Guide to Backup Storage Management for MSPs
For MSPs, storage management is an essential ingredient in delivering managed backup services. The way in which you manage backup storage plays a critical role in determining the reliability, performance and cost of your overall backup services.
That said, identifying the right backup storage management solution is hard work. It requires weighing factors such as whether to define your storage strategy on the basis of your existing infrastructure or your customers' needs. You also need to factor in RTO and RPO considerations, retention policies and compliance requirements.
To help you define your approach to backup storage management, this guide provides an overview of different strategies. It addresses the two main types of backup storage -- local and cloud-based -- and discusses the steps required to manage both effectively.
Local Backup Storage Management
Even in the age of the cloud, local backup storage still makes sense for many MSPs. It can be more cost-effective over the long term than cloud storage. It may also offer faster recovery times. And it helps meet the offline storage requirements that form part of the 3-2-1 backup rule.
If you use local data storage as part of your managed backup services, here's how to go about managing it effectively.
Step 1: Choose the right storage media
Local storage comes in many forms. It could be a file server, an NAS device, external hard disks or even tape storage.
The option you choose should reflect your budget (external hard disks are usually the lowest-cost storage method, although tape storage may be cheaper for truly high-volume storage needs), reliability needs (a NAS device with RAID storage is the most reliable local storage method) and whether you want to be able to store local backups totally offline (hard disks are good for this, while file servers are not).
Whichever storage media you select, it's a best practice to use the same local storage media and processes for all of your customers. This makes storage easier to manage in the long run.
Step 2: Assess storage security
A key best practice to follow for securing local storage is the principle of least privilege. In the context of local storage, this means that no users or accounts other than your backup software should have access to the storage. The purpose of backup storage is backups alone, and any access privileges not related to backup create unnecessary security risks.
Step 3: Document media and processes
Documenting your local storage configurations and backup processes is critical for managing local backups effectively. Creating documentation is not every MSP's idea of a good time, but you'll be thankful you invested in documentation when you need to remember how something is configured or how backups are structured.
Further reading Guide to MSP Internal Documentation
Step 4: Monitor local storage media health
Most local storage media deteriorate over time. Hard disks don't live forever. It's important to check the health of your storage devices and replace them as needed.
Also essential is testing your ability to recover data from local storage. On a periodic basis, perform a dry run of your recovery routine to ensure that you can recover data from local devices in the time frame required to meet your RTO and RPO goals. (You might also be interested in learning about common backup management mistakes.)
Cloud Backup Storage Management
If you choose to store backup data in the cloud -- which you may for scalability and reliability purposes -- managing your backup storage requires addressing many of the same points as local storage. However, there are some additional management considerations that are unique to cloud storage.
Step 1: Define your cloud storage use case
Cloud storage is available in different forms and price points. Do you need just basic object storage, or do you also need databases? Do you want to take advantage of the lower prices of cold and archive cloud storage tiers, or do you require the performance of higher-cost tiers? Do your customers have special compliance requirements that necessitate storage within certain cloud regions or the use of availability zones?
These are all questions to answer as you define your use case for cloud storage.
Step 2: Choose a cloud
Once you know your cloud storage needs, you can choose a provider and service. Storage-focused clouds like Backblaze and Wasabi tend to deliver the best prices for large-scale storage needs, although you may instead want to select a "Big Three" cloud (AWS, Azure or Google Cloud), because they offer more services in addition to storage.
If the cloud you select offers more than one type of storage service, you'll need to select the right one for you. In most instances, object storage is the best approach, although in certain cases you may want to make use of cloud database services, too. (You might want to check out our comparison of AWS database services.)
Step 3: Understand cloud storage
Cloud storage services tend to be very complex. There may be special rules that govern when and how you can access storage data. Pricing structures are also usually complicated; most clouds charge a per-gigabyte storage fee, as well as fees for data egress (meaning the movement of data out of your cloud).
Further reading Amazon S3, MS Azure and Google Cloud Storage Pricing Comparison
Before you begin using a cloud storage service, make sure you read its documentation carefully, so that you have a full understanding of how it works. You don't want to run into surprises later -- like finding out that your data is not instantly accessible (which it's not on most archive-level data storage tiers), for example, or that recovering data costs much more than you anticipated, due to data egress fees.
Step 4: Secure cloud storage
In the cloud, your cloud provider's identity and access management (IAM) framework provides the basis for storage security. You should configure IAM rules for your cloud storage according to the principle of least privilege; only the specific applications and users that require access to the storage should have it. MFA system is another useful way to bolster cloud storage security. And you want to ensure, as well, that none of your backup files are available publicly over the Internet.
Further reading Managing IAM Permissions in the Cloud: AWS vs Microsoft Azure vs Google Cloud
Step 5: Define storage lifecycles
Most standard cloud storage services let you configure lifecycle policies in order to move data automatically between different storage tiers. Although lifecycle policies are not required, it's wise to take advantage of them in order to minimize your storage costs. You can use them to move older backups (which you are unlikely to need to access) to lower-cost storage tiers, while keeping more recent backups in standard (or "hot") storage (from which they can be accessed quickly if you need to perform a recovery).
Learn how to configure Amazon S3 and Google Cloud storage lifecycle policies in your MSP360 Backup application in our help article.
Step 6: Test recovery
You don't need to worry about the health of cloud storage media. Your cloud vendor manages that for you. But you do need to perform periodic recovery tests to ensure that your recovery process works as expected. Spending a little time on recovery testing will go a long way toward avoiding unexpected surprises in the event that you need to perform a real recovery from the cloud.
Backup storage management is more complicated than it may first appear. Simply dumping backup data into storage media and calling it a day is not sufficient in order to keep backups secure and reliable. Instead, you need to consider a variety of factors related to which storage media you select, how your backup data is secured, whether you can recover data as planned, and more.