The cloud increases options for data protection, but that data’s more distributed nature creates new challenges.
Throughout the history of IT, data backups have often involved some tradeoffs. In the case of legacy backups, these tradeoffs were often based on prioritizing the resources that needed to be protected based on the backup target’s capacity and the backup window duration.
Today, enterprise IT is hardly recognizable compared to the way it existed less than a decade ago. Even so, backup admins must continue to address many of the same chal- lenges they always have. Data protection still comes down to iden- tifying the resources that need to be protected, and assessing the
backup target’s ability to protect those resources.
FIRST STEP: IDENTIFY TARGETS
Of course, things are not quite as simple as they once were. Today, there are often just as many resources running in the public cloud as there are in your company’s datacenters. This makes data protec- tion much more challenging, because the resources that need to be protected may not be under the IT department’s full control. Even so, the first step in the data protection process is identifying the resources that need to be protected.
On the surface, it may seem that this process involves little more than taking an inventory of the organization’s on-premises resources, and identifying the cloud resources that the organization uses. While that is certainly part of the process, there’s more to it than that.
Backing up cloud-based services works differently than backing up workloads located on-premises. In fact, each cloud service will typi- cally have to be backed up in a different way. Not only are there major differences between Software-as-a-Service (SaaS) and Infrastructure- as-a-Service (IaaS) clouds, but each provider has its own way of doing things. The technique you use to back up one SaaS cloud isn’t necessarily going to work for backing up a different SaaS cloud.
Furthermore, protecting cloud services often means adopting backup techniques that are significantly different than those used to protect resources residing on-premises. A SaaS provider, for example, probably isn’t going to allow you to install a backup agent onto its servers.
A big part of identifying the resources that need to be protected is determining what protection options are available for those resources. One of the challenges with SaaS is that providers often host the data asso- ciated with their applications on their own servers. Microsoft Office 365, for example, is designed to store Exchange Server mailbox data, SharePoint data and data associated with the other Office 365 applications in the Microsoft cloud. Because subscribers don’t have root-level access to the servers that host their data, traditional backups are simply not an option.
CHECK YOUR TERMS
OF SERVICE
As such, one of the first steps in formulating a data protection plan is to determine what level of protection, if any, is provided by the cloud services provider. Each cloud provider has its own way of doing things, but in many cases, SaaS providers back up their servers only for their own purposes. In other words, if a provider were to suffer a data loss event, it could presumably use its backups to recover all of its subscribers’ data.
vmug.com 19