Posts

Beyond Restore: Use Cases for Google Apps Backup

Backup Man

As we have noted several times in prior posts and webcasts, Google’s internal backup systems are designed to protect you should Google have hardware or software issues. You, however, are responsible for protecting your data in Google Apps from user deletions, user overwrites, malware, hackers, and other risks.

We have identified several use cases for backup/recovery in Google Apps that you cannot do from the Admin console.

A good Google Apps backup solution does more than restore

Preserve Data From Past Employees

  • If you want to preserve data from past employees, and need more than emails, your only option is to continue paying for the suspended Google Apps accounts.
  • With the ability to restore data to others, you can keep the backup as an archive and delete the Google Apps accounts.
  • An added benefit: the cost is less than 1/2 of a Google Apps for Work license and less than 1/4 of a Google Apps Unlimited license.

Transfer Data to New Owners

  • While you can transfer document ownership though the Admin Console and ownership of Sites data through APIs, these transfers are “all or nothing” and are destructive (they remove the data from the original account).
  • With the ability to restore data selectively and to others, you can transfer specific files, folders, sites data, emails, etc. to different people as needed.
  • An added benefit: You can transfer data between employees as they change positions and responsibilities.

Archive Documents (and other data)

  • While Google Apps Vault has eDiscovery searches for Gmail and Drive, Vault only archives Gmail.
  • A third party backup solution can preserve and archive documents, as well as email, calendars, contacts, and sites data in support of your document retention policies or regulations.
  • While a user can still delete a document and empty it from Trash before the backup, most users are unaware of the steps to take. With multiple backups per day, you are protected from losses other than those of a determined malicious actor.

Escape Hatch

  • As a “best-practice”, backups should not be stored in the systems being backed up without altering the format or content.
  • The right backup solution keeps your data in a separate location/service and restores data in its original format.
  • An added benefit: With an export feature, your backups become an easier way to extract data from Google Apps.

 

We offer multiple backup solutions for Google Apps, click here to learn more about our preferred solution.


 

Be Able to Recover

Backup Man
Accidents will happen. And while accidents that damage or destroy data are more common, malicious attacks will happen as well.  The rate of ransomware is on the rise and large companies are not the only targets. Whether by phishing attack, advanced persistent threat, or other means your company is seen as having data valuable enough to extort a ransom, you are a target.

In short, if you are reading this, you are a potential target.

While improving your endpoint protection and educating users can greatly minimize your risk, no malware solution can provide you with a guarantee against ransomware. So, if you are hit, you need to be able to recover.

For your on-premise systems, you most likely have a backup/recovery solution. In the event of ransomware, you can delete the encrypted files and restore from a point in time prior to the attack. Yes, you lose data, but a solid backup plan can minimize the loss and the impact.

Your cloud data needs the same protection. You want the same recovery process.  

Traditional and cloud backup services can be installed and connected to cloud servers in much the same way as they work for on-premise servers. For cloud file services, like Google Drive and Microsoft OneDrive, traditional backup solutions will not work as they cannot connect to the service. The same holds true for data in SaaS applications like Salesforce.com.  You need a specialized solution.

Our Recommendation

For most of our Google Apps and Microsoft Office 365 clients, we recommend Backupify as our preferred solution for several reasons:

  • Multiple backups per day for some or all users
  • Unlimited backup space
  • Unlimited backup retention
  • Multiple admin accounts with delegation
  • Powerful search
  • Fast restores
  • The ability to archive data for past users (Google Apps)

Our Offer

Try Backupify for free for 21 days. If you like what you see, we can save you money on license and support.  If not, we discontinue the service.

Interested? Let us know.

Cloud Resiliency: Overview, Benefits & Steps for Implementation

business resilienceWhat is Resiliency in Cloud Computing?

In today’s rapidly evolving digital landscape, where businesses increasingly rely on cloud computing for their critical operations, the need to ensure uninterrupted services and data availability has become paramount. This is where “Cloud Resiliency” steps in as a fundamental aspect of modern IT strategy.

Cloud resiliency refers to the ability of a cloud-based system or infrastructure to withstand and recover from unexpected disruptions, whether they arise from hardware failures, software glitches, cyberattacks, natural disasters, or any other unforeseen events. It involves designing and implementing a robust framework that can promptly detect issues, gracefully handle failures, and swiftly restore normal operations without significant downtime.

The unexpected will happen. It is inevitable. Sometimes the unexpected is a good thing. In technology, the unexpected is usually bad.  It may be small … or big … or catastrophic.

