You are on page 1of 6

Cloud Vs Traditional On Premise Data Recovery

Friday, May 23rd, 2014 at 7:57 pm - Posted by Rahul Songadkar

Business uptime is critical to an organization’s growth and revenue. In my earlier blog we read about the
importance of Data backup and recovery and how a well drafted recovery plan helps in getting your systems up
and running again quickly.
Typically businesses take a decision on an acceptable Recovery Time Objective (RTO) and a Recovery Point
Objective (RPO) for their systems based on the financial impact that they may suffer due to system unavailability.
There are many aspects that lead us to a selection of a data recovery mechanism and with advent of cloud base
storage solutions, organizations are presented with more options for data recovery model with this in tow, let us
compare data recovery in cloud with a traditional on premise datacenter.


Ease of Getting Started




Cloud Data Recovery
 One just needs to configure services
provided by cloud provider
 Simplified environment, reduced
complexity of recovery
 Improved recovery reliability by
maximizing features of automation and
cloud technologies, thus minimizing risk of
failure to recover
 Significantly shortened server recovery
 Optimum utilization of resources, as the
cloud service provider owns the hardware,
businesses don’t have to pay for idle
 As mentioned above, there is no need to
purchase huge infrastructure to store the r
data, Cloud based data storage solutions
enables small and midsize businesses to
have the same RTO, RPO and security as
any large organization, without having to
deal with significant overheads.

Traditional On Premise Data
 Deploying and Managing an on
premise data recovery plan usually
tends to be complex, requiring
significant timeline, budgets and
resources you might not have
 Building an all-inclusive data
recovery plan can be complex when
compared to cloud based recovery,
irrespective of whether you do it
yourself or outsource it to a service
 Recovery time can range from
couple of days to weeks
 The significant upfront
investments required to establish an
on premise data center and recovery
plan can force you to compromise
on some parameters and thus leaving
your system vulnerable at some
 A secondary data recovery site to
enable redundancy can drive
upwards your costs in a major way,
for example you would need an
additional space, more manpower to
manage the center, power and
cooling bills etc.

we would see more customization in data storage and tight recovery time SLA’s. In this approach the applications and data remain on premise . 2014 at 10:21 pm .t your requirements and budget especially for small and medium sized businesses when compared to a traditional on premise data center. with data being backed up on cloud regularly  When a disaster occurs. With growing adoption of cloud.techtarget. the data is stored in the cloud. Managed applications and managed DR  In this option. one needs to ensure that their applications are compatible with the CSP’s infrastructure Application Compatibility  For example some applications may require a specific environment for them to run. but when the disaster occurs it isn’t restored back on-premise. References: Philip Booth says: May 30. Let us see some options for cloud data recovery. With this one can derive and maximize the benefits of cloud computing such as pay as you go and eliminating infrastructure investments  Organizations choosing this option must select the CSP with due diligence and negotiate a service level agreement which is conducive for one’s business objectives Back up to and restore from the cloud  This option is a substitute for tape based offsite backups. which might not be available with the CSP  As the data recovery processes evolve continually. one should opt for physical DR Now since we have established that for most of the applications and requirements a cloud based data recovery service is better. Management Consistency you don’t need to worry about day to day activities required to ensure data recovery objectives  Easily scalable as per your business Scalability needs  A CSP can store data in diverse locations far apart from each other according to his feasibility. one puts both primary production and disaster recovery instances in cloud and have them both managed by the CSP.r. which can easily be achieved with Amazon’s Elastic Compute Cloud Replication to virtual machines in the cloud  This approach is suitable for applications/data which are critical to a business and cannot suffer from extended downtime. instead it is stored in virtual machines in the cloud and start serving your business from there. Cloud providers simply have services setup which will take care of everything.  These applications require a continuous data protection(CDP) to replicate changes in data immediately from on-premise to cloud Cloud provides many options w. one needs to upgrade itself with new skill set on an ongoing basis to ensure data recovery objective compliance  Does not scale up or down easily  Mostly an organizations physical data recovery site is located at the nearest feasible location to ensure high response times and thus reducing latency issues  For highly custom applications. This can give Response Time and rise to latency issues Latency  Cloud based storage solutions are not recommended for applications that demand high response times and low latency  With cloud based recovery service . the data form cloud instance can be loaded on-premise and continue for the systems to continue functioning Back up to and restore to the cloud  Here.

