Cloud backup, also known as online backup, is a strategy for backing up data that involves sending a copy of the data over a proprietary or public network to an off-site server. The server is usually hosted by a third-party service provider, which charges the backup customer a fee based on capacity, bandwidth or number of users. In the enterprise, the off-site server might be owned by the company, but the chargeback method would be similar.
Implementing cloud data backup can help bolster an organization's data protection strategy without increasing the workload on information technology staff.
How cloud backup works
The backup process copies data and stores it on different media or another storage system for easy access in the event of a recovery situation. Cloud backup serves this purpose for many organizations.
Options for cloud backup services include:
- Backing up directly to the public cloud. This method entails writing data directly to cloud infrastructure providers, such as Amazon Web Services (AWS) and Microsoft Azure.
- Backing up to a service provider. An organization writes data to a cloud service provider with backup services in a managed data center.
- Cloud-to-cloud backup. For data that lives in the cloud in software as a service (SaaS) applications, this practice copies that data to another cloud.
When an organization begins to use cloud backup services, the initial backup can sometimes take days to finish uploading over a network due to the volume of data to be transferred. A technique called cloud seeding enables a cloud backup vendor to send a storage device, such as a disk drive or tape cartridge, to the organization, which then backs up data locally and sends the device back to the provider. That removes the need to send the initial data over the network to the backup provider. After the initial seeding, only changed data is backed up over the network.
How data is restored
Online backup systems are typically built around a client software application that runs on a schedule determined by the purchased level of service. If the customer has contracted for daily backups, for instance, the application collects, compresses, encrypts and transfers data to the cloud service provider's servers every 24 hours. To reduce the amount of bandwidth consumed and the time it takes to transfer files, the service provider might only provide incremental backups after the initial full backup.
Cloud backup services often include the software and hardware necessary to protect an organization's data, including applications for Exchange and SQL Server.
Brien Posey discusses how cloud backup recovery works and where it works best.
Most cloud subscriptions run on a monthly or yearly basis. While initially used mainly by consumers and home offices, an online backup service is now used by small and medium-sized businesses (SMBs) and larger enterprises to back up some forms of data. For larger companies, cloud data backup may serve as a supplementary form of backup.
Cloud backup benefits and downsides
Cloud backup benefits include:
- There are reduced costs if the volume of backup data is low. Some providers, such as Mozy, offer free cloud backup up to a certain data limit.
- The cloud is scalable. Growing data sets are easily backed up in the cloud. But organizations need to be wary of escalating costs as data volume grows.
- Managing cloud backups is simpler, as service providers take care of many of the tasks that are required with other forms of backup.
- They are generally secure against ransomware attacks because they are performed outside of the office network.
But downsides and challenges exist:
- The speed of the backup depends a lot on bandwidth and latency. For example, when many organizations are using the internet connection, the backup could be slower.
- Costs can escalate when backing up large amounts of data to the cloud.
- As with any use of cloud storage, data is moved outside of an organization's buildings and equipment and into the control of an outside provider.
Cloud backup vs. tape and disk
In the enterprise, cloud data backup services are primarily used for noncritical data. Traditional backup is a better offering for critical data that requires a short recovery time objective (RTO) because there are physical limits as to how much data can be moved in a given amount of time over a network. When a large amount of data needs to be recovered, it may need to be shipped on tape or some other portable storage media.
Tape backup requires data to be copied from a primary storage device to a tape cartridge. Cartridges have grown dramatically in capacity in recent years. LTO-8 tapes, released in late 2017, can store 12 TB of uncompressed data and 30 TB compressed. Tape is a strong storage medium in an age of exponential data growth. In addition to their capacity benefits, tapes are comparatively inexpensive to own and operate. However, the restore process can be slow because access is sequential.
