Device42 – Official Blog

Towards a Unified View of IT Infrastructure | The Official Device42 Blog

Articles

How to Harness the Power of Cloud Disaster Recovery Without Sacrificing Security

In this digital age, data is every organization’s most valuable asset. Losing data damages your productivity, revenue, and reputation, and it could even destroy your business. A robust disaster recovery (DR) plan will help to minimize the impact of a data breach and speed up recovery, but what type of disaster recovery best meets your organization’s needs?

In this post, we compare traditional disaster recovery methods with those used in a cloud-based approach and discuss the reasons why cloud disaster recovery is viewed as less secure than traditional methods. We explain how a robust data protection plan alleviates these concerns and outline an optimal data backup solution that will ensure the security of your cloud disaster recovery program.

Traditional Disaster Recovery versus Cloud Disaster Recovery

As organizations expand, so do their requirements for data protection, which means increased investment in services like storage, computing, networking, and security. Only very well-resourced companies can afford to maintain this kind of infrastructure in house, so many opt for cloud solutions.

Cloud disaster recovery involves storing critical data and applications in the cloud and failing over to a secondary site should a disaster occur. These cloud services are available on a pay-as-you-go basis and are accessible from any location, 24 hours a day. Manual input is minimal because backup and disaster recovery in cloud computing can be automated.

Security Concerns about Cloud Disaster Recovery

In terms of saving time and money, cloud disaster recovery offers significant advantages over traditional approaches. However, the key reason why organizations may have concerns about using the cloud for disaster recovery is that it’s difficult to back up and store data if you don’t know precisely where it is—and that is an issue with the cloud. Here are three ways you can lose data in the cloud:

Accidental Deletion

You need to remember that the cloud is a live production environment. This means that developers and engineers are producing and deleting substantial volumes of information on a daily basis, and it is very easy for somebody to accidentally delete vital data. Similarly, it is also easy to give an individual inappropriate access, allowing them to delete data they should not be able to edit.

Software Errors

It’s not just people who can make mistakes with your data—software can fail you, too. An application that is configured to update automatically could cause downtime or data loss if a patch causes your application to misfire or even fail.

Nontraditional environments can cause problems for engineers who are not completely familiar with their limitations. For example, in a container-based environment such as Kubernetes, asynchronous replication may write data to the primary storage array only, leaving you with a single point of failure.

Malicious Attacks

Apart from human and software errors, cyber attacks are another way in which cloud security can be compromised. You need to be alert to the fact that your system can be hijacked if the wrong individual discovers a cloud password, unprotected volume, or specific vulnerability. Unless you take measures to prevent this from happening, malicious individuals can encrypt or even delete all your data and disable your backups.

The Backup Solution for Cloud Disaster Recovery

A robust data protection plan backs up all the information that an organization might need to restore for business continuity and provides peace of mind when planning for disaster recovery. Whether you are backing up your data in the cloud or on the premises, you need to do the following:

  1. Prioritize data that needs protection most
  2. Implement a plan for protecting it
  3. Make redundant backups
  4. Test, test, test

The issue with the cloud is that you are dealing with architecture and methods that are not used in traditional disaster recovery. Here is how to use the backup workflow outlined above to counter the security issues raised specifically by cloud disaster recovery.

  1. First, perform an audit to determine what is mission-critical data—just as you would with traditional disaster recovery.
  2. Cloud providers Google, Microsoft, and Amazon all offer anti-deletion flags to prevent specific virtual machines (VMs), volumes, and instances from being deleted accidentally, so part of your plan should be to apply these flags where necessary.
  3. Back up these volumes to prevent individuals from overriding the flags. For more complicated systems such as Docker, you need to think carefully about your backup methods. Volumes associated with a Docker container are not backed up if you back up a Docker container by committing it as an image and saving the image as a .tar file. You need to take the additional step of copying the volume and suppressing it, so that the compressed copy acts as the backup.
  4. To ensure your cloud backups will work should a disaster occur, you need to set up a test environment and perform regular simulations of backup and restore scenarios. Based on the results of your tests, you can update your disaster recovery plan accordingly.

Conclusion

Cloud disaster recovery offers clear benefits in terms of cost, accessibility, and the time involved in implementing and maintaining it. The key reason for resistance to cloud-based methods of disaster recovery is the issue of security, which can be resolved with a sound backup strategy.

With Device42, developing such a strategy is made easier with dependency mapping tools that help you locate all mission-critical data—whether it is in the cloud, VMs, or containers. These tools provide reassurance that you are protecting your users and customers, and they also allow you to recover quickly if a disaster occurs. Contact Device42 to arrange a demo.

Share this post

About the author