The pressure is on for companies to take advantage of cloud infrastructure for cost-savings, scalability, flexibility, and time-to-market efficiencies. With that pressure comes a lot of questions about how to get it right and adequately protect data in the process.
With all of the considerations for managing your digital transformation to the cloud, backup and recovery can be an afterthought. Here are the things to keep in mind to ensure proper data protection during your migration to the cloud.
There is a common misconception that cloud providers not only manage infrastructure in the cloud but your data in the cloud as well. Most cloud providers provide some level of data resiliency through use of replicated copies of stored data. However, this is insufficient and does not protect your data from a number of data loss or data corruption use cases.
As you move to the cloud, you must cloud responsibly and employ the same data discipline practices you would for critical on-premises data. If you read the End-User License Agreement you signed with any cloud service, you'll undoubtedly find the onus is on the customer to ensure your data is backed up, even if the vendor provides some form of replication. They provide infrastructure only and washed their hands of any legal liability of data loss when you signed the agreement.
Differences in where companies are in their cloud strategy impact how they are migrating to cloud data centers. More complex legacy environments typically face more challenges than younger companies in moving to a cloud strategy. Application migration to the cloud can be broken down into four general models.
(source: https://shadow-soft.com/cloud-migration-models/)
Download the Compass® cloud feature sheet here>>
We briefly discussed the need to protect your data as your applications migrate to the cloud. How you backup your workloads in the cloud may depend on the migration model that brought your application to the cloud.
Lift-and-shifted or refactored applications often can be effectively protected with time-proven approaches. The born-in-the-cloud SaaS and re-platformed applications may require new techniques. There are several common ways to achieve cloud workload backup and protection.
Application and file system agents sometimes get maligned due to the need to install, update, and manage potentially thousands or tens of thousands of workload clients inside virtual machines. However, for key applications, agents often provide the optimal approach for achieving the best application service levels. To this point, it is interesting to note that some “agentless” backup products actually insert agents dynamically.
One important example of the value of agents is that they provide a way for application consistent backups and recoveries. Also, agents can provide application specific integrations that improve service levels and often aren’t available with other methods (eg, transaction log backups and roll forward recoveries for databases).
Agent-based backups are a very common approach for lift-and-shifted or refactored applications. Cobalt Iron’s Compass can eliminate the management complexities of agents through analytics-based automation which greatly simplifies agent-based backups. This is certainly a powerful approach to protecting some cloud workloads.
Cloud providers offer various virtualization services (eg, VMware Cloud on AWS) hosted in their cloud. Applications and data in these environments can potentially be backed up using hypervisor level services (eg, VMware’s API for Data Protection). These hypervisor level backups typically enable backup of all virtual machines on the host without the need for agents in each virtual machine.
As an example, Compass use of these APIs provides mature capabilities such as incremental forever snapshots and granular recoveries from VM backups, including in the cloud.
Cloud providers often offer APIs or services for taking snapshots of cloud resources. Two common cloud snapshot services are for snapshotting cloud virtual machines and cloud storage volumes (eg, AWS provides the ability to snapshot Amazon Machine Images as well as Elastic Block Storage volumes).
Although these snapshots can be leveraged for backup, there are disadvantages to these that must be considered. For example, cloud snapshots often are poorly managed leading to high cloud bills. At one business I recently worked with, their cloud provider bill more than doubled unexpectedly in one month due to uncontrolled snapshot creation by application owners. One important consideration if using cloud snapshots is to have some means to enforce policy management of the snapshots so they are created, protected, and deleted according to business objectives.
In addition, if you want to recover across public clouds or back to on-premises, cloud snapshots may be restrictive in that regard.
Compass can also help with these challenges with policy-based lifecycle management of cloud snapshots and cross-cloud replication of data.
Cloud providers are evolving their view of backup beyond making a couple replications of data to actual backup services. A few SaaS applications are starting to also provide true backup services.
These backup services come with some disadvantages. They come at an additional cost and the backups still need to be managed by the user. Also, like cloud snapshots, cloud backups typically keep the data within the same cloud provider which limits recoverability options (eg, to another cloud provider or to on-premises) and further locks you into one cloud provider.
While often overlooked, some cloud SaaS and replatformed applications may provide interfaces that allow more robust backup protection including – application consistency, incremental backups, efficient data access (eg, in memory access to application data), and more granular recovery options.
This is a nice approach but unfortunately very few cloud applications have bothered to provide robust backup APIs (eg, some SaaS APIs merely provide usage reporting information and not backup function) and very few backup products have invested in writing to the APIs that do exist. Also consider that API level backups tend to restrict recoverability options to another cloud provider or to on-premises.
The most important thing to keep in mind is that your organization is unique and has unique requirements to be met. There is not one “right” cloud strategy, just the right one for your organization's current maturity and future plans. You should choose the cloud migration model(s) that is(are) right for your business. And you should choose a backup solution (not product) that provides robust, efficient protection for your cloud workloads, in conjunction with the rest of your business applications, wherever they may reside.
Cobalt Iron’s platform, Compass, for example was built for large complex environments and is the right fit for organizations that need data protection at scale and may need combinations of on-prem, cloud, multi-cloud, or cross-cloud workloads secured in an unified interface. Compass supports a variety of cloud workload backup and recovery approaches including agent-based backups, hypervisor level backups, and policy-based management of cloud snapshots. Compass provides a simplified experience to enterprise backup including for your multi-cloud workloads.
Consider the business outcomes you want to realize as you move data protection workloads to the cloud:
Interested in learning more about Compass data protection? Schedule a call with our team for a free assessment of your current environment.