Cloud Data Protection
More than simply backing up data, cloud data protection is a necessary contingency to cover yourself against cloud vendors being unable or unwilling to recover or restore your data.
If you think that will never happen, or it 's their problem when it does, you're wrong.
Here are a few real-world situations where cloud data protection has been a lifesaver.
Data loss at an Australian IaaS provider
We run a service for multiple organisations to securely transfer information to one of our clients We use a reputable Infrastructure as a Service vendor to host the service and 99.9% of the time it works perfectly. It's been running with unbroken availability for over 6 years, day in, day out.
Unfortunately, several years ago the disk array running our service suffered a failure and became corrupt (more common than you'd think with early storage networks), the vendor was unable to recover the machine images on it. Our hoster called us to let us know that we needed to recover our system from our backups as theirs were not recoverable.
This system is quite complex. It has 3rd party software and licence keys, authentication certificates, complex firewall rules, user profiles and permissions, automated housekeeping, virus protection, not to mention the client information. To rebuild the service from scratch would take several days, and even then the customer data would be unrecoverable.
That would be a very bad few days at the office.
To avoid that possibiity we use cloud to cloud backup of the system configuration, and the data, to keep a 2nd copy of both in a different vendor's cloud (in this case we use Microsoft Azure as the backup agent and backup location).
Should we need to recover that system at the existing hosting provider or another, we can.
Data loss at Amazon Web Services
A similar situation occurred at AWS over the Labour Day weekend in the USA.
Bear in mind that bigger players like AWS have availability zones, and it's common to use a different availability zone to protect against failure in your main one. It's a misconception though, that availability zones are a cloud data protection solution; when corrupt (or crypto locked) data gets replicated to a 2nd location really quickly, that doesn't actually help you much.
But here's what happened at AWS according to one affected business ....
“A power outage fried hardware within one of Amazon Web Services' data centers during America's Labor Day weekend, causing some customer data to be lost.
When the power went out, and backup generators subsequently failed, some virtual server instances evaporated – and some cloud-hosted volumes were destroyed and had to be restored from backups, where possible.”
Amazons comment on the situation:
"A small number of volumes were hosted on hardware which was adversely affected by the loss of power.
However, due to the damage from the power event, the EBS servers underlying these volumes have not recovered.
After further attempts to recover these volumes, they were determined to be unrecoverable."
Ultimately only 0.5% of customer’s found their data was unrecoverable.
Imagine being in the 0.5% and not having independent recovery plans in this situation. That would take some explaining on Tuesday morning!
Data loss due to bulk delete functionality in SaaS
Probably the most likely way you'll experience data loss in the cloud is through the human error of your staff.
Most Software as a Service (SaaS) platforms have the functionality to get you into trouble, and the functionality to keep you out of it.
The function that will get you into trouble most often is Delete functionality. Especially cascading deletions through a hierarchy of records. Software with a good user experience normally comes with a confirmation step like "This data will be permanently deleted, are you sure?", however, at some point, we've all clicked yes to something like that quickly followed by that sinking feeling as it becomes clear what we just did.
Many SaaS vendors will be empathetic as they tell you there's nothing they can do.
A rare few will offer an undo option or recycle bin.
Most vendors do provide the tools to keep you out of trouble. This can be a scheduled copy of your data, or the ability to export it on demand. Both of these require you to initiate action and typically we see that whilst available, these options are seldom used. Where they are used, they are commonly not compliant with encrypting data during transfer and at rest.
If you have mission-critical data in a cloud platform, we encourage you to be certain that you can access and use this to continue your business without the co-operation of the respective cloud vendors. It may seem like overkill today, but in our own experience, and the situations we've heard from clients, you'll be glad you remained in control of your data when it turns out that your vendors can't help you.
Talk with Cloud Fixers if you are uncertain of your cloud data protection arrangements or options to protect against cloud failure.