Back to Documentation

Best Practices

Production-ready patterns and recommendations for enterprise PostgreSQL backup management.

Backup Strategy

Recommended Backup Schedule

Backup TypeFrequencyRetentionPurpose
FullWeekly (Sunday 2 AM)4 weeksBaseline for all restores
DifferentialDaily (2 AM)7 daysDaily recovery points
IncrementalEvery 4 hours48 hoursMinimal data loss
WAL ArchiveContinuous7 daysPoint-in-time recovery

Retention Policy Guidelines

  • Production: 30 days minimum, 90 days recommended
  • Staging: 14 days
  • Development: 7 days
  • Compliance: Follow regulatory requirements (often 7 years)

Performance Optimization

Backup Window Planning

Schedule backups during low-traffic periods:

  • Analyze database load patterns
  • Avoid peak business hours
  • Consider timezone differences for global operations
  • Stagger backups across multiple servers

Resource Allocation

# Recommended settings for large databases (>1TB)
process-max=8
compress-type=lz4
compress-level=1
buffer-size=16MB

Network Optimization

  • Use dedicated backup network when possible
  • Enable compression for remote backups
  • Consider bandwidth throttling during business hours
  • Use local staging for cloud uploads

Security

Encryption Standards

  • At rest: AES-256-CBC minimum
  • In transit: TLS 1.3 for all connections
  • Key management: Use HSM or cloud KMS for production

Access Control

# Principle of least privilege
backup_user:
  - Can read database
  - Can write to backup location
  - Cannot modify production data
  - Cannot access other databases

Audit Requirements

Log and monitor:

  • All backup operations (success and failure)
  • Restore operations
  • Configuration changes
  • Access to backup files
  • Encryption key usage

Disaster Recovery

RTO and RPO Targets

TierRTORPOStrategy
Critical< 1 hour< 5 minutesHot standby + PITR
Important< 4 hours< 1 hourWarm standby + frequent backups
Standard< 24 hours< 24 hoursDaily backups

DR Testing Schedule

  • Monthly: Verify backup integrity
  • Quarterly: Full restore drill
  • Annually: Complete DR failover test
  • After changes: Test any infrastructure modifications

Monitoring

Critical Alerts

Configure immediate alerts for:

  • Backup failure (any type)
  • No successful backup in 24 hours
  • Storage capacity > 80%
  • Backup duration increase > 50%
  • Replication lag > 5 minutes

Dashboard Metrics

Monitor these KPIs:

  • Success rate: 7-day rolling average
  • Backup size trend: Predict storage needs
  • Duration trend: Identify performance degradation
  • Recovery time: Track restore performance

Compliance

GDPR Requirements

  • Implement data retention policies
  • Support right to erasure (backup deletion)
  • Encrypt personal data in backups
  • Document data processing activities
  • Maintain audit logs for 3 years

SOC 2 Controls

  • Encrypt backups at rest and in transit
  • Implement role-based access control
  • Enable comprehensive audit logging
  • Test disaster recovery procedures
  • Document backup policies and procedures

HIPAA Compliance

  • Encrypt all PHI in backups (AES-256)
  • Implement access controls and audit logs
  • Sign Business Associate Agreements
  • Conduct regular risk assessments
  • Maintain backup integrity verification

Cost Optimization

Storage Tiering

  • Hot storage: Last 7 days (fast access)
  • Warm storage: 8-30 days (moderate cost)
  • Cold storage: 31+ days (lowest cost)
  • Archive: Compliance retention (cheapest)

Compression Strategy

# Balance speed vs. size
Recent backups: lz4 (fast restore)
Older backups: zst (better compression)
Archive: zst level 9 (maximum compression)

Operational Excellence

Documentation Requirements

  • Backup architecture diagram
  • Restore procedures (step-by-step)
  • Escalation contacts
  • Configuration management
  • Change log

Team Training

  • Quarterly restore drills for all team members
  • Document lessons learned from incidents
  • Cross-train team members on backup operations
  • Maintain runbooks for common scenarios

Golden Rule

A backup is only as good as your last successful restore. Test your backups regularly and document the process. When disaster strikes, you'll be glad you did.

Ready to protect your PostgreSQL data?

Start Free Trial