Despite all the advantages the cloud offers, it’s important to realize that not all cloud services are created equal. There is a growing misperception that data that resides in the cloud is automatically protected just because it’s in the cloud, something which is absolutely not the case.
Not all cloud providers are built to accommodate enterprise-level IT needs. Cloud providers buy the same servers as their customers – just more of them. This means, the same issues a CIO might face in a corporate data center regarding backup, disaster recovery and data retention can be amplified within a cloud provider’s environment.
The key to securing data in the cloud is to clearly communicate – both internally and externally to your cloud provider – what kind of disaster recovery protection your business requires, and to plan your cloud strategy accordingly.
Here are five important steps you can implement to help protect your company’s data in the cloud:
- Determine what you need: Before you can assess a cloud provider’s services, you must define what your business actually needs. Does your business depend on being up 24x7x365? Do you have regulatory requirements or recovery time/recovery point objective (RTO/RPO) needs that have to be addressed by strict service level agreements? Aligning what the provider offers with what your business actually needs and can afford is a critical first step. Come to the table knowing what you need so expectations can be both defined and delivered.
- Read the fine print: Economies of scale among the industry’s largest cloud providers can indeed deliver a price break and often times a good value, but the tremendous number of customers they serve leaves little room for customization. When it comes to more complicated services like backup and data retention that aren’t easily productized, be sure to read the fine print to know just what you are buying.
- Trust, but verify: Ask for documentation about the people, processes and technologies involved in disaster prevention and disaster recovery. A robust infrastructure is important, but it doesn’t equal a sound strategy. To be secure in the cloud, you need both. Trust what your cloud provider tells you, but verify that what it offers can and will meet your business’ needs.
- Test, test, test: There are many different technologies a cloud provider might employ to provide some level of disaster protection, but they are all prone to potential failures. The only sure-fire way to know if your provider’s disaster recovery plan is viable is to test, test and test it again. With regular testing, you find the kinks in the system – and you create solutions to abate them – before disaster actually strikes.
- Back it up: Know what you’re protecting against so you know what kind of backup you need to perform and what kind of cloud provider is most likely to offer it. Logicalis, for example, offers its cloud customers an enterprise-grade managed backup component as part of its standard service; for an additional fee, clients can tap the company’s Disaster Protection offering which replicates data between geographically separate data centers and offers automatic failover capabilities, making reserve capacity available to assure clients they can power those systems on in the event of a disaster. Knowing your needs will guide you in your selection of a cloud partner, and cloud services that are built more specifically with the enterprise customer in mind will be most likely to offer this kind of data protection.
To find out more about protecting your data, plan for business continuity by focusing on three important areas: confidentiality, integrity and availability. You can also learn how to take a vacation from worrying about data loss in a Logicalis white paper, “Advanced Technologies Make Thinking About Disaster Recovery a Lot Less Scary.”