Implementing a data backup strategy with agility in mind

On World Backup Day, industry experts discuss the need for agility in your data backup strategy

It’s World Backup Day. Here comes the annual reminder – back up your data to avoid losing it and making yourself an April Fool. Yes, you’ve heard it before. But what is different this year is the scale of change and uncertainty we’ve had to adapt to in the face of a global health crisis, regulatory developments, and now war in Europe.

To help you navigate your way to a successful backup strategy, we have asked industry experts to pinpoint the main challenges IT teams are facing, and to shed light on which approaches are winning.

The need for inclusivity

We create and consume data on levels that were until recently unimaginable. Most of this data is unstructured and exposed to threats such as disk failure, human error, and malware. Backup technology vendors have adapted to this by exploiting the power of cloud computing to build scalable products and services which look very different to traditional backup solutions.

Omdia analyst Roy Illsley said: “The backup market has, over the past few years, seen a shift from mostly backing up VMs, to being more diverse and able to support different types of workloads from SaaS to cloud-native. Backup today is more inclusive.”

It stands to reason. The data we produce is more varied and complex. So, backup firms have to accommodate a wider range of business needs. Fred Lherault, CTO at Pure Storage expanded: “With modern approaches and technology such as open source, containerisation, DevOps — what is backed up has changed.

“For example, in the old world, an application was made of a few servers and maybe one or two big databases. Today, apps are running in microservices, they’re containerised, so organisations can’t point to one server and say this is where the app lies: back up there. Now, organisations need to have a data protection solution which understands the application make up, containerisation, and Kubernetes. It must be able to back up not just the data but also the container orchestration configuration and images that were used to deploy it.”

But according to StorOne’s CMO George Crump, backup software itself has seen significant innovation as now “modern software solutions can transfer data at much finer levels of granularity thanks to block-level and change-block backups.”

Crump explained: “The increase in granularity means that IT can increase the frequency of protection events to reduce RPO.”

Considering remote working and cloud

The sudden increase in employees working from home left organisations scrambling to keep control of their data. Lherault said: “The trend for remote work and bring-your-own-device has made organisations implement thorough remote desktop and SaaS strategies, which help them ensure people don’t have data on their laptop which isn’t being backed up.”

The tech stack to support remote working has shifted, too. Teams, often working asynchronously, are now collaborating through Slack, Zoom, Google Docs, and so on, replacing in-person communications.

“The shift towards remote work has accelerated cloud adoption by several years,” says Veniamin Simonov, director of product management at NAKIVO, “which, in turn, has contributed to the adoption of cloud-based solutions, including backup ones.”

Krista Macomber, senior analyst on data protection and multi-cloud data management at Evaluator Group, elaborated on the impact of moving towards cloud-based services: “We see backup software being developed on container/microservices architectures, so that they are more suited for delivery in the cloud.”

The flip side, Macomber said, is that, “cloud resources also need to be protected, so we’re seeing an emphasis on protection for SaaS applications like Office 365, for example.”

Clumio’s co-founder and CEO, Poojan Kumar, lays out how cloud adoption has transformed backup technologies in three areas. “First, cloud backup technologies are facing unprecedented scales. One example is Amazon S3. You need billions of object scale and PB of data scale.

“Secondly, cloud backup technologies are facing deployments across many regions while providing a single pane of glass. Simplicity has to transcend regional boundaries.

“Thirdly, cloud backup technologies have to be delivered as-a-service, not a piece of software that needs to be managed by customers on an ongoing basis.”

Managing backup costs

But has the rising adoption of the cloud model affected the cost of backup? “Absolutely,” said Lherault, because “there may now need to be multiple data protection solutions to support the disparate environments. Organisations need to balance this with repatriation costs as bringing data back on-premise can be prohibitively expensive.”

Crump insisted: “Cloud adoption does not decrease the cost of backup.” Experts have slightly diverged opinions on the question, but most point to consumption models; for Clumio’s Kumar, “the cloud model requires everything including backup to be consumption oriented. Pay for what you consume: no less, no more. No fixed costs. No licenses. No software to manage. No software to run. Not having to manage a backup software also frees up valuable IT resources that can now be dedicated to efforts that are core to your business.”

Lherault agrees, saying flexible consumption models “enable organisations to pay for consumption based on how often backups are performed and how much data is stored. This avoids an up-front outlay for capacity which will go largely unused for years.”

While cloud backup has advantages, “many organisations turn to more traditional tape backup instead,” says Peter Donnelly, director of products at ATTO Technology, who highlights several advantages including “long-term costs, data privacy and security, process assurance and control and, in some instances, regulatory considerations.” Lherault identifies data sovereignty as another advantage of on-premises backup: “it means organisations know exactly where their data is, which lowers compliance and regulatory risk.”