Part of our role as IT professionals is to expect and prepare for the unexpected. We backup data so that we can restore files that are accidentally deleted, overwritten, or damaged.  We backup systems so that we can recover them in case of hardware or software failures. Many business designs and implement disaster recovery plans. These plans provide the means for companies to recover from larger incidents, ranging from burst pipes and building fires to blizzards and hurricanes.

In recent years, the focus has been on “Business Continuity” planning. Business continuity intends to prevent disruption to operations, even in the face of larger incidents or disasters. While great in concept, most small and mid-size enterprises cannot afford to fully duplicate systems in redundant data centers and provide alternate work sites for employees.

Cloud Resiliency in Business

Business Resiliency is based on the objective of enabling a business to continue (or rapidly resume) operations with some accommodations.  In other words, you may not be running 100%, but you will be running soon enough and well enough, given the situation. Resiliency is about bending without breaking.

Consider Hurricane Sandy which devastated parts of the US Eastern Seaboard.  Many businesses were physically destroyed by the flooding. Many others were shut down by the indirect effects of the flooding as some areas along the coast lost critical infrastructure — including water and sewer. Businesses left physically intact but without power for days considered themselves lucky as some areas waited months for reconstruction.

Consider the ice storms and blizzards throughout the Northeast US in recent years.  For many businesses, the only disruption was loss of power.  And while in many of the storms, outages where generally localized, some businesses went without power for as long as three weeks.

The same holds true for businesses in “tornado alley” in the Midwest. A tornado may leave your business unscathed, but it may take days or weeks for power and water to be restored.

In each of these scenarios, backup/restore/recovery is not enough to get the business back up and running. And, again, most small and mid-size businesses cannot afford to maintain disaster recovery systems and sites.

Benefits of Cloud Resiliency

Cloud resiliency offers a wide range of benefits to businesses and organizations that rely on managed cloud-based services and infrastructures. These advantages contribute to the overall stability, availability, and security of digital assets, ensuring uninterrupted operations and safeguarding against potential disruptions. Here are some key benefits of cloud resiliency:

  1. High Availability: Cloud resiliency ensures that critical applications and services remain available even in the face of hardware failures, software glitches, or other unforeseen events. Redundancy and failover mechanisms enable seamless transitions to backup systems, minimizing downtime and maintaining continuous access for users.
  2. Disaster Recovery: Resilient cloud architectures provide robust disaster recovery capabilities. Regular data backups, real-time data replication, and well-defined recovery processes allow businesses to recover quickly from data loss, cyberattacks, or natural disasters, minimizing potential data and revenue loss.
  3. Reduced Downtime: With cloud resiliency in place, businesses experience reduced downtime during system failures or maintenance activities. Quick detection and automatic recovery mechanisms help prevent prolonged service interruptions, enhancing productivity and customer satisfaction.
  4. Business Continuity: Cloud resiliency ensures business continuity by allowing organizations to maintain essential operations even during disruptive events. Critical business functions can continue operating, meeting customer commitments and minimizing financial losses.
  5. Cost Efficiency: While implementing cloud resiliency may involve upfront investments, it ultimately proves cost-effective in the long run. The ability to prevent extended downtime or data loss reduces potential revenue losses and protects a company’s reputation.
  6. Scalability: Resilient cloud infrastructures are designed to scale dynamically to meet changing demands. As businesses grow or experience fluctuating workloads, the cloud resiliency framework can seamlessly adapt, ensuring optimal performance and resource utilization.
  7. Enhanced Security: Cloud resiliency often goes hand-in-hand with robust security measures. Proactive identification and mitigation of vulnerabilities help protect against cyber threats and unauthorized access, safeguarding sensitive data and intellectual property.
  8. Improved Customer Trust: Reliability and continuous availability of services build trust with customers and partners. Knowing that their data and operations are in safe hands, clients are more likely to choose a resilient cloud service provider, giving businesses a competitive advantage.
  9. Regulatory Compliance: Resilient cloud architectures often adhere to industry-specific regulations and compliance requirements. Meeting these standards is critical for businesses operating in regulated sectors, ensuring legal adherence and avoiding potential penalties.
  10. Faster Recovery Times: In the event of a disruption or disaster, cloud resiliency enables faster recovery times compared to traditional on-premises solutions. Automated recovery processes and failover capabilities reduce the time required to restore services and operations.
  11. Geographical Redundancy: Resilient cloud infrastructures can be distributed across multiple data centers in different geographic locations. This geographical redundancy further enhances data protection and disaster recovery capabilities, minimizing the impact of regional outages or natural disasters.

