Skip to main content

Challenges in backing up 100,000+ endpoints in the cloud – Part 2

The first part of this blog described key considerations to factor in, keeping in mind the deployment and usage of endpoint backup systems. With cloud storage becoming affordable and reliable, many IT organisations have started using cloud backup for endpoints.

This rapid adoption of cloud for storage has introduced new challenges.

Let’s look at the key challenges related to the adoption of cloud for endpoint backup. They are:

  1. Privacy concerns relating to the data stored in the cloud
  2. Lock-in with specific cloud providers and lack of flexibility to switch
  3. Latency or performance concerns
  4. Lack of centralised account management
  5. Interfaces to the cloud could be tricky while migrating
  6. Country specific restrictions on data residency

Privacy of the data stored on cloud is of primary concern for CIOs. For instance, when we store our valuables in a bank’s safe deposit box, having the key to the box gives us peace of mind. Enterprises would more readily adopt cloud storage, if such a feature was available for digital assets they store in the cloud. While SLAs and legal contracts around privacy are helpful, many of them come into effect post-facto and are therefore not 100 per cent fool proof. Most of the enterprises would need zero knowledge privacy and the encryption keys to be managed in-house.

Also, enterprises should have the flexibility to change the cloud provider if they wish to. Contracts with cloud vendors should ensure that there are no additional fees involved when this need arises. The solutions deployed should not be tightly coupled with a particular cloud storage provider. If an endpoint backup solution is tightly coupled with a cloud back-end, then the migration is naturally harder and in some cases, completely impractical.

The performance of an endpoint backup system can also get impacted when its data is getting stored in the cloud. Network latencies and additional processing like encryption or DRM can take a toll on endpoints which directly communicate with the cloud. It is important to ensure that endpoints do minimal processing and a scalable intermediate layer communicates with the cloud securely. It is important to evaluate and pick a solution with the right architecture to ensure that endpoints don’t end up doing heavy lifting and suffering performance degradation.

Many cloud vendors provide an account for every employee. However, enterprises may want to back up the data for all the endpoints using a single set of credentials. For several reasons, managing a single account is much easier for IT organisations, compared to managing an account for every employee. The solution selected should be architected ground up to support centralised account management.

Most public cloud solutions provide standard APIs and commands for the CRUD operations. This may be a challenge in the case of private clouds. For cloud storage to be effective with a third party solution, the cloud provider’s interfaces should be well documented and should not change very often. When migrating from a fully owned or a managed data centre to a cloud, these challenges will need to be addressed right in the beginning.

Many countries have laws that require data to be resident within national boundaries. When choosing a cloud solution, these legal requirements must be kept in mind. In such cases, the cloud provider must ensure that the no data goes out of the country of origin. At the same time, enterprises should be able to easily change their cloud provider if the need arises.

Cloud storage is a viable, cost effective and long term option for enterprises. The contract between enterprises and the cloud providers should allow enterprises to switch to other cloud solutions easily if there is a need. Privacy of the data should be ensured by enterprises using a third party solution before the data goes to the cloud. If, for some reason, the cloud provider’s security is compromised or if it has to turn over the data to a government authority, the data should be decipherable only with the full knowledge of the enterprise owning the data.

Ananda Rao Ladi, Executive Vice President-Engineering and Support, ParaBlu (opens in new tab)