If you've decided to use the cloud as part of your enterprise data protection strategy, but aren't sure what you should do next, I have some questions for you. But first, keep reading.
In my last Hot Spots column, I talked about why cloud services should be part of your enterprise data protection strategy, alongside (not replacing) disk and tape media. The two most compelling parts of that discussion related to the following:
- Reducing data loss through more frequent replication streams to cloud versus nightly tape jobs.
- Data agility, whereby you can often do more with your "warm" data in a cloud than you can with the "cold" copy of data within a tape cartridge. So, use cloud services for unlocking dormant value within your short-term data, while leveraging the economics and portability of tape for truly long-term retention.
This month, as promised, I want to talk about which cloud services to use for your enterprise data protection strategy by posing four sequential questions.
1. Are you satisfied with your existing backup software platform(s)?
If yes, then you are likely looking to the cloud to add data survivability (without tape couriers) or looking for more economic storage capacity than simple disk arrays. In either case, cloud storage is probably the right place to start. Most modern backup software products provide, or will soon provide, cloud connectors, so they can use cloud-based storage similarly to how they utilize local disk or tapes today. For organizations simply seeking to get data out of the building, cloud storage as another repository within the backup UI makes sense. A huge note of caution, though: Not all backup software uses the cloud effectively. Many products are very cumbersome with their cloud APIs, causing horrific amounts of extraneous data transfers that will blow up your budget.
Speaking of which: If you want more economical storage capacity for your existing backup software, then a local deduplication storage platform that efficiently leverages cloud storage behind the scenes may make sense. Deduplication storage platforms are particularly appropriate when you have multiple backup and archive applications deployed, because the multiple backup software products each talk to the local protection storage disk, which typically retains the most recent data on site and transparently handles cloud storage behind the scenes. This approach deduplicates data locally, keeps a local copy for fast restores and only depends on one vendor's (the dedupe array) cloud connector for optimal transmission and cloud storage efficiency.
On the flipside, if you are not satisfied with your current backup software, adding cloud storage is unlikely to make it much better. Either buy new backup software and reconsider question number one, or move on to question number two.
2. Are you seeking revolution instead of evolution?
Adding cloud storage to an existing backup environment is evolutionary. Replacing an on-premises and self‑managed backup product with a remotely managed product or turnkey backup as a service (BaaS) is revolutionary. And the real difference it can bring relates to expertise, specifically in two areas:
- Turnkey services can supplement your backup expertise with that of a service provider's staff -- people who are likely better trained and who focus exclusively on robust data protection. They operate their backup infrastructure at a scale and with a level of reliability only the largest and most sophisticated enterprises can boast. They possess valuable experience accumulated by integrating and supporting many subscriber organizations each year. So, that anomaly that broke your backups last month but you've never seen before, they've likely worked through it before from helping so many other environments. As such, you should get a better result in the form of more reliable backups and recoveries.
- Alternatively, some service providers and partners will take the backup software you currently run (or a newer version if you are behind) and co-manage it with you. This is especially true of providers offering cloud storage, but you get integrator-level expertise alongside the storage capacity itself.
- If you're looking for "better" data protection than what your team is able to manage, budget and skills notwithstanding, look for a provider that believes "service" matters as much as a "data protection" feature set.
3. Where would you like to recover?
Both earlier questions result in a hybrid data protection architecture, with production servers running in your environment, combined with local recovery capabilities (to minimize workload downtime as much as possible and remote copies in a cloud service. Each, meanwhile, presume your desired recovery target is on-premises as well.
Many organizations are asking "Why BaaS when you can DRaaS (i.e., implement disaster recovery as a service)?" suggesting that if you have secondary data in a cloud, could you just power it up in the cloud instead of restoring the data back to an on-premises server? Unfortunately, that depends on how the data was transmitted and stored within the cloud service.
Technologies that back up data tend to transform data chunks for most efficient retention of multiple previous versions over time. That requires the data to be "de-transformed" (restored) to be usable again, which is often harder to do within many cloud frameworks. Other technologies replicate the data, meaning that it's retained in a relatively untransformed manner, thereby making it easier to simply boot up or otherwise leverage in the cloud.
There are other considerations as well, which you can check out in this ESG video blog, aptly titled "Why BaaS when you can DRaaS?"
4. Will production systems be moving to the cloud?
Although everything changes when production systems move to a cloud service, enterprise data protection strategy options remain surprisingly similar.
When running virtual machines within a cloud-hosting environment, you need to back up those servers with the same rigor that you backed up physical or VMs in your own environment. Perhaps you'll run a virtualized backup server among the other hosted VMs. In that case, you'll want to consider cloud storage (question one) in the same hosted environment or intentionally with another cloud provider to ensure that your data survives a crisis at the primary provider. You might even run "hybrid in reverse" and replicate your cloud-hosted data back to your own facility for data assurance and preservation.
Alternatively, a backup service (BaaS, as described in question two) can protect data within hosted VMs in the same way it protects your physical and virtual on-premises servers, while providing the same out-of-network retention that bringing data back home might yield. In short, hosted VMs have the same essential cloud options as on-premises servers do.
If you go all in with cloud-based services for production (e.g., Office365 or Salesforce), it will appreciably change your enterprise data protection strategy, because those platforms have fewer protection capabilities across the traditional backup vendors or backup services. But make no mistake, most of those software-as-a-service products do not back up your data as part of their service. That is still your job, regardless of it being more difficult.
There you have it, four simple questions with a very wide range of recovery outcomes and ramifications. Perhaps these questions won't yield a definitive answer for you, but they should spark new conversations among your team.
Improve your data protection in seven steps
Sharpen the focus on your strategies for enterprise data protection
For IT compliance, build the right data protection strategy