FAQ - Technical

I'm having a problem with my service, where do I get help?

Online - our preferred method

Phone - 503.329.2959 or 888.857.3954

Local - Use the contact number for your Account Exec 

What is being backed up on my system? What about the OS and installed software?

The data to be backed up on your system will initially be decided when our technician comes to your site to setup your computer. What you looked at with the sales rep is probably a pretty good starting point, but a 2nd pair of eyes making sure nothing was missed is always good. So what types of data is typically backed up?

• Financial Data such as your Quickbooks files.
• Customer/Patient information such as practice management software.
• Contact Information such as your Outlook contact file.
• Business Practices documentation such as safety rules, employee policies, etc.
  
• User home directories.
• Business planning information such as a business plan, marketing plans, budget info, etc.
• Critical files shares.
• Enterprise Resource Planning and Customer Relationship Management systems. (processes, inventory, resources, etc)
• Email

Why do we not typically backup the operating system or software you have installed on your computer? Basically because of cost. For example, if you have Microsoft Office on your computer and want us to backup the application itself, it's somewhere around 2 Gig worth of data....or $25/month cost to you for something you should probably just re-install in the first place. Same thing with the operating system itself. (especially since with this type of backup, you don't really have an image you can install on to a new computer for what is called a full system "bare metal restore") SO....if a customer demands to have their applications or even the OS backed up, we will do so, but it is rarely recommended.

The question to ask yourself is: What do I need in order to function as a business on Monday, if my office went up in flames on Saturday?

Typically there are things in your business besides your data which you are concerned about also and this is something to consider when putting together a "Disaster Recovery Plan". We are offering a simple solution to at least the "data" part of the problem though and for a lot of businesses, that is a very critical piece.

What is an "Incremental Backup" vs a "Differential Backup"?

Typically an "Incremental Backup" refers to only backing up the files which have changed since the last backup occurred. If you have 10 word documents which were backed up yesterday and then you edited 3 of them today, the 3 edited files would be all that's backed up today. It's a nice way to save transfer bandwidth and disk space vs backing up all 10 files every day.

So what's a "Differential Backup"? This is getting a little deeper into what an Incremental does. It is a transfer of ONLY the data blocks within a file which have been updated. Following our previous example, only the 1 line of text you actually changed in each file would get sent over the network. This primarily provides you with savings in bandwidth, not disk space. There are 2 different ways this kind of backup is stored on the server end. 1) just the bits are stored and the rest of the file is still used from the previous backup. 2) A new copy of the file is reconstructed on the server, so you now have 2 copies of it, just different versions. The 2nd method is what we use. The first is extremely expensive to implement and considering how cheap disk space has become, in our opinion, not worth the cost at this point in time.

SO...how exactly does PDXVault do it? We take a "Differential Backup" and then reconstruct the changed files to create your daily "Incremental Backup" or "Full Backup". Think of it as "Incremental on steroids". This provides us with huge bandwidth savings and makes it possible to do backups like this on smaller Internet connections for both you the customer and us the service provider.

To give an example of how it works. Your very first backup does not have anything to be compared to, so we actually have to copy every bit of data. If you have 3 Gig of data, this could take 5 or more hours, depending on the upload speed of your Internet connection. The next time you run a backup (full or incremental) it will usually not take more then 30 minutes or so. Why? ONLY THE CHANGED BITS ARE COPIED. SO...you could run a full every day and the only thing it would change is the amount of disk space you use on our end. (which is what we base our costs on) 

How are the backups actually being done, at a technical level?

We use a mix of Open Source and proprietary tools to transfer and store your data. First we connect your computer to our SSL VPN which is controlled by a CentOS Linux server. Over this VPN, we can backup your data with a couple of different methods, but Rsync over ssh (through the VPN tunnel, double encryption) is the preferred protocol. Samba is an option for Windows hosts, though much more bandwidth intensive, so rarely used. PKI encryption techniques are used for on disk encryption.  Last but not least, a monitoring sytem watches the network and notifies us of any problems.

