Is your cloud protected?

What is backup?

Before we even start covering cloud protection, let us define the terminology “backup”.
Backup is a action that moves data outside your application / server and put that on another location and have a different retention period then you have in your application.

If something happening like ransomware, unexpected deletion or corruption of the data, you will be able to restore the data and the server / application is working in the same stage as it was at the point you took the backup.

What is Cloud

Cloud is a stack of compute resources with a self services front-end.
With Cloud resources you should be able to setup your application and/or service without help of any IT personal, and you should be able to scale-out or scale-down your service without notify the service owner.

Cloud Resources can be either located in your data center (Private Cloud) or outsourced to a service provider (Public Cloud) and their resources could be located in a different area or country then where you are normally operate. And the resources should be able to talk to each other even if you have it on-premise, public cloud or both (Hybrid Cloud).

Is Backup Included in the Cloud?

Just because you outsourced your compute resources to a cloud service provider, it is not guarantee that the service is backed up with your preferences, or even have a backup of your data.
All larger Cloud Providers like Microsoft, Google and AWS is very often guarantee that in a case of hardware failure they have a protection that’s your data will still be available, in case of fire they normally recommend that your service is spread out in multiple zones. If you active have choose to only run in one zone (Data Center), you have then accepted that in case of fire your data can be lost.

“But is your data backed up to default?”

The answer is no, a lot of applications like Microsoft 365 (Office 365) or Google Workspace has normally a functionality that called Data Retention.

“What is Data Retention”

With data retention a user can normally delete a email or document (file) from a application and it can regret it’s action in X numbers of days [1].

But if the user has delete a object of mistake, if a user has been deleted from your organization or even worse it has been hacked and taken controlled by another organization / person?

This is few of the cases where data retention in the cloud application can’t solved, but could be solved by using a backup software.

By using applications like AvePoint, Rubrik, IBM Spectrum Suite, Cohesity or any other, you can then easy prevent this kind of scenarios and be able to restore the data in any situation.

“Virtual Machines in the cloud are they protected?”

This depends, first of all have you enabled the internal backup function? Or have you even configured the backup retention period (RPO / Restore Point Objective)?

In AWS and Azure you have the functionality to backup your VMs, but you need to enable that functionality on each machine and it is very easy to just add that line to your “Infrastructure as Code” and set a default policy.

Most of the cases this is great, and probably good enough in your cloud journey.

The main problem we see at most customers it keeping control of all the backups, and verify the consistency of the backup, index the backups and tracking change pattern to detect ransomware attacks, and secure your backup data from external attacks. Here is a perfect situation where you can use 3rd part tools to help you and depending on your preference there is multiple tools, but my favorites tools comes from Rubrik.

“What About Google Cloud?”

It has been rumors that Google will come out with backup functionality on VMs, but you can already configured backups of your Cloud SQL services. If you running Google Cloud make sure you are using a 3rd part software to backup your data.

Before you choose a backup vendors, make sure you get a good overview of market for the best tools that works for you. We guarantee that your backup software that you used for your legacy systems in your Data Center will probably not be the best tool for you in the cloud. Good start for GCP is to look at Cohesity.

Our tips for you when you are going to the cloud,

1. Sorry but backup and cloud doesn’t work out of the box, you need to take action to be safe.

2. Make sure you investigate what the backup software really can do, because in case of a restore scenario you wanna make sure you have a backup that really works, and during the backup you don’t want to kill your budget.

3. Use a secondary resource that can give you a second opinion, so you know what risks, mistakes and success you can expect when a disaster happening.

4. Make sure you using a tool that have built in Multi Factor Authentication from scratch to prevent unexpected ransomware attacks.

[1] The retention period is a value that your Administrator need to set in the global administration panel.