A common question from organizations with cloud native applications is do they need to back those applications up? The cloud, after all provides plenty of redundancy and all major cloud providers have multiple data centers at their disposal. Most providers have very respectable uptime track records to make sure applications continue to run through almost any disaster. What most providers lack however is meaningful point-in-time protection to protect against data corruption, ransomware and rogue users.
What is High Availability?
High Availability (HA) is the process of making sure that if there is hardware or site failure, the application is rapidly recovered and put back into production. HA is typically achieved by replicating production data in real-time to another location. The objective is to make sure the secondary data copies are as closely in sync to the production data sets as possible. In the event of a server failure, storage system failure or even a data center failure, HA will instantiate the impacted applications at another site returning them to operation so quickly that users may never even realize there’s been an outage.
The Problem with High Availability
High Availability’s challenge is the speed at which it updates auxiliary copies, in real or near real-time. The speed of updates means that if a ransomware attack occurs, data is encrypted and then replicated to the alternate storage targets in near-real time. So as fast as the attack occurs, potential backup copies are also contaminated. The same concern holds true for a rogue user. If a user gains access and deletes a file share for example, those deletions are also executed on remote storage.
Will Snapshots Save You?
Most cloud providers offer a snapshot technology that enables them to create a point-in-time copy but these copies are totally dependent on the primary storage platform. Cloud snapshots are also typically difficult to execute, often requiring application level triggering. Snapshots are also difficult to manage. If there is a need to recover from a ransomware attack, determining which snapshot contains the best known good copy is difficult. Snapshots are often under application and user control, which means that a malicious user, or simply an ignorant one, can remove snapshots without IT authorization.
There is also a cost concern with snapshots. The snapshots are stored on the same storage as production data and the more frequently the organizations triggers the snapshots and the longer they keep them, the more production storage is consumed. Snapshot data also follows the same data protection process as its primary counterpart, which means the capacity that snapshot consumes locally is protected locally and replicated to alternate locations.
What is a Point-in-Time Backup?
A point-in-time backup is a standalone copy of data stored independently of production storage. If the volume containing production data is for some reason deleted then the point-in-time copy is still available but all data in snapshots is lost.
Why Backups Save You
As the name implies, a point-in-time backup is copied at a specific point in time and each copy is independent of production storage. Because of the independence of the copy, it can be made more difficult to access or it can even be marked read-only, making the backup copy more immune to a ransomware attack.
The Cloud Native Backup Problem
Other than making it clear that backups are still required with cloud-native applications, the primary challenge with backing up cloud-native applications is a lack of available options to perform that function. Again, while most cloud providers do offer high availability and snapshots, they don’t allow those snapshots to be easily schedule or managed. Also, making a stand-alone copy of the snapshot is surprisingly difficult. Finally, using them for restores is also a time consuming manual process.
Fully Protecting the Cloud
The cloud’s natural HA capabilities are certainly important but the capability is mostly to protect the cloud provider from large scale disasters. Cloud HA doesn’t typically protect user accounts from data corruption situations. Organizations with applications running natively in the cloud need to change their data protection orientation, they need to be less concerned about disaster recovery and more concerned about point-in-time protection. Organizations need to make it easy for application owners to recover from human errors that are typically not protected by a system’s high availability. This is why IT needs to make point-in-time backup a priority for cloud-native applications.
Watch the on demand webinar “Backup as a Service” now.
Sponsored by HYCU