How to protect data in the cloud Cloud backup vs. cloud storage: What are the differences?

Pros and cons of cloud backup

Know which type of cloud backup you want to use and the advantages and disadvantages that come with cloud backups before you trust your data to a third-party provider.

Fueled by affordable bandwidth and capacity optimization technologies, cloud backup is becoming a popular alternative to portable media, such as tape.

You have several options for backing up data to the cloud. These include backing up data directly to a public cloud, such as AWS, Microsoft Azure or Google Cloud Platform; using a service provider to host and manage backups at its cloud; and cloud-to-cloud backup for data created in SaaS apps, such as Microsoft 365 and Salesforce.

Cloud storage services can be a mixture of on- and off-premises components. For backup, the IT organization could have on-premises control of software and, optionally, hardware, coupled with off-premises services or infrastructure (massive data centers housing powerful computer, network and storage resources). Cloud backup services are charged back to the customer on a consumption basis -- depending on capacity, bandwidth or seat.

Cloud backup considerations

Every cloud has a silver lining, and in the case of cloud-based backup, there are several benefits. Cloud backup technology approaches are convenient because the information can be accessed from any internet-connected device; it can be more easily shared; it has built-in security; and digital information is easier to manage, search, retrieve and transfer. There may also be some cost and/or budgeting advantages to outsourcing all or a piece of the backup storage.

Cloud data backup advantages

There are several advantages to using cloud backup. They include:

  • Efficiency and reliability. Cloud providers utilize state-of-the-art technology, such as disk-based backup, compression, encryption, data deduplication, server virtualization, storage virtualization, application-specific protection and more in Statement on Auditing Standards 70-certified data centers. In addition to the security that accompanies their certification, many providers offer 24/7 monitoring, management and reporting -- features and capabilities that may not be afforded by many companies otherwise. Furthermore, there's no need to worry about upgrades, migrations or technology obsolescence; the burden of the backup infrastructure lies with the service provider.
  • Scalability with capital savings.Cloud backups can be low-cost, especially for consumers and small businesses without a lot of data to protect. Public clouds also remove scalability issues, so you never have to worry about having enough on-premises storage capacity for your data. Cloud backup through a service provider is easier to manage because the provider handles all that. Moving backups to the cloud can protect you from dangers such as ransomware attacks because your files are off-site.
  • Improved recovery time for small data sets. For a recovery from tape, an operator would need to recall the tape, load it, locate the data and recover the data. Conversely, file recovery from cloud storage is faster; it doesn't require physical transport from the off-site location, tape handling or seek time. Files to be recovered are located and streamed over the WAN connection, saving time and eliminating the need for a local tape infrastructure.
  • Accessibility. Cloud backup may be attractive to organizations that can't afford the investment and maintenance of a separate disaster recovery (DR) infrastructure. It can also appeal to those who can afford a full DR site, but recognize the greater efficiency and cost savings to be gained by outsourcing. Off-site data copies -- accessible from any internet-connected device/location -- provide an added measure of insurance in the event of a regional disaster.
  • Broader protection. Cloud backup can make a good option for protecting endpoints such as laptops or tablets that aren't traditionally part of on-premises enterprise backup. Cloud repositories can also replace the need for tape vaulting.

Cloud backup disadvantages

There are cloud backup tradeoffs, too, including:

  • Seeding data and full recovery. Depending on the total capacity of data, the first full backup and/or full recovery of site data could prove to be too time-consuming and impactful on production systems.
  • Size limitations. Depending on bandwidth availability, every organization will have a threshold for the most reasonable capacity of data that can be transferred daily to the cloud. These limitations will have an impact on backup strategies. Bandwidth is often the major issue for large organizations. Enterprises have been able to reduce their backup windows in recent years with technologies such as disk targets and data reduction methods, but moving data to the cloud slows the process. Companies may choose to only move specific data sets to the public cloud for backup to deal with the bandwidth limitations, as well as reduce cost.
  • Discontinuation of the service. Understanding the most graceful exit strategy for the service is just as important as vetting specific features. Termination or early withdrawal fees, cancellation notification and data extraction are just a few of the factors to be considered. Of course, this is not an issue for the large public cloud providers, such as Amazon, Microsoft and Google, but can be for smaller regional clouds.
  • Who's watching your backups? Another downside is the cloud provider may lack efficient monitoring and data management tools built into on-premises backup applications.

Data protection providers at your service

Most backup-as-a-service offerings migrate data between the end-user location and the cloud service provider's (CSP) data center. To economize on bandwidth and speed up transfer times over WAN or internet connections, backup data typically is deduplicated and compressed before it's transmitted to the CSP facility. This is a great way to efficiently move data off-site. However, it presents some significant challenges when data recovery needs to take place.

First, deduplicated backup data must be rehydrated, or reconstituted into its native format, before it can be recovered to an application. The rehydration process itself takes some time to occur, but the bigger challenge is the time it will take to retransmit all this data from the CSP site back to the customer location. This is generally not a major issue if a single file needs to be recovered. However, if an entire corporate application environment -- or even a large application instance -- needs to be restored, it can take days or possibly weeks to move all the data over network links.