While the cloud appears to offer unlimited capacity, costs rise dramatically depending on how much storage an organization needs. While access is not sequential like with tape, restore times are still dependent on the internet and require an appropriate amount of bandwidth. Cloud service providers take some of the backup management work out of the process for organizations. The process of backing up to tape and maintaining the cartridges is essentially up to the organization. There is more flexibility in the process of restoring from cloud backup, as an organization can restore to several different devices, including laptops and phones.
The cloud and tape both provide protection from cyberattacks, such as ransomware. Cloud backups are useful in the event of an attack because they are off-site. Tape backups are even more secure because they are offline.
Disk, while not as portable as tape, is a common medium for backup. The biggest benefit is access speed. Disks offer random access and often top cloud and tape for restore speed. Disk-based backups are typically performed continuously throughout the day, while tape backs up less regularly. Disk-based backup is self-contained, and there is less personnel interaction than with tape. So, the risk of human error is smaller. Disk-based backup can be expensive, often costlier than tape or cloud. The lifespan of disk is shorter than tape, and its durability is weaker than that of tape. As long as the service provider is still in business, the lifespan of a cloud backup could be longer than that of disk or tape.
Russ Fellows, a senior analyst with Evaluator Group, has put together the following chart to illustrate when cloud data backups should be considered as a viable option.
With a proper retention policy, cloud backups can reduce or even replace the need for off-site tape storage, so organizations are making the switch from disk-to-disk-to-tape (D2D2T) strategies to disk-to-disk-to-cloud (D2D2C).
Flexibility is another benefit of the cloud because no additional hardware is needed.
Cost of cloud data backup
Third-party cloud backup has gained popularity with SMBs and home users because of its convenience. The technology has an initial upfront cost to implement, but its lower monthly or yearly payment plans appeal to many smaller operations. Capital expenditures for additional hardware are not required, and backups can be run dark. However, the cost of keeping data in the cloud for years does add up. In addition, costs rise as the amount of data to be backed up to the cloud increases.
Ben Woo, managing director of Neuralytix, explains how to evaluate cloud backup costs.
In terms of return on investment (ROI), it is important for an organization to consider the long-term costs of backing up to the cloud. A five-year projection is recommended to properly estimate future expenses and to decide whether the cloud will help an organization break even after initial costs. After these costs are offset, ROI on cloud-based backups can be determined.
Pricing models vary by vendor, but it's important to be on the lookout for hidden costs in cloud backup services. While most products for backing up to the cloud are sold using a price-per-gigabyte-per-month payment model, providers can also use a sliding scale model, set usage minimums and add transaction costs.
Security is an important element in the process. Three considerations are often referred to as the security CIA: confidentiality, integrity and availability.
Since most data will move across the public internet on its way to the cloud, for confidentiality, many cloud backup providers encrypt data throughout the process: at the original location, during transit and at rest in the provider's data center. A user or the provider holds the encryption key. Most organizations prefer to hold their encryption keys, and providers should offer this option. Types of network encryption include Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
For integrity, users must determine if data is the same when it is read back or if it was corrupted. Object storage offers built-in integrity checks.
Availability takes the restore process into account: Will data be available in a timely fashion in a disaster recovery (DR) situation?
Access control is also important. An organization tightens security by limiting access to cloud backups. Furthermore, write-once, read-only access protects backup data from being overwritten, altered or deleted.
Major cloud backup services
Approaches to online backup service vary, so an organization should take a close look at service-level agreements (SLAs), pricing plans and long-term costs. Examples of cloud data backup vendor options include the following:
- Acronis offers Backup to Cloud, a cloud subscription add-on to its other backup plans, to create a hybrid cloud and local backup service. Acronis Backup to Cloud protects and recovers files, folders, applications or a complete system. Data and metadata are encrypted prior to being sent to Acronis data centers. Acronis Backup to Cloud supports PC to cloud and VMware to cloud. It also has an AnyServer option for SMBs, which supports one to three servers of any type, and a Volume option for more than four servers for an entire infrastructure.