Cloud Resiliency Requirements

Achieving cloud resiliency involves careful planning, robust architecture design, and the implementation of various measures to ensure the system can withstand and recover from unexpected disruptions.

Most businesses can afford to move IT systems into cloud computing and hosted solutions.  And in doing so, businesses can affordably build resiliency.

With all of these disasters, you did not have to travel too far inland to be out of the damage zone.  Businesses with on-premise equipment had to purchase and wait for delivery of replacements, rebuild their systems, and (hopefully) recover their data from their off-site backups. Certainly doable, but costly and time consuming.  It can take 2 to 4 days just to get the equipment in place and ready to restore.

Businesses in the cloud faced a different scenario and outcome. Moving to an area with power and Internet, businesses running in the cloud were up and running in hours (some in minutes) and some were never “down” at all.

Take the Next Step Today to Implement Resilience in Your Cloud Computing Strategy


To discuss how cloud computing can improve the resiliency of your business, contact us for a no-obligation conversation or click here to learn about our RestartIT solutions.


 

 

 

Changing the Focus on Backup Protection

Recovery-Point-Objective-RPO
As we’ve stated before, “Backup is easy; Recovery is hard”.  Every business should, at this point, understand the risks of poor data backup and protection. The risks come from the types and amount of data that is lost and, if it can be recovered, how long that recovery takes. And remember, recovery often takes more effort than simply restoring files from a backup set.

Perspective = Priority

When looking at how well your backup system is protecting your business, two factors should be top of mind:

RTO: Recovery Time Objectives — How long will it take to return to normal operations. RTO is not just the time it takes to load your data back onto your systems, RTO includes the time it takes to repair and recreate damaged information and data created or modified since the last backup.

RPO: Restore Point Objectives — Your RPO determines how much data you are willing to lose, or can afford to lose. Most small and mid-size businesses backup daily. On average, a system failure will result in half a day of lost data. For an office worker editing a report, this is traumatic and inconvenient. For a manufacturer or retail business, half a day can represent hundreds or even thousands of orders and financial transactions.

As always, quicker RTOs and smaller RPOs come with trade-offs.  Recovery methods like image snapshots, for example, can provide rapid RTOs and small RPOs. In exchange, you are likely losing granularity — the ability to recovery individual files.

Understand the reasons  you are protecting your data.  Protection from system failure, in which you need to recovery a full server, lends itself to imaging and other snapshot methods.  Recovery of files or data lost to program error, malware, or user activity, needs a solution with granularity.

Start with an understanding of the type of protection you need and your RPOs and RTOs.  From there, you can pick the solutions (yes, you may want or need more than one method) for recovering data and your business.


We offer  a range data protection solutions, with a range of products, for on-premise and cloud-based data. Contact us for a free assessment of which type of solution is best for you.


 

 

Restore Google Drive Files Offers Some (but not enough?) Protection

google drive
Among the myriad of new features and upgrades announced at Google I/O this week, Google added the ability to restore users’ Drive files that have been deleted from the Trash folder.

While offering some protection, the feature is limited in its scope.

  • You cannot restore individual files; you can only restore all files deleted within a date range you provide.  The minimum date range is 1 day (24 hours).
  • You can only restore files for individual users, one at a time.
  • You can only restore files that were deleted from Trash within 25 days.
  • When restoring files, the permissions are not restored.  Only the user will have access to the files.

With these limitations, we do not expect the ability to restore a user’s Google Drive files will be of great use to most organizations.  With a limited retention period and lack of granularity, the tool provides a big shovel when most users need a spoon.

The solution also depends on users’ ability to recover information from the Trash folder, a process we find difficult at times due to the limited ability to search Trash in Drive.

True backup/recovery solutions give users and administrators that critical features that deliver more usability and effectiveness:

  • Flexible retention:  Allow organizations to implement policies related document and records management, including extended retention and removal of data past retention windows.
  • File-Level / Item-Level Restore: Most data loss and restore needs result from human error or action and impact fewer than 5 files.  Acceptable restore capabilities include the ability to restore individual files (or entire accounts) and should include the ability to select file by version or point in time.
  • Protect Meta Data:  Protect the meta data as well as the files themselves.  File ownership, permissions, etc. should be preserved and recoverable with the file.
  • Data Export:  Provide the ability to export data so that it may be migrated to other accounts and/or other systems.
  • Administrative Control:  Identify and allow backup/restore administrators that are not full domain administrators.

