Tech/Engineering

Top 10 principles of cloud: value-added services

Sneha Ghosh, Principal Product Marketing Manager

It is time to unlock the value of your backup data! In October 2020, Druva published the 10 key principles of a cloud-based service. Since then, we have expanded the series and touched on a variety of topics including simplicity requirements for cloud applications and how to optimize cloud services for bandwidth. In this continuation of the Top 10 series, we will explore how cloud data protection empowers customers to liberate their backup data to deliver value.

SaaS data protection seems to be the flavor of the season, public cloud has brought scale, efficiency, security, and cost benefits previously unknown to on-premises customers. However, the maturity of a SaaS data protection vendor is evidenced by value-added services, including its abilities to:

  • Reuse data to deliver business continuity
  • Generate insights to discover inefficiencies in storage usage
  • Detect, protect, and recover from ransomware attacks 
  • Integrate with ecosystem providers and other SaaS services like Identity and Access Management (IAM), audit logging, security analytics, and more

Data portability and disaster recovery

As per FEMA, following a disaster, 90% of smaller companies fail within a year unless they can resume operations within five days. Meanwhile, 20% of larger companies spend over 10 days per month on their continuity plans. Nevertheless, FEMA found that 20% of companies have no disaster recovery (DR) planning in place. To prevent and respond to a disaster, every business must have a comprehensive DR plan.

Designing a DR plan has always been challenging as businesses have to carefully evaluate their strategic priorities, current computing environment, external risk factors, and willingness to engage in risks, before designing a plan to align with their cost objectives. Once the plan is set, one has to ensure that it works with regular testing. This is similar to buying health insurance, however you need far more planning and frequent checks to ensure this “insurance” works.

Cloud has revolutionized the way organizations can plan their DR strategy. It has the brought tremendous efficiency and scale benefits, including:

  • Cost efficiencies: No redundant DR site, no sunk infrastructure costs, no overheads of refreshing and maintaining on premises infrastructure, and pay-per-use consumption
  • Elastic scale: On-demand failover and failback
  • Extensive geo reach: Ability to store data in geographically disparate locations
  • Secure and reliable infrastructure: Built on public cloud, adherent to strict security standards
  • Automation and orchestration: SaaS provider not only owns and manages the backup infrastructure, but also provides tools to automate recovery procedures (runbook plans) and provides unlimited validation and testing

There are many SaaS backup vendors that provide the ability to store your data in the cloud, but few provide the ability to efficiently use that data for disaster recovery. 

Other solutions move backup data stored on-premises to the cloud, convert the data to a cloud compatible format, and then failover to a cloud VM in the event of a disaster. However, the major caveat for such deployments is that customers still have to invest in on-premises backup infrastructure, endure long RTOs (conversion process can take time), procure additional backup software for the cloud, and manage the cloud environment used to store and recover the data sent to the cloud. If this sounds complex in theory, it is even more complicated and expensive in practice. 

Extending the insurance analogy cited earlier, this is almost like a limited policy where out of pocket costs are unpredictable and often hidden. Moreover, you not only have to pay for the insurance, but also have to bear additional costs to ensure your insurance works properly. Go figure!

Customers must ensure their backup provider simplifies DR instead of complicating it with the cloud. When a regional disaster does happen, the cloud service should support failing over to other regions without any manual steps. It should be cloud-native, efficient (source-side deduplication), scalable and secure (separation of data and metadata, encrypted architecture), and simple (unified dashboard for management). Also, it should have unlimiting testing so that their theoretical DR plan actually works in a real world deployment.

Optimal storage utilization 

When you shift to the cloud, you often switch to a consumption-based model as well. Yet, for most organizations, the nature of backup storage consumption is a black box, meaning they do not know what is being stored and cannot optimize storage consumption easily. IT teams often back up a lot of non-business-critical data along with important data. Yet to get visibility into this data split, they’d have to purchase additional software or infrastructure, or both —rather counterintuitive. Most storage analytics solutions only provide visibility into what is consuming your backup storage, but stop short of providing any meaningful actionable information.

Cloud backup has the power to change this dynamic. By leveraging a centralized pool of metadata, cloud backup services give teams greater insight into what is stored, and greater opportunity to act without the need for additional tools or training. Hence, a backup solution should not only provide elastic scale and unlimited storage, but also offer services to discover inefficiencies and reduce backup storage costs through meaningful, actionable insights and recommendations.

Ransomware recovery 

As per Cybersecurity Ventures research, global ransomware damage costs will reach $20 billion by 2021 – 57X greater than in 2015, making ransomware the fastest growing type of cybercrime. This is not surprising considering the growth of remote workforces, virtual offices, and inadequately-secured devices and network connections. 

Ransomware can enter an organization through a dubious link in an email before working itself into other devices and systems, encrypting data and infrastructure files rendering them useless. This process can continue silently for weeks if not months. The worst kind of attacks are those that affect backup files, eliminating the organization’s last line of defense. 

A mature SaaS backup provider has the ability to provide multi-layered security, ransomware detection capabilities, and equally important remediation tools, all of which to help organizations build a defense-in-depth security strategy. Examples include:

  • Data isolation and immutability: Data is stored in an air-gapped environment away from the production data in an encrypted and immutable format, such that neither administrators nor retention policy can delete the latest available snapshot. End-users too cannot delete backup data. 
  • Comprehensive data source coverage: The customer’s backup provider should not be limited to its data center applications; according to research, 70% of successful breaches originate from the endpoint. The backup application should be able to protect data in all locations, including endpoints, and have the ability to wipe clean an infected device to prevent further infection.
  • Detection and clean recovery: Providers should detect anomalous data activity, generate alerts, and integrate into event monitoring tools. This allows them to identify good, clean backup snapshots, and retain unlimited data in the cloud with the ability to recover data in bulk through automated workflows.

These seemingly straightforward requirements are often tough to accomplish cost effectively with most backup providers.

Ecosystem integration 

The common theme across all the above scenarios is customers deriving value from backup data. DR, storage analytics, and ransomware recovery are just a subset of what customers can achieve; they can also leverage backup data to generate insights about where their sensitive data lives, automate business processes, identify data leaks, and assist their litigation and regulatory requirements.

The key to all these services is integration with third-party solution providers via REST APIs and pre-built integrations, so that customers can connect the data from multiple vendors in their ecosystem to gather insights from their backup data. 

Customers must ensure their SaaS backup provider not only provides open APIs, so that customers can build their own integrations, but also support a rich ecosystem of solution providers so customers can leverage pre-built integrations for reporting, ITSM, ransomware detection, and eDiscovery enablement. Moreover, these integrations should not have any on-premises dependencies — customers can ceaselessly leverage the benefits of the integrations without worrying about constant software refreshes. 

Most importantly, a healthy partner ecosystem demonstrates that a cloud service is API-driven, collaborative, and flexible to evolve with the cloud.

 Key takeaways

There are emerging SaaS vendors — and then there are category creators — who understand the cloud operating model, have built their platform for the cloud, and have consistently proven that they have the performance and scale to help customers leverage the cloud for their business applications and critical databases. At Druva, we believe our architecture helps customers unlock the true potential of their data, and have a history of successful use cases to prove it. But don’t just take our word for it, we invite you to try Druva for yourself. Visit the cloud platform overview page to learn more, as well as get access to a free trial or demonstration today.