Backup is an essential part of IT Disaster Recovery. In the event of a disaster, not only it is critical to bring up the machines, but also to recover the last available working data, as defined by the Recovery Point Objective (RPO) of an organisation. How fast you can recover your data is also dependent on the type of backup being practised in the organisation, for instance, is it a real-time backup, end of business day batch run or daily full backup at midnight.
My friend Eugene Chung has elaborated at length why backup is important in his article here. He also touched on Cloud Backup as one of the new means of backup, which some people are still not convinced about how secure it would be. Hence, in this article, I would like to extend the discussion on Cloud Backup and the key differentiator it can bring, as opposed to the Conventional Backup.
Concern over Security and Ownership
Many organisations are concerned if the Cloud Backup is secure enough since it is floating somewhere in cyberspace. They are also concerned over the ownership of their data and backup as it is hosted in Cloud. These are valid concerns and need to be carefully addressed before making any decision to engage the Cloud Backup. Let us breakdown the issues and review the clarification as follows:
Security and compliance
Instead of worrying about the data being backed-up to Cloud, you need to be vigilant on the data security and policies of the data source, which is residing at your premise. If your data source is compromised, then your backup is also compromised because of ‘garbage in, garbage out’. Cloud backup software ensures not only the quality of your data, but its protection. Using cloud backup also ensures that your data is encrypted from one transfer end to the other. Encryption provides increased data security, so that data copied to multiple locations does not experience an increased likelihood of being compromised
In terms of compliance however, what rules and regulations a particular software adheres to depends on factors such as your organisation’s industry and country of origin. Therefore, it’s important to thoroughly verify that a particular product meets your team’s compliance-related qualifications. Many cloud backup solutions on the market include management of data policy and regulations, helping users prevent having to pay potential fines and penalties.
It is very important to get your Legal Department to be involved in the agreement discussion so that all the clause is being understood from line to line and no hidden clause that may impact your organisation later. Usually, all the terms and conditions given by the Service Provider are pretty much standard for all customers around the globe. Nevertheless, you should really understand how the charging mechanism works. For instance, some providers charge very fairly for the backup but overkill you when it comes to data restoration. The same goes for retrieving the data archives.
Understanding your Service Provider’s global footprint is also important. This is how you would know if the Service Provider had a presence in your country. If you are serious about ownership, then you should know where your backup and data would be hosted. As per the regulations in many countries, the personal data and the financial data must reside in the country of the business origin.
Key differentiators between Cloud Backup and Conventional Backup
More and more organisations are already moving to Cloud Backup. For those who are still uncertain, please find the following benefits of Cloud Backup over Conventional Backup:
The Conventional Backup requires a lot of investment should you want to expand, or the data size increases over the years. You would need to consider the provision of backup tapes, internal storage, offsite storage facility for backup tapes, transportation for backup tapes to offsite facility, etc. On top of that, you would need to comply with the backup retention regulation, such as 7 years for physical copy for Malaysia.
Pricing options for cloud backup are flexible. As users’ data storage and backup needs grow, they can simply update their plan with their provider. And if they need to scale down, many cloud backup vendors allow users to downgrade their plans. Cloud backup is a great option for organisations that may be growing faster than their on-premises storage capacity allows.
Management of Conventional Backup would require a lot of work because you need to have good tape management in place as well. This is to ensure that the tape is still usable, and the data can be restored when required. Especially when we are dealing with old tapes with threats of humidity, fungus, and wear-and-tear condition.
Unlike Conventional Backup, the Cloud Backup keeps your data stored at a remote location that ensures its protection from different types of disasters like flood, fire, and theft. Therefore, in case of such events at your office you can be assured of protection of your data. This adds to a peace of mind knowing that your data is safe and available.
The pandemic has shown that the Conventional Backup needs to be reviewed as the Lockdown impacted the delivery and management of offsite tapes. Lucky for the Financial Institution that they were able to run their operations, but many companies were badly impacted by the Lockdown period.
Whilst having the data to be stored in the cloud, it is accessible from anywhere. This means that data accessibility for your team is vastly improved, allowing team members to access data while working remotely. This may be crucial in times of disaster. A potential drawback, though, is that if you don’t have internet access, you can’t access your data.
Backup compatibility is not new. Organisation may face issues when running backup for some of the legacy servers due to the data format that is no longer supported, or the system is no longer available in the market. Even though there are backup solutions that can support this legacy system for Conventional Backup, the restoration might be a challenge and the compatibility of the devices used for restoration.
Cloud Backup solutions can take backups from any device without any problem and recover it to any device as well. That means you will never have to face any issue related to compatibility of devices and applications. Some of the solutions include the migration into a universal format which would make the restoration more efficient.
Technology and R&D
Technology is evolving rapidly and there is always new technology emerging to help us in carrying out the backup process more efficiently and securely. Conventional Backup might restrict your option to get the latest technology in the market because we have already invested in the hardware and need to continue for at least a few years to get a breakeven. For instance, when they introduced the LTO-4 tapes, the previous version of the Tape Drive machine was not able to read the new LTO-4 tapes. Only by changing to the LTO-4 Tape Drive that it is backward compatible and could read all the LTO-3 tapes or older.
Cloud based data backup solutions are built around the most advanced technologies that includes data mirroring, file sync, file versioning etc. that are not available with Conventional onsite data backup solutions. Cloud service providers keep themselves up to date with all the technological advancements due to increasing competition in the market. You can be sure that the Service Provider will leverage the best R&D to gain the competitive advantage over their competitors.
Never be too complacent
Even though we have already engaged in Cloud Backup, we must not be too complacent because the internal IT Security is the utmost defence. We need to make sure that our environment is protected, and the data hygiene is always at the maximum. One of the weaknesses of a real-time backup that you need to be wary of is that it would immediately mirror all documents, even the files that had been compromised. Just imagine if the Ransomware managed to penetrate your organisation and encrypted all files. The same would be replicated over to Cloud Backup under these circumstances, which would cause you to lose Production and Backup data at the same time. Hence, please plan carefully if you are on Conventional Backup or Cloud Backup.
Catch When Expert Meets Expert by Ts. Saiful Bakhtiar Osman articles every bi-weekly Tuesday. Don’t forget to subscribe to stay connected. You are also encouraged to ask questions and seek advice from him.
Share this post
- 07 Nov 2023
- By:Bernadetta Septarini
- Category: When Experts Meet Experts (WEME)
Discover the connection between cybersecurity and sports with Tony Smith, Regional VP at WithSecure. Let’s achieve the ‘Hole-in-One’ of Digital Defense.
- 07 Nov 2022
- By:Eugene Chung
- Category: When Experts Meet Experts (WEME)
How do Cybersecurity sales convince prospects to trust their services and/or products? Learn more about it from ArmourZero’s mentor and expert Eugene Chung.