-1.png?width=350&height=117&name=iuvo_logo_blue_Transparent%20(1)-1.png){kind=logo}
Cloud applications and Sofware-as-a-service (SaaS) programs like Microsoft 365, HubSpot, Salesforce, Box, Slack, and Dropbox are becoming increasingly popular in today’s workplace. Many of these applications and services are critical to the day-to-day operations of companies, increasingly so in the post-pandemic workplace.
.png?width=500&height=500&name=Untitled%20design%20(35).png)
With the increasing use of cloud applications, there comes an increased need for cloud backup solutions. These solutions offer several benefits over traditional backup methods, including increased flexibility, lower costs, and greater ease of use. In this blog post, we’ll explore some of the key features and benefits of Cloud-to-Cloud backup solutions.
What is Cloud-to-Cloud Backup?
Cloud-to-Cloud backup refers to the process of backing up data from one cloud service to another. This is typically done to protect against data loss due to user error, accidental deletion, malicious attacks, or other causes. For example, a business might use Cloud-to-Cloud backup to back up its data from one cloud service (such as Google Drive) to another (such as Dropbox). Cloud backups can be automated, with no need for input by the customer, allowing a more consistent backup schedule.
Why are Cloud-to-Cloud backups needed?
While cloud providers often take backups of the data, they are generally intended to support the cloud provider’s Service Level Agreement (SLA) for housing your data. The backups are not intended to serve the customer’s backup needs in the case of deletion or attack. Three of the top SaaS providers, Microsoft, Google, and Salesforce, have language in their terms that recommends using a third party to back up cloud data. Microsoft states: “Point in time restoration of mailbox items is out of the scope of the Exchange service.” Salesforce advises: “We recommend that you use a partner backup solution that can be found on the AppExchange.” And Google suggests, regarding Google Drive or Gmail, “An administrator can restore a user’s Drive or Gmail data for up to 25 days after the data is removed from the user’s trash. . . after 25 days, the data cannot be restored, even if you contact technical support.” This further emphasizes the point that if companies are storing their essential data in the cloud, they need to have a third-party provider back up their cloud data.
In addition to cloud providers recommending third-party providers for backup, data in the cloud can be subject to accidental or malicious deletion, for which the cloud providers disclaim any responsibility. Ransomware and cyber-attacks are also on the rise, and cloud-to-cloud backups provide further insurance that a viable backup will be available to restore datasets in a timely manner, allowing for business continuity.
What are some of the benefits of Cloud-to-Cloud backups?
As previously mentioned, Cloud-to-Cloud backups add an additional layer of protection for important data in a company, by storing the cloud data in another provider’s infrastructure, usually in a different geographic location. The recovery can also be accessible all over the world, as the cloud backup provider will likely have datacenters located in different geographic locations for security and ease of access, due to closer physical locations of the data storage infrastructure. This can be an important requirement for many companies’ disaster recovery plans.
As the sole purpose of the backup provider is to perform backup recoveries, Cloud-to-Cloud backup providers also provide longer retention of backed up data, quicker recovery times and easier restores. The recovery files can be accessed via laptops or even mobile devices, allowing for a flexible recovery plan on many different devices. While a cloud provider may offer recovery of deleted items, after a certain timeframe, that data is unrecoverable.
There are also cost savings for Cloud-to-Cloud backups. As the cloud backup provider is responsible for the infrastructure, there is no need for purchasing costly storage arrays, or incurring the cost of maintaining and powering the devices. Cloud backup is typically a cheaper alternative to in-house disk arrays, depending on disk speed and arrays used. Adding additional storage space for cloud backups is as simple as reaching out to the provider and upgrading the backup plan. For in-house storage, scaling and increasing storage space can be costly and time consuming as demand increases. Cloud-to-Cloud backups are longer lasting, with the cloud backup provider maintaining and upgrading the infrastructure over years, rather than costly disk replacement in-house, with the average disk age being between three to five years.
By leveraging a third-party cloud backup provider, organizations can gain an invaluable safeguard for critical data. Even if your SaaS subscription ends, these backups remain accessible, ensuring data recovery options in legal proceedings or other recovery scenarios.
Since they are not accessible by end users, and not directly connected to most points of entry for data attacks, Cloud-to-Cloud backups are safer from ransomware and cyber-attacks than in-house backups.
What are some of the drawbacks of Cloud-to-Cloud backups?
As with any backup solution, there are some important things to consider. When reviewing the different providers, it’s important to consider cost-benefit analysis for each solution. There are varying options from different providers, with varying SLAs and each should be considered before selecting a Cloud-to-Cloud backup provider.
