendations.
1. Differentiate data by type. Typically, backup and retention settings are different for operating system files, databases and user documents. These settings should be based on internal RTO/RPO considerations, disaster recovery or business continuity plans or common sense. How granular should your restore timing be? Should you have the availability of monthly, weekly, daily or even hourly restore points? Check out the following article with sample retention settings for work and personal files:
Further reading Retention Settings for File Backups
2. Differentiate data by its lifecycle. Sometimes, you need to store data for weeks and be able to access it as soon as possible when required; some other data should be stored for years and then safely deleted. For quick access, you can store frequently required backups locally. You can keep long-term archives in the cloud (using special archive storage tiers). With MSP360 Backup, you can configure an individual retention policy for each storage of a Hybrid Backup plan.
3. Create backup plans per the previously defined datasets.
4. For these plans, define the retention settings, including:
- Number of versions to store. A version is a full copy of a file that is different from its previous state and is kept in storage.
- Lifecycle policy for each dataset. For example, if you are storing data for compliance purposes, in many cases you are expected to store it for quite a while. You can define data that will only be needed for compliance purposes. Then, you can create a dedicated backup plan for it, so it will be kept for the required time in the archival storage. Retention policy settings can vary based on the backup storage type or class. For quick access, you can store frequently required backups locally, and you can keep long-term archives in the cloud (using special archive storage tiers).
- Deletion of unneeded files. The Purge setting will automatically delete old files, unneeded versions or files that are deleted locally. This setting is typically flexible and quite powerful. Once you delete the file, it can’t be undeleted. Thus, we usually recommend you always keep the last version, no matter which purge settings are chosen. Just in case.
5. Review your backup plans and retention settings.
6. Run the backups.
Further in the article we provide some expert tips from our Solution Architecture team.
Data Backup Retention and Scheduling Best Practices
1. Industry-level regulations, such as FISMA, HIPAA, PCI, SOX and GLBA, have different retention period requirements for different types of data. For example, SOX compliance requires that receivable or payable ledgers and tax returns must be kept for seven years, while customer invoices must be retained for five years. Check these regulations and make sure you comply before you start business operations.
2. Retention and scheduling policy should be set according to your restore scenarios. E.g., if there is a dataset that will be required a year after it was deleted, your settings should reflect it and you must be sure this data is stored properly. MSP360 Backup not only allows you to delete versions older than a certain number of days you specify, but also delay the purging of the old versions from the backup storage. For example, if you set the retention period to 1 day and the Delay purge to 90 days, then the version is marked eligible for purging after one day but is held for an additional 90 days and then purged. Refer to the following article for more details:
Further reading Delay Purge – What Is It and Should I Use It?
3. We recommend keeping your backup chain in incremental backups within the reasonable size of 14 increments; thus, it is best to schedule a full backup once in a while.
4. You should also take into account that backup jobs running on production systems can impact the connectivity and performance of these systems. Data uploads may eat up your bandwidth and increase I/O load on the system. Thus, try scheduling weekly backups to run during non-business hours or on weekends. As for daily backups, we recommend using bandwidth throttling to optimize the network load. The bandwidth throttle feature in MSP360 Backup allows you to set up a specific schedule for limiting the bandwidth. To learn more, refer to our help documentation.
Our customers typically ask us: "How do I set my retention policy?” The usual answer is – “it depends.” On many factors. There is no ideal “one policy to rule them all.” If you need help with optimal retention settings for your scenario – check out our official community for help. Our solution architects, support team members and other fellow -backup experts will be happy to help you.