To get around this problem, cloud service providers offer DR as a service (DRaaS). DRaaS enables the subscriber to run its business application as a virtual machine (VM) instance in the CSP's cloud. While this mitigates the need to return an application to operation in the customer data center quickly, it does present unique challenges.

First, will the application even run adequately in the provider's cloud? For example, to run at production service-level quality, the application might need high-speed storage resources and/or need to be attached to a robust network that can support hundreds or thousands of simultaneous user sessions. Will equivalent resources be available in the cloud if necessary? Moving an application into an environment where its resources are totally dependent on the CSP may introduce unknown variables that could negatively impact quality of service.

AWS S3 vs. Google Cloud Storage vs. Microsoft Azure Blob Storage
Here's how the big three cloud service providers stack up.

Another issue can arise when it's time to move the application back into the subscriber's data center. All data will have to transfer back over the network.

Another scenario that businesses need to consider is: What happens if dozens or hundreds of the CSP's clients declare a disaster at the same time? Resource contention within the CSP data center could bring recovery operations to an absolute standstill. While many CSPs may attach service-level agreements to recovery times, there is virtually nothing they can do to ensure that all their clients will have speedy access to their backup data during a regional disaster.

This does not mean that your business shouldn't consider recovery from data in the cloud. But it does mean IT planners need to devise ways to plug the holes in their recovery strategy and try to prepare the best they can for all contingencies. For example, maintaining a copy of backup data to tape and storing it locally -- or, ideally, in a secured facility where it can be retrieved within a 12- to 24-hour time frame -- would actually be a better recovery option when data must be restored en masse.

In other words, a local, tape-based recovery is going to perform much faster than a recovery that has to trickle over WAN or internet links, particularly when those links are saturated with other user traffic. Having a tape copy also provides an additional layer of protection in case backup data replicated into the cloud gets corrupted somehow.

The good news is that, when cloud-based backup is used in tandem with local tape backups, organizations can actually have the best of both worlds. They have the convenience of conducting a cloud-based recovery with less risk -- such as with single-file restore jobs – as well as the security of local tape to conduct more rigorous recovery tasks, such as full system recoveries. Because a copy of the backup data resides in the cloud, it would be necessary to cut only one copy of the backup to tape, rather than maintain two copies -- one for on-site and one for off-site. For many organizations, this would be a big upgrade to their backup operational and recovery strategy.

Backup and recovery in the cloud is not a one-size-fits-all solution that will solve all your backup and recovery needs, but it is an excellent option for enabling organizations to secure and protect data in an alternate facility, while providing limited recoverability options. When combined with a local data recovery strategy, like cost-efficient tape backups, IT organizations can enhance business data protection without breaking the bank.

Cloud backup vendors

Almost all data protection vendors will back up data to the cloud today. They offer public clouds as a backup target option, so data can be moved there in the same way as it gets sent to disk or tape systems. The large data protection vendors also back up data created in SaaS applications, such as Salesforce or Microsoft Office 365.

The major backup vendors that offer cloud backup include Acronis, Arcserve, Backblaze, Carbonite, Commvault, Dell EMC, Druva, iDrive, Unitrends, Veeam Software and Veritas Technologies.

SaaS-ready backup for MSPs. Some vendors, including Asigra and Datto, only sell their backup software applications through managed service providers (MSPs) and CSPs. But most of the larger enterprise data protection vendors have MSPs that sell their software.

SaaS backup. Cloud-to-cloud backup began as a niche market offered by startups. But the early cloud-to-cloud vendors have been acquired by companies that offer broader backup services, and most of the larger backup software vendors have added the capability.

Backupify and Spanning Cloud Apps were among the first to market, concentrating first on protecting data in Salesforce and then Office 365. These applications include data created in the cloud, so often, there are no on-premises copies. SaaS vendors often charge hefty fees to recover data that is lost due to user error or a problem with the subscriber's infrastructure. Cloud-to-cloud vendors will copy data in the SaaS apps and store them in a public cloud or the cloud-to-cloud vendor's private cloud. The most common pricing model is a monthly fee based on the application and the number of users involved.

Datto, which sells data protection applications through CSPs, acquired Backupify in 2014 and integrated it into the broader Datto platform. Spanning went through a series of ownership changes before landing with its current owner, Kaseya. EMC acquired Spanning in 2014. But after Dell acquired EMC in 2016, it sold Spanning to Insight Venture Partners the following year. Kaseya bought Spanning from Insight Venture Partners in 2018.

OwnBackup, which protects Salesforce, ServiceNow and Slack, remains an independent cloud-to-cloud vendor.

Next Steps

How to protect data in the cloud

Hybrid backups reap benefits of cloud and local backup

6 best practices for choosing a cloud backup provider

Dig Deeper on Cloud backup

Disaster Recovery