Absent many of these features, the ability within Google Apps to restore a user’s Drive files is a limited feature that will not meet most organizations’ needs for data protection.

Third party backup/restore solutions are still a necessary and appropriate component of a robust Google Apps environment.

Feel free to contact us if you would like to explore backup/recovery options and solutions.

Surprising Stats on Cloud Data Loss

Yes, you can lose data in the cloud!

Our friends at Backupify recently conducted a study, Protecting Data in the Cloud: The Truth About SaaS Backup, which revealed some very interesting results based on how IT perceives the safety and security of their cloud-resident data.

54% of IT professionals have implemented some form of SaaS applications

81% of IT pros that use or plan to use SaaS apps categorize the data stored in their SaaS apps as “very to extremely important”

52% of IT pros don’t currently back up their SaaS data (or even plan to)

79% of IT pros believe their SaaS application is being backed up by their solution provider

1 out of 3 companies using SaaS lose data

47% of SaaS data loss occurs from end-user deletion

17% of SaaS data loss occurs when an employee overwrites data

13% of SaaS data loss occurs when a hacker deletes data

47% of IT pros back up SaaS data with a manual export

15% of IT pros back up SaaS data with cloud-to-cloud backup

If you want to learn more about protecting your SaaS and cloud data, please send us a note.

Note: This post is based on a Backupify Blog Post, which you can see here.

 

Picking a Backup Solution is Missing the Point!

Data Protection
A 2013 study by The 2112 Group titled “”2013 State of Cloud Backup” found that small and mid-size interest in robust backup solutions more than triples after a significant data loss event, only 54% of SMBs felt that improved data recovery, business continuity, and IT reliability were sufficient motivators to deploy a new or improved solution.

Our perspective, is that focusing on backup misses the point entirely!

As we have blogged in the past: backup is easy; recovery is hard.  More accurately, the ability to recover and restore defines the value proposition.  Everything else about “backup” solutions — including the technology and methods — is irrelevant until you define the value of recovery and restore.

Stop thinking about Backup!  Instead, think about:

Continuity:  The ability for you company to continue to operate at an appropriately effective level during events that disrupt normal operations.   For some businesses, this means zero downtime.  For others, answering the phones and access to email may be sufficient for hours or days, or as an interim state until line of business systems come back online.  Still other businesses may need all systems up and running with 1 or 2 business days.

Recovery:  The ability to gain access to data and systems that became unavailable due to damage or failures.  Whether your disk array fails, a pipe bursts above your servers, or a virus eats through your files, recovery requires repair or replacement before systems and data can be restored.

Restore:  The ability to retrieve a prior version of data or a system.  Most restores are a result of user action or minor system issues.  How far back you need to go and the availability of past versions defines how long it will take to both retrieve the information and for the user to replace lost work, if any.  For some, a daily version meets the need.  For others, going back a day means resource-consuming rework so multiple versions each day are appropriate.

Focus on a building a Data Protection Solution and your required “Return to Operation” (RTO) time.  Remember that different parts of your business, different systems, may have different RTO requirements.

  • Assess your continuity, recovery, and restore needs and priorities
  • Understand the likely and not-so-likely risks to your systems and your business and create a “use case”.
  • Looking at each use case:
    • Identify changes to your IT infrastructure that could mitigate risk
    • Identify the type of solution that can provide the needed continuity, recovery, and restore services
  • Collate the use cases and solution types as your requirements

With requirements in hand, evaluating data protection solutions, technologies, and services becomes a manageable process.  Keep in mind, the data protection solution may include a mix of backup/restore, backup/recovery, archiving, disaster recovery, and other components.

 

Cloud Backup: Small Businesses Hesitate at their Own Peril

Cloud Backup
According to a recent survey of IT service firms conducted by The 2112 Group, small and mid-size businesses (SMBs with up to 250 employees) do not respond to most marketing efforts.  The lack of interest appears to be due to underlying concerns about data security, bandwidth, availability, and recurring costs.

Not surprisingly, SMBs become interested in cloud backup after a data loss or downtime. Having experienced disruption or loss, SMBs better understand the cost of a failed recovery compared with the cost of adequate protection.

Businesses that move to cloud backup sited their primary motivations as:

  • Improved data protection and business continuity (34%)
  • Better overall IT reliability (20%)
  • Reduced IT costs (16%)

The challenge for us, as a cloud solutions provider, is to meet our customers’ objectives while addressing issues of security, bandwidth, availability, and cost.

The challenge for SMBs, as our customer or prospective customer, is to recognize the value of cloud-based backup before a crisis.  And, understand that by offering a range of solutions, we can ensure data integrity while keeping costs in-line.

