Work Management Standards › Backup and Recovery

Backup and Recovery

Note: For more information on the available facilities, refer to the IBM i (AS/400) CL Programmers Guide.

All approaches to securing data represent a compromise. The perfectly secure system would spend all of its time backing up, and no time doing anything. The final decision as to how much data a system can afford to lose is a question of judgment and cost effectiveness.

In discussing backup and recovery, it is useful to distinguish between two different types of computer failure:

• Catastrophic failure (for example fire or a disk head crash), where the online storage medium is likely to be physically damaged. Catastrophic failure is likely to be rare, and to involve a considerable delay while new hardware is obtained. The main concern for recovery is avoiding excessive loss of data. Recovery from catastrophic failure will invariably involve restoring from offline copies. It is essential to keep off site copies of software to guard against catastrophic failure.
• Non-catastrophic failure (for example a power cut or a program crash), where the hardware is undamaged, but data may be lost or unsynchronized. Partial failure may be fairly frequent. Recovery is concerned with minimizing data loss and with providing a means of rapidly resuming processing at a safe point with the minimum of expert intervention. Recovery will not usually require restoring from offline copies.

Different recovery strategies are appropriate to each type of failure:

In planning for the above, you should take into account both the relative probabilities and the cost of failure ("Risk = Probability x Cost of failure"), and choose a cost-effective plan. This means understanding what is the largest acceptable unit of loss: is it one day, one hour, or one transaction?

The speed of recovery required will also be relevant—for a really speedy recovery you should journal access paths as well as data.