11.7 Taking Backup and Archive to a Cloud Storage

665
Data is important for organizations of all sizes. Organizations need to regularly back up data to avoid losses, stay compliant, and preserve data integrity. IT organizations today are dealing with the explosion of data, particularly with the development of next generation technologies. Data explosion poses the challenge of data backup and quick data restore. It strains the backup windows, IT budget, and IT management. The growth and complexity of the data environment, added with proliferation of virtual machines and mobile devices constantly outpaces the existing data backup plans. Deployment of a new backup solution takes weeks of planning, justification, procurement, and setup. However, technology and data protection requirements change quickly. Enterprises must also comply with regulatory and litigation requirements. These challenges can be addressed with the emergence of cloud-based backup (backup as a service).
 

Backup to Cloud (Backup as a Service)

Backup as a service enables organizations to procure backup services on-demand in the cloud. The backup service is offered by a service provider to consumers. Organizations can build their own cloud infrastructure and provide backup services on demand to their employees/users. Some organizations prefer hybrid cloud option for their backup strategy, keeping a local backup copy in their private cloud and using public cloud for keeping their remote copy for DR purpose. For providing backup as a service, the organizations and service providers should have necessary backup technologies in place in order to meet the required service levels.
 
 
Backup as a service enables individual consumers or organizations to reduce their backup management overhead. It also enables the individual consumer/user to perform backup and recovery anytime, from anywhere, using a network connection. Consumers do not need to invest in capital equipment in order to implement and manage their backup infrastructure. These infrastructure resources are rented without obtaining ownership of the resources. Based on the consumer demand, backups can be scheduled and infrastructure resources can be allocated with a metering service. This will help to monitor and report resource consumption. Backing up to cloud ensures regular and automated backup of data. Cloud computing gives consumers the flexibility to select a backup technology, based on their requirement, and quickly move to a different technology when their backup requirement changes.
 
 
Backup to Cloud
 
Data can be restored from the cloud using two methods namely web-based restore and media-based restore. In web-based restore, the requested data is gathered and sent to the server, running cloud backup agent. The agent software restores data on the server. This method is considered if sufficient bandwidth is available. If a large amount of data needs to be restored and sufficient bandwidth is not available, then the consumer may request for data restoration using backup media such as DVD or disk drives. In this option, the service provider gathers the data to restore, stores data to a set of backup media, and ships it to the consumer.
 
There are three common backup service deployment options in a cloud-based backup.
  • Local backup service (managed backup service): This option is suitable when a cloud service provider is already providing some form of cloud services to the consumers. The service provider may choose to offer backup services to the consumers, helping protect consumer’s data that is being hosted in the cloud. In this approach, the backup operation is completely managed by the service provider.
  • Remote backup service: In this option, consumers do not perform any backup at their local site. Instead, their data is transferred over a network to a backup infrastructure managed by the cloud service provider. To perform backup to the cloud, typically the cloud backup agent software is installed on the servers that need to be backed up. After installation, this software establishes a connection between the server and the cloud where the data will be stored. The backup data transferred between the server and the cloud is typically encrypted to make the data unreadable to an unauthorized person or system. Deduplication can also be implemented to reduce the amount of data to be sent over the network (bandwidth reduction) and reduce the cost of backup storage.
  • Replicated backup service: This is an option where a consumer performs backup at their local site but does not want to either own or manage or incur the expense of a remote site for disaster recovery purposes. For such consumers, they choose replicated backup service, where the backup data in their site is replicated to the cloud (remote disaster recovery site).

Archiving to Cloud (Archive as a Service)

Cloud computing provides highly scalable and flexible computing that is available on demand. It empowers self-service requesting through a fully automated request-fulfillment process in the background. It provides capital cost savings and agility to organizations. With cloud-based archiving, organizations are required to pay as they use and can scale the usage as needed. It also enables the organization to access their data from any device and any location. Typically cloud-based archiving service is designed to classify, index, search, and retrieve data in a security-rich manner while automating regulatory monitoring and reporting. It also enables the organizations to consistently enforce the policies for the centralized cloud archive repository. Hybrid cloud archiving is one step toward the cloud from the traditional in-house approach. Archived data that may require high-speed access is retained internally while lower-priority archive data is moved to low-cost, public cloud-based archive storage.
 
Some of the key considerations for cloud-based archiving are as follows:
  • Service Level Agreement (SLA): In a cloud, the assurance for quality and reliability of services become an important consideration. As the demands of the consumers vary significantly, it may not be possible for service provider to meet all the expectations. Therefore, a balance needs to be made via a negotiation process and documented as service level agreement. The SLAs between organization and service provider must reflect cost, availability, performance, data privacy, data ownership, retention and disposition policies, regulatory requirements, search and data access, compensation for data loss and misuse, and penalty or recourse (for not meeting the agreement) as parameters of the agreement. The SLA should also include clauses related to the termination of the service by both the consumer and the provider.
  • Vendor lock-in: Refers to a situation where a consumer is unable to move readily from the current provider to another. This condition may result from various causes such as high cost of migration, significant re-engineering effort requirement for an application migration, lack of open standards, or restrictions imposed by the current provider. The use of widely accepted open standard tools, APIs, and file formats can prevent vendor lock-in.
  • Compliance: A consumer should assess their compliance requirements and convey it to the provider. An organization’s compliance requirements may include internal policies and legal requirements. Legal requirements may include data privacy laws imposed by different countries. These legal requirements may also specify geographical locations to store consumer data and disallow modification or deletion of data during its retention period. The service provider should meet these compliance requirements for the consumer.
  • Data Security: There are various mechanisms (secure multi-tenancy, encryption, shredding, access and identity management) that should be deployed by service provider to ensure security for data stored in the cloud archive. Secured storage multi-tenancy is a key requirement for any shared IT infrastructure such as cloud. Secure storage multi-tenancy ensures that no tenant (consumer) can access another tenant’s data. Encryption is a technique to enable the confidentiality and integrity of data. Ensure that the data should be encrypted both at rest and in flight. Even when deleted, the data in the cloud may still be vulnerable to exposure. Data shredding enables removing all traces of deleted data. Access and identity management is an administrative process that deals with identifying users of an information system. Additionally, identity management also controls access to system resources by placing restrictions using user identities.
  • Pricing: There are various cloud pricing models that are available such as pay-as-you-go, subscription-based, and user-based. Consumer should consider various factors and decide which model is best suited to their needs.
 
Go To >> Index Page

Leave a Reply