Backup to the Cloud: Data Protection Best Practices
There are key differences between cloud backups and backups that are created on-premises that need to be considered when protecting your data.
Over the last several years, cloud backups have become one of the most popular ways of protecting an organization's data. Even so, there are some key differences between cloud backups and backups that are created on-premises. These differences mean that there are data protection best practices that are unique to cloud backups, and it's important to consider these best practices when planning for cloud backups.
One of the things that first made the idea of backing data up to the cloud so appealing was that cloud backups are, by definition, stored offsite. That's great if all of the resources that you're protecting reside on-premises. However, most organizations also maintain critical business resources in the cloud. Backing up cloud-based resources to the same cloud that those resources reside in completely mitigates the benefits of offsite storage.
Most of the major cloud providers give their subscribers the option of storing backups in another region. This approach does protect backup data against a failure within the cloud datacenter where the protected resources reside, but is doesn't protect against a cloud-level failure. If a cloud provider's entire infrastructure were to be somehow compromised, then backups would be lost along with the workloads that those backups were protecting.
One of the best ways to alleviate this risk is to replicate your backups to another cloud. This allows the backups to remain safely insulated against any sort of cloud-level failure or breach.
A more commonly used, but less effective, option is to perform a cloud-to-cloud backup. This approach allows resources within one cloud to be backed up to another cloud. Cloud-to-cloud backups are less expensive and less complex than creating a backup within a cloud and then replicating the backup to a different cloud. Even so, there are two big advantages to replicating backups across clouds rather than simply creating cloud-to-cloud backups.
First, the replication method maintains a backup copy in close proximity to the resources that are being protected. If a restoration operation were to become necessary, then the data could be restored much more quickly if the backup resides within the same cloud (or even the same datacenter) as the resource that's being restored. Performing a cross-cloud recovery can be a very time-consuming process depending on the available bandwidth and the volume of data that needs to be restored.
The other reason why the cross-cloud backup replication method is preferable to a simple cloud-to-cloud backup is because it provides an extra layer of protection. Back in the days of on-premises backups, organizations often adhered to the 3-2-1 rule. The 3-2-1 rule stated that there should be three copies of an organization's data, stored on two different media types, with one copy residing offsite. It's difficult to follow the 3-2-1 rule in a cloud environment, but creating a backup within a cloud, and then replicating the backup to another cloud, sticks to the basic spirit of the 3-2-1 rule by maintaining multiple backup copies, stored in multiple locations.
Brien Posey is a 16-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.