By Matthew Brady, Daymark Consultant
How easily can you restore your data from cloud? What is your provider doing to protect your data once it has been stored in the cloud? Can you backup or restore your data at any time? These questions address availability.
Availability refers to how readily available a system is. Often measured by “uptime,” this indicator of a system or datacenter’s robustness describes how accessible the asset is. In terms of secure cloud backup, availability comes down to two main tenants:
- Systems should be available for backup of customer data whenever needed.
- Whenever a customer needs to be able to perform a restore, the systems and the data should be available for a timely restore.
Availability encompasses hardware, physical location, data protection, and security policies and procedures.
Focusing on high availability from a hardware perspective usually means redundancy. All hardware will fail eventually. Building redundancy into the design lessens the risk and impact of failed hardware. The following list describes the level of hardware redundancy to seek in secure cloud backup:
- Each rack component has redundant power supplies
- Virtual machines providing cloud services rest on physical hosts using clustered technology to provide automated VM and host failover as well as VM resource management.
- All storage utilizes multiple controllers and RAID implementations on the physical hard drives
- Networking connections are multiple on both the physical hosts and in terms of switches, routers, and firewalls
Another aspect of hardware that plays into the availability equation sits with the physical make-up of the hardware. Secure cloud backup employs best-of-breed hardware. That means reliable and proven hardware products from reliable and proven vendors. Building a reliable service starts with reliable hardware.
Where the hardware sits is just as important as what kind of hardware has been deployed. Whether the service provider owns the datacenter or utilizes a datacenter owned by another entity, the physical location of the customer data is critical to the availability of the service. Datacenters housing secure cloud backup have the following characteristics:
- Redundant power sources for the datacenter as a whole
- Redundant cooling
- Access to multiple Internet providers to provide redundant connectivity into the site
- Fire suppression that will allow hardware to keep functioning both during and after a fire in the facility
- Sound security practices to ensure that only authorized personnel have access to assets
This simple list defines a highly available datacenter. There are tiers and classifications of datacenters, but those definitions are not completely standardized. Be a smart consumer. When the provider says they have a “Tier 4” datacenter, ask what that means in terms of the list above. Don’t simply take the label or classification without further investigation.
The room where the cloud hardware sits should be able to survive (and thrive) natural and manmade disasters. The level of redundancy must accommodate loss of power to the building, a down Internet service provider, a broken cooling unit, a fire in a cage on the other side of the floor, or any other disaster that may happen.
Going back to the idea that all hardware will fail, it becomes important for the data on the hardware to be protected. Secure cloud backup means your backed up data is being protected somehow by the provider. That can mean replication of the data to a secondary site. That can mean replicated snapshots. Whatever the method of getting there, the ultimate goal is to have multiple copies of customer data accessible for backup and restore. When data is backed up to the cloud, secure cloud backup ensures a timely second copy exists in case of data loss or hardware failure at the primary site.
Secure cloud backup providers not only protect data directly owned by the customer, but they also protect data pertaining to customers. Billing databases, customer configurations, and support management applications are also protected at the same level as customer owned data. This ensures not only a continuous level of technical service, but also a continuous level of support.
Security Policies and Procedures
A secure cloud backup provider will have adequate policies and procedures in place to ensure the availability of the service. The following list some of the policies and procedures that will be in place.
- Change control processes to guarantee changes to systems are not accidently or carelessly made
- Systems and processes are monitored around the clock
- Technicians are well trained
- Disaster recovery and business continuity plans are in place
- Disaster recovery and business continuity plans are regularly tested and updated
- Access control policies are in place to make sure only those that should have access to cloud assets do
- Policies and procedures are regularly audited for completeness and functionality
- Policies and procedures are well documented
How do you know?
Availability can be tough for a customer to see. The customer has to rely on the service provider to effectively demonstrate their competencies. Asking the questions outlined here is important, but an even easier and more thorough way is to look for validation by a third party. SSAE -16 outlines the SOC 2 and SOC 3 reports that are created by a third party auditing firm. These reports outline a rigorous audit of the assets and the controls in place to provide adherence to Trust Service Principles such as security, availability, and confidentiality. Secure cloud backup providers seek these reports to be able to document their adherence to these principles. Your secure cloud backup provider should be able to share these reports with you.
Secure backup lies at the intersection of Confidentiality, Integrity, and Availability in a backup platform that enables automated, offsite backup.
Secure cloud backup does not just mean backing up to the cloud. It means backing up securely. That makes the jump to the cloud a less worrisome move. If fact, secure cloud backup can, and should, be an easy transition that empowers your organization to back up up your critical data to an offsite location while providing you with the assurance that it is being done safely and securely.
In short, secure cloud backup…
- Ensures that your data is protected so that only those that should have access to it do
- Ensures that the data you backup is restorable
- Ensures you can backup or restore whenever needed