Security is paramount in the modern working environment, and with moving critical data to another cloud backup, there is the potential for more exposure to cyber-criminals and malicious activity. In order to provide the most protection, data should be encrypted in-house, then again in-route to the cloud backup provider, and should then be stored in the cloud backup providers’ infrastructure. To maintain secure access to sensitive data, it is essential to conduct routine access control audits. These audits ensure that users are granted appropriate access privileges, adhering to the principle of least privilege. By regularly reviewing and adjusting access levels, your organization can mitigate the risk of unauthorized access and enhance overall data security.
Since the backups are stored in the cloud, it’s important to consider bandwidth when implementing a recovery solution. The connection speed (and therefore your minimum Recovery Time Objective) is dependent on the speed of the network between the cloud providers. During times of high traffic, or if there is high latency between the providers, the backup may be slow or potentially fail. Bandwidth is also shared among other cloud backup customers, as utilization and demand go up, the shared bandwidth connection utilized by the customers can become slower, increasing backup time and recovery time to the cloud service.
As previously mentioned, storing the backups in the cloud allows for a more flexible and scalable solution, but along with that scalability comes rising costs. Depending on the provider, the costs could jump significantly based on the specific plans provided by the cloud backup provider. Additionally, some SaaS providers are more complex, requiring multiple backup solutions for different parts to ensure full coverage of all the data. For example, within Salesforce there are different applications such as Salesforce inbox, CRM analytics, and Field Service. As these are all separate applications, they would likely need to have separate cloud backup solutions resulting in a cost increase.
Since the management of the backups falls on the cloud backup provider, customers don’t have a lot of say or input as to the methods and timing of backups due to the fact that they are usually automated for simplicity. This can be a big detractor for companies that require a more hands-on approach to their backup solutions.
Okay I'm ready to pick a Cloud-to-Cloud backup provider, what should I consider?
When developing or updating a recovery plan, there are important points to consider.
What is the Recovery Time Objective or RTO, you need to hit? RTO is the goal your organization sets for the maximum length of time it should take to restore normal operations following an outage or data loss. Some companies can tolerate longer RTOs than others, so when picking a provider, you should match your requirements to the provider’s SLA.
What is the Recovery Point Objective (RPO) you need to hit? RPO is your goal for the maximum amount of data your organization can tolerate losing. This parameter is measured in time: from the moment a failure occurs to your last valid data backup. The RPO is dependent on your company’s needs. So, when scheduling the backups on Cloud-to-Cloud backup providers, ensure that your company’s RPO is being met. When choosing between cloud backup providers, careful consideration should be given to the frequency of backups and the control you have over them. If the backups are only taken once a day, there is a possibility of a day’s worth of data loss. If the backups are taken hourly, the maximum data loss is only an hour’s worth. Subsequently, the storage requirements increase (and price usually follows) due to the larger amount of data being backed up.
How easy is it to test cloud backups? An essential part of any backup solution is verifying viable backups in the event they are needed. The effectiveness of backups becomes futile if, during the time of restoration, they prove unusable due to missing or corrupted data. Testing the backups, either by verification provided by the cloud backup provider or running restore tests manually, can alleviate potential problems down the road during an emergency.
Are backups required for every user and application? Not all data is essential. Some companies have test environments where copies of production are housed, rendering it unnecessary to be backed up. In addition, there may be users that are not critical to include in the backup solution therefore allowing them to be serviced by the SaaS provider. This will alleviate costs and provide a less complex cloud backup solution.
There are now several vendors in the Cloud-to-Cloud marketplace. Less than 10 years ago, there were very few providers. In recent years, businesses have realized that cloud backups are essential to day-to-day operations. Several large companies purchased cloud backup providers to expand their offerings. For instance, Datto/Kaseya has purchased Backupify and implemented Datto SaaS Protection+. Following our thorough evaluation of cloud backup providers, iuvo currently recommends and deploys this solution to safeguard our clients' Microsoft and Google products in the cloud. Kaseya has purchased Spanning Cloud Apps, which covers Microsoft 365, Google Workspace, and Salesforce. Other vendors include Asigra, OwnBackup, Barracuda Cloud, Druva, Acronis, Veeam, Carbonite, CrashPlan, Backblaze, IDrive, SpiderOak, MSP360, Veritas Technologies, Commvault, Cohesity, Unitrends, AWS, and many others.
Carefully researching and choosing a Cloud-to-Cloud backup provider can be essential to ensuring that your company can withstand any catastrophe, man-made or natural, by allowing for a secondary layer of backup security. With the right Cloud-to-Cloud backup solution, businesses can ensure that their critical data is always protected and available when they need it. Contact us today to learn more about the options we provide at iuvo, we would be glad to assist.