All of that mean absolutely nothing to you? Well, all the products we use are either internally developed/supported by our team or are extremely stable Open Source projects. Nothing we use is in danger of being obsoleted, though if it were, the modular design of our system would make it extremely simple for us to convert to other products.

What kind of security is being used? How do I know my data is safe?

We take security seriously. Maybe too seriously. If it were our data we were talking about (note: we backup our critical data in the same manner we backup yours, so it IS our data) we would rather error on the side of caution. So what does that mean?

Our security is like a nice raw onion. (talk about an over-used cliche!) Layer upon layer. What are the layers you ask?

1. The first layer is an SSL based Virtual Private Network (VPN) which wraps around all of the other layers. Every single bit of communication for our backup system takes place INSIDE this VPN. There is no way for someone to access any of your data, without first being inside this layer. How might someone do that? About the only way is if they physically steal or gain control of a computer already configured for this VPN.
2. The 2nd layer of protection is provided by a firewall on the VPN. This firewall limits any machine connecting to it to only see our backup host, with few exceptions. Those exceptions are our administrative boxes. (tightly controlled) This protects you in the event of some other client losing control of their connected computer. In the event of a computer being "lost", it's a matter of flipping a switch once the client notifies us, to make sure that computer can NOT get on the network any longer.
   
3. The 3rd layer of protection is an SSH based data transfer method. Basically, an encrypted tunnel is created within the encrypted VPN tunnel so that in the event of somebody getting control of a computer on the VPN, the traffic they see is still encrypted. There is a slight performance (CPU) cost to doing things this way, but it's negligible in the overall scheme of things and the added security is well worth it.
   
4. For those of you still concerned about the sensitivity of your data, we offer a PGP based file encryption module which basically scrambles your data on the physical disk where it is written down. YOU will be the only person with the "key" to unlock this encryption. This is the same stuff the "spooks" in the government use. Most people will not need this for what is being backed up, but what does it protect against? Well, it makes it so that in the unlikely event someone actually gets a hold of your data, it's worthless to them.  This is probably not necessary for everything that you backup, but it definitely makes sense for certain data.  Financial data.  Patient data.  Customer contact information.  Anything that fits the description of "confidential".  NOTE:  This WILL increase the size of your backups, due to the nature of how file encryption works.
5. The way you access your data for reports, restores, and even editing what is getting backed up is done through an SSL based web interface OVER the VPN. You cannot access this service from any computer on the Internet. The computer MUST be configured onto our VPN. Period. There are no exceptions to this rule. Again, it's our way of making sure the environment is as controlled as possible.
   
6. AND....last, but not least, once you are able to access the web server to start looking at your data you will have a username/password for logging in. You will only be allowed to see your host and data for your host. (Reports, etc)

Is there a limit to how much data I can backup?

Yes and no.  With the standard remote backup implementation we are currently rolling out to customers, there is a soft-limit of about 40G for a single backup.  We actually take a pretty close look at any individual backup which goes over 20G in size to make sure the customer REALLY needs all that data backed up.  What does 'soft-liimit' mean?  It's not a real limitation.  We have experienced nothing to make us think backups larger then 40G will have problems, but we have also not tested beyond that size.

Are there any 'gotchas' with the system?

• 4G individual file size limit
• soft-limit of 40G for a single backup
• No 'open-file' backups (primarily effects Windows systems)
• Expected solution in early Q207

Why does the first backup take so long?

The amount of time for a true 'full' backup (every bit of data has to be copied across the Internet) depends on quite a few factors with the biggest and most obvious being the speed of the Internet connection at both ends of the copy.  One end belongs to PDXVault, one end to the customer.  Typically, these connections are going to be a DSL or Cable Modem connection.  That being said, you can probably expect something along the lines of 1-4 hours per Gig of data.  As you can see...this really adds up.