Whilst the storage and management of data in the cloud is by no means a groundbreaking concept or indeed strategy for businesses to take, it is only really within the last two to three years that we have seen such an explosion in cloud adoption. In fact, according to Gartner, by 2020, a “No-cloud” Policy will be as rare as a “No-Internet” policy is today.

The benefits of such an approach are many and cloud offerings are now an open option for businesses of different sizes and all industry verticals. However, when talking specifically about the concept of cloud-based data backup and recovery, the routes that businesses take towards the cloud can be marred by some pervasive assumptions which must be addressed.

Cloud in the data center
– Thinkstock / buchachon

The issues of jumping in too soon

Maintaining a purely in-house data backup and recovery strategy can be costly and admin-heavy. It may also be a burden to the IT department, preventing teams from addressing real business challenges. The option for businesses to move such a function to the cloud can then provide a very attractive alternative.

However, with the ability to replicate backups and implement DRaaS (Disaster Recovery-as-a-Service) now easier than ever, businesses can make the mistake of adopting what they assume is a ‘one-size fits all’ approach too quickly and making less-than efficient decisions.

Before jumping into a mass data replication to the cloud, it is imperative that a business takes a long hard look at the storage and backups it has on-premise, and that this is being managed in the most efficient way. Storing large volumes of data in the cloud for long periods of time can become expensive, and it is easy to underestimate these costs.

Utilizing smart approaches to reducing backup footprints and implementing recovery snapshots at the necessary timeframe recovery are primary issues that must be addressed before the move to the cloud.

The solution here is to consider dipping a toe in with a hybrid cloud solution and build a data protection strategy that is aligned to the business’s users. In this way they can test the water by moving terabytes off site at a time and measuring how the business responds.

‘Part of the package?’

Whilst the cloud has traditionally been viewed with skepticism in terms of the platform’s ability to offer the same level of protection as on-prem systems, when it comes to the backup, management and recovery of data, businesses run the risk of complacency in their assumptions of how cloud services protect data.

Backup and recovery is often taken for granted in IT, and organizations that have become accustomed to the capabilities of a traditional backup and recovery solution on premise often assume that such capabilities and more are offered as ‘part of the package.’

The reality is that these included data protection features are often rudimentary. Take Office 365 for example, no solution is more prevalent in this space, with an estimated user base of roughly 120 million. Its large, varied and growing number of features attracts businesses of all sizes, and as such, it is becoming a significant repository of a business’s critical data.

Unfortunately, with the convenient packaged-up approach offered by O365, businesses assume that the data within this environment is backed up indefinitely. The reality is that in its current form, O365 is unable to offer traditional disaster recovery capabilities such as point-in-time backup and recovery or the retrieval of items that have been deleted beyond their recovery timeframe.

A similar assumption is often prevalent when it comes to the efficiency features that dedicated cloud disaster recovery (DR) solutions offer, with the majority of organizations expecting deduplication, encryption, and replication to be available in any cloud DR product on the market. A recent DCIG study showed that nearly all offerings do support these features, however there are often considerable differences in deployment options and the ways in which these features are implemented. Businesses should be keenly aware of the differences in the breadth of feature functionality that each product offers before making any cloud DR buying decisions.

Get clued up

Whether with regard to archives, emails, documents, or applications in the cloud, organizations should be having frank discussions with their cloud and DR solutions providers about exactly how their data will be protected, and ensure that the specific backup and recovery capabilities they expect are indeed offered by the provider.

It is the responsibility of the organization themselves to determine whether the service’s offerings, definition of an outage, and particular recovery objectives are aligned with theirs. If there is any discrepancy, organizations should consider the extension of their existing in-house data protection measures and look for other third party solutions which integrate with their cloud provider to offer the functionality they need.

Adrian Moir is senior director of systems consulting at Quest