Corporate data needs to be protected to a corporate standard, even if the servers don't reside within corporate data center walls. There are three locations where data might reside within your environment: data centers, endpoint devices and remote office or branch offices (ROBO) data. In general, we might make two over-simplistic recommendations:
Data center servers should be protected first and foremost to an on-premises product for frequent protection and fast recoveries, prior to any off-site disaster recovery protection (disk, tape or cloud). There are some notable backup services (BaaS), but in general, most "straight-to-cloud" offerings fall short in three ways. They struggle to effectively deliver the SLAs that midsized and large organizations expect, they are too expensive or their long-term retention range is too short.
Endpoint devices, on the other hand, are an ideal use case for cloud backup that is managed by your IT team. There are some data center-centric endpoint protection products, but many fall short either due to complexity, forcing users to change behaviors, cost model or -- worst of all -- requiring users to log into a VPN or connect in some other unnatural way. Because of this, you are likely better off protecting your endpoints with a cloud backup service, but NOT a consumer-based service chosen by individual users. Corporate data is an IT responsibility, regardless of the device, so IT should be remotely managing and monitoring the cloud offering, even if they aren't maintaining the backup 'server' itself.
This leaves ROBO data, which can arguably be best protected to either a data center or a cloud service. Since most ROBO networks are just as easily connected to the Internet as their intranet, you could go either way. Here are a few considerations when choosing the best approach for ROBO backup of your remote servers:
- Does IT have full control? Whether you protect to the data center or a cloud service, the most important thing to remember is that corporate data created at the ROBO level is still corporate data and should therefore be protected to the corporate standard for those data types. This means that protection should not be presumed or delegated to ROBO personnel without IT skills. Most modern backup software platforms offer the ability to automate ROBO backups to the primary data center. This allows for centralized management of backup data by skilled IT staff. Alternately, there are business-grade backup services (not just consumer-centric) that enable IT to automate and remotely manage the ROBO backup process. Your top priority is centralized management.
- Who will be invoking restores? While backups may be centrally managed (to the data center or a cloud), chances are that a broader number of stakeholders will be responsible for restores, including not only the backup folks, but also IT operations or help desk team members, as well as perhaps users within the ROBO or their peers at another facility (depending on who needs the data and what kind of crisis caused its interruption). This type of functionality varies from product to product, so if you are looking to fulfill a specific requirement -- policy-based user restores, for example -- you'll have to verify that before choosing a product or service.
- What kind of data is being protected? Different data has different restore capabilities, which can affect how (or where) it is protected to. While Microsoft Office documents can just as easily be protected to a cloud or data center, virtual machines (protected as whole objects) are best protected someplace where the restore might include local hypervisors. In the cloud, this may be disaster recovery as a service (DRaaS) instead of just BaaS; whereas in the data center, does the backup product have a 'rapid' or 'instant' VM recovery capability to alternative hypervisors?
- How long does the data need to be retained for? Corporate data protection standards may also include long-term retention not just for regulatory purposes but even just sound business practices. If the retention mandate is less than two years, data center disk systems or cloud services are equally viable choices. For data between two and five years, disk (even deduplicated) might start to be excessive, so cloud services or tapes become more desirable for stagnant data; depending on the retrieval SLAs that may apply. For data over five years, some level of compliance or governance is often applicable, cloud offerings may be less desirable if their function creates "lock-in" such that the older copies are not easily movable as geo-political and industry mandates evolve. For that data, which should be a minor subset of your production data, tape is likely the best answer; but you may still have the choice of creating and managing those tapes or having the cloud service generate the tapes as part of its long-term retention of your data.
If you were looking for absolute and definitive guidance on ROBO backup of your data, there is good news and bad news. The bad news is that "it depends" is still the right answer, based on the considerations outlined above. The good news is that you have multiple, modern data protection software products that can leverage disk, tape and cloud; empower central IT and decentralized local team members; provide the functions to reliably back up modern workloads; and recover data across your distributed environment. And most of those same capabilities are also available from cloud-centric services, meaning that it is up to you, based on your organization's unique answers to the questions we've discussed (and others that we didn't).
Tackle remote backup obstacles
Take a hybrid approach to manage remote office storage
ROBO backup pain medicine