Effects on cyber security

The fast climb of cloud adoption combined with a more distributed workforce, has had an impact on cyber security, which traditional backup vendors are turning towards. With their workforce based outside the ‘castle walls’, suddenly companies are more vulnerable, and the new remote model seems to have “broadened the attack surface, making it quite challenging to maintain cyber security policies,” NAKIVO’s Simonov says.

Spectra Logic’s product marketing manager Eric Polet explains that “attaining as close as possible to fool-proof data protection in today’s times, requires a tactical upshift in approach that extends beyond purely focusing on data protection, but also a thorough consideration of the organisation’s ability to be ‘data resilient’.

“The latter refers to the ability of data to ‘spring back’ once compromised, achieved by smartly leveraging cloud, tape and/or disk, managed by data lifecycle management software.”

Curtis Anderson, senior software architect at Panasas, expands on cyber attacks in HPC environments: “Historically, as long as their systems were separated from the corporate LAN and the internet, HPC users didn’t worry about security.

“This meant that they could avoid the accompanying overhead of security solutions and drive as much performance into their HPC installations as possible. However, this is no longer the case due to two key trends: first, with the expansion of HPC use cases into manufacturing, big data analytics, AI, and ML, organisations need to integrate their HPC appliances into the rest of their infrastructures. Second, hackers are looking for more data-rich targets. Government labs, manufacturers, and other HPC environments, are often of national importance.”

For all the above reasons, backup vendors are widening the reach of their products by including cyber security features and to enable their customers to put their data in air-gapped, vendor-managed storage vaults.

“The need to provide ransomware protection has made backup and security more aligned and in demand,” according to Illsley, though he adds that “the rise of cloud and the multi-availability zone approach has led customers to a false sense of data security; they believe the cloud providers include this, but in reality, they do not.”

Are on-premise measures still needed?

So, is there still a need for on-premises backup solutions in this era of cloud adoption? According to Polet, “in the past, backup technologies always included hardware such as tape. With the adoption of cloud and the advancement of technology, today’s backup technologies can include any combination of cloud integration as well as hardware and software.”

Donnelly makes the point that “aside from being a cost-effective solution, tape’s primary advantage is its physical immutability; data on a tape drive is not physically connected to a network when at rest, providing an ‘air gap’ that keeps backup data untouched during, say, a ransomware attack.”

Paul Speciale, Scality CMO, agrees: “the key to swift and simple recovery is immutable backups. By making data immutable, i.e. impervious to deletion or modification, it is therefore also protected from malicious encryption and safe in the event of a cyber attack.

“AWS S3 Object Lock creates a virtual air gap, enabling IT teams to create modern WORM systems, but with a key advantage that it stays online and accessible for normal (authorised) access, as opposed to offline data.”

The future of backup

So what does the future hold for backup technologies and vendors? “Edge is the next battleground,” claimed Illsley. The explosion of sensor-based technology and AI is leading a demand for data at the edge. As always, backup will need to go where data goes.

And so, Illsley explained, “how to protect it and understand the data and the relevance of it to backup is the next challenge.”

Evaluator Group’s Macomber predicted “an ongoing emphasis on protection for Kubernetes and container environments, as well as SaaS applications.” She added that “data protection vendors will continue to invest in the sophistication of their AI/ML and vaulting/air gapping capabilities for ransomware resiliency.”

According to Aron Brand, CTERA’s CTO, “the term backup is becoming obsolete, as dedicated backup solutions that are built on the principle of periodical backups and user-initiated, time-consuming restore sessions, are being phased out for next-generation protected storage solutions that offer ransomware detection and instant recovery capabilities.”

More innovation is expected in backup technologies and solutions. Kumar believes “with the cloud, we can finally deliver on services running on top of your backup data to solve more advanced use cases like global search, data classification, and even machine learning and analytics.” Simonov added that “better automation and AI-based technologies will assist in detecting and preventing threats.”

Brand added: “To be honest, I don’t like the name World Backup Day. I prefer to think of this day as World Disaster Recovery Day.

“The truth is that most organisations are giving way too much weight to backup and giving too little thought to their recovery process. You need to have a plan for how you’re going to recover your data and systems in the event of a disaster.”

Indeed, today is the day to prevent data loss. Or, rather, the day to remind ourselves to do it regularly! HYCU’s founder and CEO Simon Taylor said: “This World Backup Day, we are reminded of the global reality that backup and recovery and data protection are even more important than ever.

“Both have quickly become not just another piece of the technology puzzle or check box on a compliance list; they have become an important last line of defence for businesses, employees, and families.”

Written by A3 Communications

Editor's Choice

Editor's Choice consists of the best articles written by third parties and selected by our editors. You can contact us at timothy.adler at stubbenedge.com