If I had a nickel for every time I’ve heard, “I use snapshots for my backup.” Businesses today still hold on to the pervasive myth that a backup strategy is just to have cloud storage.”
Not so fast my friend, simply storing data in the cloud is not a strategy. Cloud data centers fail. Cloud storage does not equal backup. Moreover, snapshot technology may be a part of backup, but it is not the same thing.
The tactic of storing data in the cloud is not a backup strategy. The move to the cloud goes well beyond simple, direct economics of CapEx and OpEx. Using cloud storage as a backup destination is increasingly popular, and it can be a great way to have infinite off-site backup capacity.
In 2018, a power loss downed the AWS US-East-1 regional data center, the same one that famously went off-line in 2017. Although the outage only lasted 30 minutes, Amazon reported that hardware failures made it impossible to retrieve some customer workloads in the Availability Zone. Some of the customers might have backed up their instances, most likely did not.
Amazon wrote to its affected customers, “While we will continue to work to recover all affected instances and volumes, for immediate recovery, we recommend replacing any remaining affected instances or volumes if possible.”
When would it be possible? If and only if the customer backed up their data.
Incidentally, it’s not only AWS. Any DIY megacloud can suffer from outages. Another example is an Azure data center in Europe that recently went down for seven hours because contractors accidentally triggered the fire suppression system. (The Register posted an entertaining report.)
The problem is that megacloud providers do not automatically backup your cloud storage data. This is the case whether you are storing to services like Google Drive and Microsoft OneDrive, or if you are running SaaS in the cloud like Office 365. As far as the providers are concerned, keeping the data infrastructure is their responsibility. However, backing up that data is not. If something happens and you cannot recover your data, they will generally suggest that backup is your lookout.
Most IT admins are perfectly honest (sometimes to a fault). Even large corporations think nothing of entrusting massive data volumes to fallible human beings. In 2011, an auto dealership firm laid off several IT staff. Before one of them left, he deleted hundreds of backup files along with pages from the company’s internal wiki and turned off automated backup on multiple applications. He then left a note that he would be happy to be hired as a contract consultant.
He was indicted for a malicious hacking crime in 2016, but that did his former employer precious little good.
Backup strategies need to be simple enough to use consistently, but corporations must also protect against admin carelessness or malice. Simply backing up all data to a simple target is taking a significant risk, not only from malicious employees but from cyber-attacks as well. Practice the 3-2-1 rule, developed by a photographer obsessed with the ability to have data availability and keep it safe. Retain one copy on premises for fast recovery, and the other two copies in two different clouds. Split admin responsibilities between the clouds and never share credentials between them.
So unless you have an IT conspiracy along the lines of Oceans 11, you will protect your backup from a single successful attack.
A photographer with over 8000 photographs on his hard drive thought he had protected his photos using Dropbox. The images were filling up his hard drive, so he synced them to the filesharing service, checked to see that all the folders were there, then deleted the photos and emptied his recycle bin.
A couple of months later he went to Dropbox to view his photos. The folder structure was there. The photos were not.
It’s not solely the fault of Dropbox or an SMB user. A good portion of the responsibility lies with users and admins who assume that syncing takes the place of backup. The same warning extends to entrusting SaaS data to the cloud. Hosting services are concerned with the durability and availability of your data, but they are not concerned about backing up that data unless you are paying a premium price to do so.
Many administrators feel confident by replicating snapshots to the cloud. However, snapshots are a form of data protection but are not automatically backup.
A VM snapshot saves the virtual machine’s data state, which gives admins the option to revert to that snapshot’s point in time. VM snapshots do not save a copy of the virtual machine environment, and can only restore data to the VM. This is not an issue when IT is protecting localized VMs for specific behaviors such as software update tests. They cannot recover an entire VM.
Array-based storage snapshots do enable VM recovery as part of the backup infrastructure if admins recover back to the source array. They are ideal for test/dev environments, and limited rollbacks such as recovering a previous configuration should new settings go bad. However, snapshots that simply copy VM-level delta changes cannot recover a disk or environment that fails. Moreover, in some busy environments that host large workloads running on VM’s, snapshots can grow to unwieldy sizes and retard virtual performance.
Syncing, snapshots, and SaaS are all valuable technologies. However, they are not backup. True backup creates multiple recoverable copies across multiple locations. This practice protects you against failures, data migration failures, and SaaS data loss.
A holistic cloud backup strategy may include snapshots as a component. For example, KeepItSafe’s partner Veeam uses VM and storage snapshots as part of its Backup & Replication platform. Veeam creates image level VM backups using VSS (Volume Shadow Copy Service) and application-aware image processing. The technology backs up full workloads in a single image-level backup file: not merely VM delta changes, but applications, virtual disk, OS, and configurations. Additional optimization technology does what simple VM snapshots cannot, including de-duplication and compression, WAN acceleration, and verifying recoverability.
When you craft your backup strategy, look to backup application and cloud solution providers like Veeam and KeepItSafe, whose mission is to help you recover your data and applications when and how you need to.
Having a custom–tuned data protection strategy in place allows you to keep IT safe and mitigate data loss and data breach whilst maximizing time to production efficiencies with the cloud. Reach out today to review your data protection strategy and ask for a free assessment.
Download a free Planning Guide
“Storage Switzerland details DR Planning from Good to Great”