- Arcserve expanded its Unified Data Protection (UDP) offering with its purchase of Zetta. The product includes Arcserve UDP Cloud Direct, its direct-to-cloud disaster recovery and backup. The cloud protection is targeted at the midmarket.
- Backblaze offers personal and business cloud backup, as well as cloud storage. Backblaze stores data on its open source Storage Pods hardware platform and cloud-based Backblaze Vault file system. Backup data through Backblaze is accessible through a web browser on mobile devices and computers. Restores are downloaded over SSLs.
- Carbonite sells to consumers, SMBs and small enterprises. The company's offerings back up documents, email, music, photos and settings and are available for Windows and Mac users. The vendor has two cloud data backup plans: Carbonite Personal for individuals, households and home offices and Carbonite for Business, which offers cloud and software-based backup plans for the enterprise.
- Druva cloud backup features two major products: The enterprise-level Druva inSync is targeted at endpoints and backs up data across physical and public cloud storage, while Phoenix is a software agent used to back up and restore data sets in the cloud for distributed physical and virtual servers. The vendor is making a move into the data management market, and its latest Apollo SaaS product protects workloads in AWS through the Druva Cloud Platform.
- IDrive cloud backup is geared toward consumers and small businesses and includes snapshots, a syncing service and hybrid data protection.
- Microsoft Azure Backup automatically sends backups to the Azure cloud. Azure Site Recovery automates replication to back up private Windows infrastructure.
- Mozy (by Dell) has three products: MozyEnterprise for enterprises, MozyPro for smaller businesses and MozyHome for consumers. The backup vendor provides several key features, including the Mozy Sync file sync system and the Mozy Data Shuttle seeding service.
- Unitrends allows customers to back up indefinitely to its private cloud with Forever Cloud. It retains the most recent successful backups from the previous four weeks, 12 months and a comprehensive backup for the year. Customers must have Unitrends' Recovery Series backup hardware or Enterprise Backup software running to use Forever Cloud. Forever Cloud supports VMware vSphere, Microsoft Hyper-V and virtualized images of physical Windows servers. Pricing for Unitrends is based on half-terabytes protected per month.
- Veeam Software provides cloud backup through its Cloud Connect product. Service providers can partner with Veeam to create a backup and recovery target in the cloud.
Hybrid cloud backup
Hybrid cloud backup providers connect traditional backups to the cloud. It is useful for organizations that produce a large volume of data and need quick restore access. With one approach, a network-attached storage (NAS) appliance serves as a local backup target and syncs backup data to the cloud. When an organization needs a quick restore, the data is available in the on-site NAS. If an organization loses its primary site, the cloud backup is still available. This method can also be referred to as D2D2C backup. In another hybrid approach, an organization uses both the public and private cloud for backup.
It is difficult to get data consistency with hybrid cloud backup, especially if the data transfer takes a long time. Point-in-time snapshots and continuous backups help, but costs rise as backup frequency increases.
Comparatively, in a pure cloud backup scenario, backups go directly to the service provider's cloud.
Cloud backup vs. cloud disaster recovery
Cloud backup and cloud disaster recovery are not the same, but they are connected.
Cloud disaster recovery enables an organization to fail over workloads in the cloud and keep business running during an unplanned incident. The organization can fail over data, applications and virtual machine (VM) images. At a certain point, however, the organization should fail back to its primary site.
An organization must consider if the disaster recovery provider has enough bandwidth and resources to handle the data transfer, and thus how long it will take to recover. Testing is important and often easier than with traditional disaster recovery, as many providers offer automated tests.
George Crump, founder of analyst firm Storage Switzerland, discusses the benefits of cloud disaster recovery.
A cloud backup provider may also offer disaster recovery in the cloud. Cloud disaster recovery is valuable for smaller businesses that don't have the funding or resources to support their own DR site. The cloud data center should be far enough away from the organization using it to ensure recovery from any disaster.