Who deleted my backup data?
An employee calls the IT department and asks for a copy of a document which was deleted from the production server by mistake. The IT department searches for the file in the backup, but it turns out that the backup file-space containing the file has been deleted from backup. Who deleted the file-space and why? Who approved the deletion? When was it deleted and how?
In another scenario a customer calls his public managed service provider (MSP) and needs to recover a folder which was deleted from their production server by mistake 7 months ago. In the MSP support team they can inform the customer that backup data from the said server was deleted 4 months ago where a backup was reconfigured. The customer wants to know why this data has been deleted and who gave the order to delete the data. Did the request for deletion of the file-space come from an employee at the customer? Who is the employee? Was this employee authorized to give such instruction? The customer now states that the data should never have been deleted!
In both scenarios it is crucial for the backup department to be able to prove what happened. The responsibility of deleting old backups or data archives is often given to the backup administrator who carries out deletions when users (and customers) ask for it. The deletion process may very well be undocumented.
It can have severe consequences if customer and production data is deleted by mistake without documentation. Processes needs to be in place to minimize the risk of making mistakes and to document the whole deletion process.
The Cloutility solution from Auwau is about to address this issue.
In the coming January 2018 Cloutility software release it is possible to set up a deletion workflow which pretty much looks like this:
1 or more employees at a specific business unit (department/server group/customer/etc.) gets a “Request deletion” privilege - and now this employee can request deletion of one or more file-spaces, a backup node and virtual machines. When requesting a deletion the employee will select a date for the deletion and may not be able to select a date until after a grace period of time.
1 or more employees possibly at multiple business units (could be employees on the same business unit, on re-seller level above the customer, on the top level service provider business unit or IT headquarter business unit, etc.) gets “approve” privileges and will now be notified to approve the requested deletion.
Once all “approvers” has approved the deletion, the data to be deleted are placed on a list with information on the process (what data, who requested, who approved, when will it be deleted).
When time for deletion is up the data can be deleted manually or automatically (this is a setting) and data can be deleted from backup immediately or deleted with decommission to comply with the SLA for the said data.
All information regarding the deletion workflow is contained in Cloutility for future evidence of the deletion process.
Cristie CloudPortal - based on Cloutility
Cloutility is provided to Service Providers and Enterprises as part of Cristie Backup Solution. With Cloutility you will ease your total backup administration and make a single IBM Spectrum Protect environment multitenant to several departments, server groups, branch offices, customers, resellers etc.
We welcome you to book a 1,5h personal Cloutility demonstration in Stockholm, Sweden between 30 January – 1 February.
Please feel welcome to register your interest!
Cristie Nordic - team and Thomas Bak