A great example is when lightning struck four times near Google’s St. Ghislain data center in Belgium. These four strikes caused the Google Compute Engine storage to go down without enough time to effectively save all of the data. According to Google, 0.000001% of the storage space was affected and data was lost. “Although automatic auxiliary systems restored power quickly, and the storage systems are designed with battery backup, some recently written data was located on storage systems which were more susceptible to power failure from extended or repeated battery drain.”
Keeping Data Safe With Shared Responsibility
When companies give all of their control to a cloud service provider, it can be a very risky proposition. A better solution is shared responsibility. In this scenario, the MSP and the IaaS provider shares certain responsibilities. For example, the cloud provider may be responsible for physical security of the data center and network elements. However, the MSP or customer has a responsibility to maintain data integrity, including backups. In order for shared responsibility to be successful, the MSP must clearly define their role and responsibilities along with the responsibilities of the cloud provider.
According to Vinay Patel, Director and Global Head of Information Security at Citi Technology, “Relinquishing control does not equate to relinquishing accountability or responsibility. If you think about some of the expectations of your business’ management [team], your regulators and your auditors … they expect you to be accountable.”
Solutions for backing up your data
Thankfully, there are several solutions for making sure your client’s data gets backed up in the cloud. Here are some examples of how you can take on shared responsibility and ensure that your client’s data gets backed up while greatly minimizing the risk of data loss.
Amazon Web Services
Amazon Web Services (AWS) provides EBS snapshots which their customers can use to backup the data using a snapshot in time. These are incremental backups which only collect the data that has changed since the last snapshot. In order to do these snapshots, the customer must freeze the file system right before the snapshot is taken and then unfreeze it after the snapshot is complete.
However, running a complex backup process across one or many customers is not easy. Thankfully, there are tools like Cloud Protection Manager 2.0 from N2W Software. It is an enterprise backup and disaster recovery solution for AWS. It allows you to backup multiple AWS accounts, delete old snapshots and ensure your backup is fully compliant and automated.
Microsoft Azure provides Azure Backup Vaults which allows customers to backup daily with a data retention of 30 days. Backing up a virtual machine is considered a local process and customers must backup to a vault that is in the same region as the virtual machine being backed up.
Another solution for Microsoft Azure is CloudBerry Backup by Cloudberry Lab. CloudBerry is an application that gets installed inside the operating system and automates encrypted and compressed data cloud backup for the Azure platform.
Google Cloud SQL provides a point-in-time backup which allows up to seven backups for each VM instance. More instances are available for an additional fee. However, in order to restore the data, the client will need to have automated backups enabled. It’s also important to note that according to Google, “you can enable or disable automated backups and binary logging for an instance at any time, but changing the binary logging setting causes the instance to be restarted.”
It’s critical that MSPs and IaaS providers take shared responsibility for their cloud data seriously and provide a backup storage solution regardless of whether they have a single or multi cloud strategy. Doing so greatly reduces the risk of data loss.