Achieving Continuous Data Protection with a Recycle Bin for File Servers
Protecting data is a fundamental responsibility for IT operations support staff. This task is not easy. Hardware fails and data is lost or corrupted. Security breaches can result in tampering and data leaks. Employees can accidentally delete files. This guide discusses how to improve the ways you protect data, particularly for end users who access and inadvertently delete or overwrite files on network shared drives. This guide introduces the concept of a file server recycle bin to enable continuous data protection and self-service recovery, freeing IT from help desk calls to restore lost files.
This guide is organized into three articles, each covering an essential element of continuous data protection:
- Automating self-service file recovery options on file servers
- Resolving the network limits of the Windows Recycle Bin
- Implementing continuous end user data protection on file server
Article 1: Streamlining File Recovery Operations while Reducing IT Workload
Increasing Demands on IT Operations Staff
It is hard to imagine an IT support group with too much time on their hands. The combination of changing business demands and the continuing need to monitor and maintain existing infrastructure can generate demands on IT staff faster than they can be addressed. This problem is not new.
Users have always needed support. Market conditions and business operations are constantly changing, so C-level executives are mapping out new strategies that often entail an IT component. IT support professionals and systems administrators have done their part to streamline these operations. The days when IT support staff were routinely interrupted with phone calls asking for support have given way, at least in some organizations, to help desk support systems that allow users to submit their own support requests. Rather than wait for an adverse event, such as running out of disk space or having an application attacked, systems administrators automate system health checks and run vulnerability scans to spot potential problems before they disrupt operations. Both the shift to help desk support systems and the use of automation have helped improve the efficiency of IT operations, but still more can be done. Two ways at our disposal to reduce IT workload are implementing self-service procedures and reducing dependencies on time-consuming procedures.
Streamlining with Self-Service
The use of self-service in IT support is well established. Users can reset their own passwords in many applications. The Web has become a primary resource for answering “how to” questions with common desktop applications. Users who are familiar with the Windows Recycle Bin can recover some of their own deleted files (but not all deleted files, as we will discuss in detail in the next article). You can extend the reach of self-service to include more extensive file recovery. The ability to self-recover files is particularly important for two reasons: This task is common and the recovery process is time-consuming and often requires the help of IT support staff.
Streamlining by Reducing Dependencies on Time-Consuming Tasks
By reducing dependencies on time-consuming tasks, you leave IT support staff with more time for other operations. To be sure, recovering lost files is important and can be well worth the time invested. Imagine if the final version of a sales proposal is accidentally deleted a short time before it is to be delivered to a client. The value of potentially lost business could easily exceed the time invested by IT support staff to recover that file from backup—assuming the latest version existed when the last backup was run. Not all file recovery operations will be as valuable as the lost proposal scenario, but lost files are important to the employees that lose them. Figure 1. The Windows Recycle Bin is a first-line recovery mechanism for accidentally deleted files. Unfortunately, not all deleted files go to the Recycle Bin.
When files cannot be recovered from a user’s Recycle Bin, file owners turn to IT support staff to recover the file from backups. This process can be time-consuming for all involved because the steps can include:
- The employee contacting the help desk to ask for a file to be restored
- The help desk personnel collecting enough information to precisely identify the file and version of the file to restore
The help desk personnel needing to ensure that the person requesting the restored file actually has permission to access the file - The help desk personnel finding time to perform the restoration operation
- The help desk determining from what backup source to recover the file(s)
- The employee having to verify the correct version of the file was actually restored
The actual sequence of events may be even more complicated. For example, if a number of files were accidentally deleted, then they may need to be restored from multiple incremental backups. The latest file may be restored before the user realizes the latest version of the file was not backed up and the user still has several hours of work ahead of him to reproduce his lost work. To avoid delays in restoring files, to mitigate the risk of lost work, and to reduce the workload on IT support staff, you can turn to self-service tools for file recovery.
File Recovery Can Be a Self-Service Operation
Many users are accustomed to checking the Recycle Bin for accidentally deleted files. What many of them may not know is that the Recycle Bin does not always capture deleted files. For example, the Recycle Bin does not capture files deleted from file servers or network drives. Those files are not available for recovery from the Recycle Bin, so IT intervention is required.
Also, previous versions of Microsoft Office files are not copied to the Recycle Bin and therefore cannot be self-recovered from the Recycle Bin. It is possible for these previous versions of a file to be captured in a backup or snapshot operation, if the file was present at the time the operation took place, in which case a systems administrator could help restore the file.
Undelete software fills the gaps in the Windows Recycle Bin functionality. Undelete allows system administrators or the users they support to recover files from a repository of saved versions of documents. Undelete operates like the Recycle Bin in the sense that it preserves a copy of a deleted file and enables recovery, but unlike the Recycle Bin, it provides this capture functionality more broadly.
As with any self-service IT support tool, you have to consider the need for security. Undelete enhances file recovery services and supports access controls comparable to those in place on the file system. For example, if a manager deleted a file named Salary_Projections.xlsx from a network share, it is captured by Undelete and stored in the deleted file repository. Only the manager, or others who have been granted access to the file at the OS level, would be able to recover that file. A curious employee from the manager’s department who does not have access to the document on the network share would not have access to it in the deleted document repository.
Undelete is optimal in that it supports two modes of recovery: systems administrator-based recovery and self-service recovery. Administrator-based recovery is appropriate when dealing with sensitive information or organization policies that require a systems administrator to perform recovery operations. Self-service recovery is appropriate when the recovery system maintains Windows File Security. Self-service recovery can help streamline IT operations and reduce the
workload on IT staff.
Article 1 Summary
File recovery can be time-consuming for IT support staff and frustratingly slow for users. The Windows Recycle Bin is useful for recovering many, but not all, accidentally deleted files. Condusiv’s Undelete is the ideal tool to provide a broader range of features and abilities to capture deleted files from network shares, as well as previous versions of files. When access controls within the file recovery application mirror the access controls of the underlying Windows OS, systems administrators can enable self-service recovery while still protecting the confidentiality and integrity of users’ files.
Articles 2 and 3 are included in the full white paper. Please access the PDF above.