Forum Discussion

DarrenMK's avatar
10 years ago

Delete files / folders from tape backups

Hi,

We have 100+ clients and we backup their data as part of the business D2D2T backup on a weekly / monthly basis.  Due to data protection a large number of our clients have a caveat in the contract that states that we have to delete all Personal / Sensitive data that we hold pertaining to their customers.

Is it possible to delete data (files and folders) from existing tape backups in situ or is the only way to restore that data, delete it and then back it up again with the data removed?  The restore / backup again process is very long winded and invalidates the backup as it is nolonger a true reflection of the system at that time.

Is there another approach that could be taken i.e. rules created to prevent certain data from being restored?

We currently have data stored on DAT, LTO, LTO2 and LTO5 backed up via Backup exec 11, 11d, 12, 2010 and 2012.

Our current system is BE 2012 on Windows 2008R2 to external LTO5

It hasn't happened yet however any advice on how to deal with this situation would be appreciated as it will happen.

Thanks

  • You will have to find ways to ensure that each client uses there own set of tapes, because tapes are serial access devices you cannot erase or overwrite  only part of a tape. Erase or overwrite operations are against a whole tape. Probably easiest way to set this up if you only have one media server and library is use slot partitioning to define ranges of tape slots in the library for each customer and the use individual jobs that go to the correct partitions

    In theory, the disk backups can be individually deleted however as I noticed you have some old BE versions in your list, and we allowed an append to disk media in those versions, there is a small caveat covering where you may have appended customer A's data into the end of customer B's backup files because at the time the jobs were appending (Newer versions of Backup Exec do not allow this, and with older versions we did recommend starting disk based jobs as overwrite which woudl avoid it) Hopefully, however, your environment was setup with separate backup to disk locations per customer which would also avoid this issue against disk.

     

    For existing data you will need to duplicate the data of all the customers that you need to still keep their backup sets before erasing the tapes (this is if you have a customer insisting you delete their data from shared tape.) Basically this will be a very time consuming process and you will have a lot of work to do to make sure retained customers can still restore their older data and to prove to a leaving customer that you no longer hold any of their data if the environment was not setup to ensure the separation of the data when you backed it up.

     

     

  • You will have to find ways to ensure that each client uses there own set of tapes, because tapes are serial access devices you cannot erase or overwrite  only part of a tape. Erase or overwrite operations are against a whole tape. Probably easiest way to set this up if you only have one media server and library is use slot partitioning to define ranges of tape slots in the library for each customer and the use individual jobs that go to the correct partitions

    In theory, the disk backups can be individually deleted however as I noticed you have some old BE versions in your list, and we allowed an append to disk media in those versions, there is a small caveat covering where you may have appended customer A's data into the end of customer B's backup files because at the time the jobs were appending (Newer versions of Backup Exec do not allow this, and with older versions we did recommend starting disk based jobs as overwrite which woudl avoid it) Hopefully, however, your environment was setup with separate backup to disk locations per customer which would also avoid this issue against disk.

     

    For existing data you will need to duplicate the data of all the customers that you need to still keep their backup sets before erasing the tapes (this is if you have a customer insisting you delete their data from shared tape.) Basically this will be a very time consuming process and you will have a lot of work to do to make sure retained customers can still restore their older data and to prove to a leaving customer that you no longer hold any of their data if the environment was not setup to ensure the separation of the data when you backed it up.

     

     

  • IMO, ideally, that data could be clearly identified prior to backup, and backup jobs created to back that data up seperately from other content.  BackupExec isn't particularly aggressive in the removal of old data, but if you can ensure that the pertinent data is in it's own media sets

    If, on the other hand, that data isnt supposed to leave their organization in the first place, then you need a new contract, and they need DLP.