We cover both these critical storage tasks:
- Adopting best practices around considerations that apply to all storage use cases.
- Adopting best practices around specific cloud storage use cases.
Calculate your Costs
Never assume that “cloud storage is cheap.” However, there are two cases where it might be cheap:
- Storing files in the cloud without backing up, replicating, or snapshotting them – arguably not a good plan.
- Backing up on-premises data to a cold tier with no expectation of egressing it.
The cloud provider is responsible for your active SaaS data’s durability and you are responsible for backup. Keep in mind that the cloud providers charge for the space your data consumes.
Of course your backup files, snapshots, and replicated data are critical for data protection. But the 10 GB you originally subscribed to balloons to 100 GB with all the data protection copies. You need the data protection, but you will pay for the extra storage. Don’t assume you have to pay this; research different cloud providers that provide economical data protection and DR storage.
Don’t Fixate on AWS and Azure
When you are researching cloud storage, don’t assume that AWS or Azure are the only games in town, especially not for data storage, recovery, or DR. In addition to paying for storage space, you’ll pay for support, retrieval charges, data access charges, transfer charges, and occasionally even data deletion charges. See a simplified pricing information on the AWS S3.
On the DR side, failover is a premium service and so is testing. Many failover customers never test their failover environment on the public cloud, leading to a "hope and pray" approach for an actual disaster. Negotiate testing services with your provider, sign with an MSP who offers testing services, or go with a customized provider who provides periodic testing at a low or no charge.
Customize Your SLAs
Many cloud providers prefer not to customize SLAs for each customer, which is time- and resource-consuming for them. If they offer the service to customers, it’s at a premium cost. You don’t need to accept premium prices without negotiating, but you do need customized SLAs to map to your application priorities. Understand how you can view reporting metrics, and what recourse (if any) you have if the SLA fails.
You’ll need to adjust your own expectations for the realities of your WAN. If you haven’t invested in WAN acceleration tools and/or wider bandwidth, the cloud provider will only agree to SLAs that are reasonable for slower traffic speeds.
Research the physical security of your providers’ data centers as well as digital security. Ask for data center certifications and security audit history. Understand how the provider applies encryption to data in-flight and at-rest, or how your backup software encryption integrates with the cloud vendor’s environment.
Also understand key management. Who has access to the encryption keys? Ideally you should be the only one with your encryption key: not your provider’s staff, partners, contractors, or cleaners.
Manage Your Data
Customizing backup/recovery and DR configurations takes IT time and expertise. If an organization’s IT prefers to stay hands-on and has expert cloud management teams, it makes sense to subscribe to a self-management customer portal.
However, managing BUR/DR in the cloud is complex. Setting different application priorities, managing a wide choice of configurations, and periodic testing are not small tasks. Many organizations, even the ones with large IT departments, are turning to BaaS (Backup as a Service) and DRaaS (DR as a Service) for packaged expertise and flexible service plans. Experienced MSPs can save customers time, money, and risk on backup and recovery and DR.
Stay in Compliance
As the data’s owner, you are directly responsible for compliance. Make sure that your cloud storage provider understands their role in ensuring data security and privacy for regulations and industry/corporate governance. This includes providing compliance services internationally as well as nationally, such as observing GDPR privacy regulations on data stored in the EU.
Even if you don’t run afoul of government regulators, a failed internal audit can severely impact public and private companies. Write regulatory compliance and governance measures into your SLAs.
Avoid Vendor Lock-In
Cloud providers are highly committed to keeping their customers. The large public clouds often aim for two customer behaviors: to encourage customers to sign up for more services, and make it expensive to transfer data off the cloud. Both behaviors encourage vendor lock-in.
However, the decision to stay with a single provider is rarely a good strategic choice. No single provider can offer every service, or offer it well. This has led to the rise of the multi-cloud, where customers subscribe with several clouds to optimize individual workloads and avoid the expense of data transfer between clouds. This is true across both cloud computing and cloud storage workloads.
The driver for moving BUR/DR to a data protection-specialized cloud is highly optimized backup, recovery, failover, and DR testing for highly available applications and data. And remember, some providers also customize SLAs for their users as a competitive differentiator.
As with any other technology, carry out due diligence. Understand your cloud storage use cases, don’t restrict your vendor search to one or two public cloud providers, and adopt best practices for managing cloud storage performance, availability, security, compliance, and management.
Start with understanding your use cases for cloud storage. Is it backup and recovery? Archiving? Disaster recovery? Many organizations do all three. It’s not a matter of picking one, but of understanding that each use cloud storage case has its own considerations.
Backup and recovery’s primary drivers are recovery time objective (RTO) and recovery point objective (RPO). You may have additional important objectives like geographical restore objectives, where you can specify your recovery data center location.
For example, a corporation has two data centers, one in New York City and one in Los Angeles. If the NYC data center has flooded (remember Hurricane Sandy?) they need to recover to LA. The time to know if your provider can do that or not is before the disaster, not during it.
Note that the responsibility for meeting RTO and RPO isn’t just the cloud providers. Customers should apply acceleration technology to their WAN, and invest in enough bandwidth. Also subscribe to backup for SaaS data as well as on-premises, since SaaS providers do not backup your data as a basic service. Consider adopting a backup and recovery production company that will backup both on-premises and SaaS, and offers a choice of clouds for backup targets.
Cloud Storage Archiving
Archives are built for original file access, search, and indexing without taking up expensive primary storage space. On the cloud, archives are located on an economical storage tier; but given the public clouds’ expensive retrieval charges, archiving only stays economical if the organization doesn’t access it often. Which explains why many organizations still use tape to store active archives.
There is R&D around monetizing active archives in the cloud, primarily driven by M&E service providers. The primary current usage case for cloud-based archives is archiving SaaS data for index and search. There are companies, for example, that back up and archives Azure SaaS data onto the Azure cloud. Know your business needs: if you have high-access archives, keep them on tape or HDD. If you need archives for eDiscovery and/or compliance access, or want to index SaaS data, then keep your archives in the cloud and monitor your storage costs.
Disaster Recovery (DR)
Not every disaster is dramatic. A localized brown-out can down a data center as fast as a tornado or hurricane. Thus DR is essential, which restores application access as well as recovering data.
Cloud-based DR is primarily focused on failing over applications and data to a virtual data center in the cloud. Upon the loss of an application server or server cluster, the environment spins up and reconnects users. This enables users to keep on using the application with little to no perceived lag. Upon successful server recovery, the disaster recovery environment fails back the customer production environment.
Look for DR solutions that are not limited to your public cloud vendor. Carefully review user access: how quickly the provider activates user accounts in the failover environment, and how secure the process is. Also look for a service that simplifies DR testing and keeps it affordable.