 

Cloud Backup/Recovery: The Same, Only Different


This blog post is the second in a series on Data Protection issues and practical solutions.

Data Protection Series

Backup and Restore, the most basic form of data protection, has been a standard IT practice since teams or Operators managed racks and rows of tape drives and tapes for early mainframe computers.  Borrowing from proven audio technologies, tape backups protected programs and data from the fickle failings of early disk drives.

As computers became more interactive, and more personal, the need for backup and restores services expanded.  Yes, your hardware might fail.  More likely, however, an assistant would “save as” over the boss’ most recent masterpiece.  Computers were new, and human error was inevitable.  Then came viruses, poorly written applications, spyware, bots, and the Internet (the ying and yang of all things good and evil).

As we move into the cloud, some of the reasons for backup/restore remain, and some new ones emerge.  

For those of us running Google Apps for Business, Education, and Government, Google’s highly redundant, multi-tenant infrastructure protects us from nearly all risk of data loss or corruption due to hardware or system failure.  Understanding the other risks to our data lets us decide when and how to better protect ourselves.

Third Party Applications

While domain-level access for applications is usually restricted to administrators, users often have the ability to run and connect third party applications to accounts.  Whether global or individual, poorly written third party applications can wreak havoc with your data.  Applications that need write access to docs, email, calendars, or contacts, can overwrite or delete content.  Determining the scope of a problem, and recovery, can be nearly impossible without reviewing all of your data.

User Error

Recent research shows that data loss within Google Apps is due to user error 63% of the time (0% is caused by Google).  As with any new system, unfamiliarity can bring unintended harm.  Ill-placed pastes, mistaken deletions, and save instead of “save as” are some of the ways data may be lost.   Even more complex, mistakes using Manage Revision settings, and permanently deleting items, can make recovery impossible.

Willful Misconduct

Protecting your data from the employee (or soon to be ex-employee) intent on doing harm is nothing new.  In Google Apps, as well as any other system, employees with access to sensitive information often have the ability to damage or destroy that information in ways intended to harm your business.

Security Breach

Google Apps is one of the most secure public cloud services in the world.  Even so, no system is ever completely safe from user identity theft or corrupt systems with access. A mal-ware infected computer running Google Drive can allow damage to data in Google Apps as easily as with a computer connected to a Windows server down the hall.  If a user — knowingly or as a result of social engineering — shares his or her identity, hackers and others can damage your data.

Google Error

While Google has never had errors resulting in permanent data loss, and Google’s systems are designed to withstand multiple points of failure, a very, very small chance still exists that a software or hardware error could corrupt data.

All of these cases are, and have been, reasons to run a backup/recovery service.  But at what point do you add backup/recovery to your?  For most, the answer is as simple as the answer to the following question:

If you had this data on a server in your computer room, would you back it up?

If the answer is “Yes”, than you should protect the data where it lives — even in Google Apps.

For others, it is one of critical mass.  When the cloud is considered a secondary data store, some wait for usage to reach a level “significant” enough to warrant the additional cost of backup/recovery services.  Unfortunately for some who “wait and see”, the significance is often measured by the pain of a data loss event.

—–

Read more

Data Loss and Recovery Are Still a Growing Concern

 

With all of the industry focus on data loss and disaster recovery, you may be surprised at the state of affairs.

  • 53% of businesses experienced data loss within the past 12 months; up from 31% in the prior year (EVault 2012 Survey)
    • 24% of IT Managers admit to not telling their CIOs that some data is not backed up, including data on mobile devices
    • 38% of IT managers worry about the security and effectiveness of their backup solutions
  • 58% of downtime and data loss was caused by storage problems or failures (Continuity Risk Benchmark)
  • 86% of companies experienced unplanned downtime last year (Acronis Disaster Recovery Index Survey)
  • 60% of companies identify human error as the most common cause of downtime and data loss (Acronis Disaster Recovery Index Survey)

What does this mean?

Whether  running systems in-house or in the cloud, businesses MUST understand the risks to their data and system, and have reasonable protections and responses in place.  Solutions that focus on addressing hardware and software errors may not protect you from user mistakes and missteps.

False Sense of Security in the Cloud

When moving to the cloud, businesses must remember that while good cloud infrastructures provide protection from hardware/software type failures, your data is still susceptible to user error.  Backup/recovery services offer protection for cloud-based data that rivals services available for in-house solutions.

Want More Info?

Please contact us if you would like to discuss your needs and available options.