If you store data in the cloud, it can be easy to assume that the data will never disappear. In reality, however, one of the disadvantages of cloud storage is that cloud storage sometimes fails in ways that you can’t control.
That’s why it’s crucial to perform cloud data backups, even if your data is “cloud-native”.
What Is Cloud-Native Data?
By cloud-native data, we mean data that is born in the cloud and remains in the cloud throughout its lifecycle. Cloud-native data is different from data that is created on-premise and is uploaded to the cloud at a later time, either for backup purposes or another reason.
If you use the cloud for hosting workloads, you probably have a lot of cloud-native data. The S3 storage buckets that you use to host data for your EC2 instances are cloud-native, for example.
Cloud Storage Weaknesses
Generally speaking, cloud-native data is more resilient against unexpected data loss than data that is stored on-premise. That is because public cloud providers typically do a better job of designing fault-tolerant infrastructure and preventing downtime than most organizations can achieve using in-house staff and infrastructure.
This does not mean, however, that data that is stored in the cloud is immune to the risk of data loss or disruption. Assuming that it is -- and failing to back up cloud data as a result -- would be a huge mistake.
Cloud-native data can be destroyed or made unavailable in a number of ways, due to some disadvantages of cloud storage or problems that cloud storage can’t protect from.
Cloud Provider Downtime
Although downtime incidents for major public clouds like AWS and Azure are few and far between, they occasionally happen. For example, a power loss caused data for AWS users in a popular region to become unavailable in March 2018. In another recent incident, Azure users in Europe could not access data for about seven hours after employees accidentally set off fire extinguishers inside a data center.
Historically, downtime incidents like these have occurred about once a year on each of the major public clouds. In most cases, no data is permanently lost, and access to data is disrupted for only a matter of hours. However, if the downtime exceeds your RTO and you don’t have a backup for the cloud data while it is inaccessible, these incidents could cause serious business continuity problems.
Geographic data redundancy services, which allow you to store data in multiple cloud regions at the same time, can minimize the risk of data becoming unavailable during a disruption to one cloud provider’s data center. They will not, however, guarantee the safety of data during all types of downtime incidents. For example, a DDoS attack that targets a cloud provider’s network might make data unavailable from multiple data centers, and geographic redundancy will not circumvent this issue.
Keep in mind, too, that permanent customer data loss has occurred on public clouds in the past. Such an incident has not happened in several years, and it’s likely that cloud providers now do a better job of preventing issues that could lead to cloud data to be erased permanently. But there is no guarantee that this won’t happen to data that you store in the cloud.
Cloud storage services like AWS S3 and Azure Storage include data resiliency features that check file systems for errors or other problems and attempt to fix them automatically. That is one way in which cloud storage is safer than on-premise storage, which usually lacks these automatic checks.
As Microsoft warns, however, data resilience services do not “prevent application code or users from corrupting data, whether accidentally or maliciously.”
Whenever an application interacts with your data, an administrator accesses it, or it moves from one location to another over the network, there is a chance that data will become corrupted. The only way to safeguard against the possible data loss that could occur is to perform cloud data backups regularly.
Accidental (or Malicious) Data Deletion by Employees
Public cloud providers can help to protect against file system problems, but they can’t prevent users from doing bad things with their own data.
An admin with access to your organization’s cloud storage could easily delete data accidentally -- or perhaps maliciously. “Insider threats” are a major security problem today, and cloud-native data is no safer from them than on-premise data.
Applications, too, could delete data in ways that developers didn’t intend. A simple coding error could cause an application to overwrite important data in the cloud, or fail to save data in a persistent location.
While access control services like IAM can help to limit the risk of unauthorized access, cloud data backups are the only way to ensure that cloud-native data will remain available in the event that cloud data is deleted by someone within your organization.
Malicious data deletion by outsiders is a risk, too.
Although most attacks against cloud data that originate from an external source are designed to steal sensitive data, rather than destroy it permanently, attackers may sometimes target cloud-based data for destruction in order to harm a business. An attack of this nature against AWS data in 2014 famously put Code Spaces, a SaaS company, out of business, for example.
Here again, taking steps to secure your cloud data can reduce the risk of falling victim to an attack like this. But the only way to guarantee the availability of your data is to back it up.
Conclusion: Cloud Data Backups are Essential
The challenges described above make clear that, despite the advantages of storing data in the cloud, cloud-native data is not immune to the risks of temporary disruption or permanent deletion. That is why backing up cloud data regularly is essential.
A cloud data backup routine could involve backing up cloud data from one cloud to another, as part of a multi-cloud strategy. Alternatively, you could back up cloud data to a different account within the same cloud. You could also back up cloud data to an on-premise location.
Whatever your approach, the thing that matters most is to have a data backup and recovery solution in place for the data that you store in the cloud, no matter how reliable and well-managed your cloud infrastructure may be.