a severe power outage. Rackspace etc. whether it’s yours or your clients. Your application is generating millions of critical transaction records which enables you to function and provide service to your customers and also gain interesting insights about them. Azure. hardware failure or data security breach. 2014 at 7:54 pm . Let us consider that you have developed an application dealing with numerous financial transactions on a regular basis (be it banking or ecommerce app with web and mobile access) by following all best practices and the application is performing well with good number of concurrent users. May 9th. Now consider a situation when the datacenter location is compromised be it due to a natural calamity. handling security threats like cross site scripting. small or large. on premise or in cloud. say AWS.There are many aspects that leads us to a selection of data recovery mechanism and with the advent of cloud based storage system. who provides the best security for your data with the best antivirus. providing communication over a secured channel. is pivotal to business growth. This is one major roadblock. Also apart from these calamatic situations. Cloud Data Back up And Recovery Plan Checklist Friday.Posted by Rahul Songadkar Data. I also find interesting about the cloud based data recovery service. scalability and agility. Following are some of the data loss situations across IAAS. appropriate firewall settings. And you deploy the application on world’s leading cloud datacenter provider.I find this post interesting to note about business uptime which depends on the key considerations like acceptable Recovery Time Objective (RTO) and Recovery Point Objective (RPO) for their systems based on the financial impact that they may suffer due to system unavailability. as their confidential data will be handled by the cloud provider and they don’t have full control over it. However due to security concerns businesses are in a dilemma over data backup and recovery in cloud. PAAS and Cloud Storage in cloud  Overwriting of logical volume  Data files getting overwritten . We are all familiar with the advantages cloud based solutions bring to an organization in terms of flexibility.more organisations are moving towards it. SAAS. encrypted drives and what not. DoS attacks etc. we can say which restricts application migration and data backup in cloud. there are many more instances when you can lose access to your data either temporarily or forever.

we will discuss about Cloud Vs Traditional On Premise Data Recovery and the various cloud data recovery options. following are some points to ponder over which will help you in avoiding some above mentioned situations   Discuss and design a recovery policy with the cloud provider Any legal or regulatory compliance required to be met for your application and whether the cloud service provider(CSP) is able to meet these. One cannot stress enough on the importance of data recovery for your business. Files getting deleted accidentally  Logical volume or partition getting deleted  Data volume accidentally reformatted  Corruption in Snapshot management  Database getting dropped  Tables getting dropped  Row data getting deleted  Corruption in system table  Database file getting corrupted What will be your reaction if there is no backup and recovery plan in place? Think how long your business can survive without being able to access your precious data? Your digital .two factor model present?  The cloud provider’s reliability in terms of its availability and ability to serve your users in the event of a disaster In the next blog post in this series. ensuring legal and regulatory compliance and overall maintain your brand reputation. for example HIPPA in case of healthcare applications  Data encryption requirement  Determine total cost of ownership (TCO) of data  Know where your data is going  Insist on an acceptable recovery window  Seek out other client opinions and reviews  Ask what will happen to your data if you go dark  Ask if they provide secured multi location distributed file systems with data redundancy  Do they have redundant power connections and providers  Does the cloud service provider has HDD or Tape backup  Has your data been securely transferred and stored in the cloud?  Various Authentication options available for users. Before Planning Cloud Data Recovery. enhanced customer satisfaction. with the right data recovery policy in place you can ensure a steady stream of revenue. which you had built with hardwork over the years will crumble in very less time. References:  http://searchstorage.

makes this problem statement further challenging. hence audit jobs only run when required from security point of view and not on regular basis. on disk and import them from the disk to SQL server for analyzing the audit logs as and when required. . Audit Features in SQL Server helps in addressing these concerns and in making the data security policy robust.  The setup of SQL Server audit can be very easy and manageable. To bring robustness in your architecture for data security. For some cases we can define audit process at both levels. Instance level and other one is. with benefits comes limitations.  Viewing audit logs: we can view audit log on SQL Server itself or if required store physical hard copy of the logs. it is very important to have regular audit features at the database level for various events e. adhering to data security standards and compliance requirements around the globe. In this scenario making sure whether you business data is secure is pivotal to your growth. potential weaknesses in applications that may lead to breach in data security. access patterns.  Capture daily activities: In daily routine we are performing many activities on database level i. SQL Server Audit offers various advantages and features in term of Security  With SQL Server one can conduct audit in two ways. We can capture all these activities in audit log. potential security breaches.How SQL Server Audit Feature Helps in Data Security Management Friday. With rise in cloud based and 3rd party storage solutions. And nowadays with rise in building of applications having large user bases across the globe has resulted in dynamic data usage patterns. The applications need to be strong enough to hold fast to various data security related constraints by having all the layers of application architecture secure enough. Access routes have been increased to accommodate these patterns.  SQL Server audit is fast and lightweight as compared to SQL Server profiler trace file. most of the resources are used behind the scene. By using T-SQL or Management Studio we can easily configure the SQL Server audit feature. 2014 at 11:44 pm . For example. database level. Because SQL Server engine automatically manage the Audit event features and we can schedule a job for audit. June 6th. malicious or unauthorized attempt to access data.Posted by Vivek Karode Data Security has rightly been among the top 5 priorities for CIO’s for many straight years. one is. when SQL Server runs an audit job.g. Limitations of SQL Server Audit Every coin has two sides. and will continue to do so. an application dealing with Customer’s personal data and or financial data would require more stringent security controls as compared to an application that deals with non-financial data. One of the very important aspects of data security management is to ensure appropriate security controls are applied at the core database level. If management wants to monitor DBAs activities it can perform the audit job on both levels. DML and DDL operations. Here are the aspects which we can consider as SQL server audit limitations:  As mentioned earlier.e. The level of security required can be governed by the level of sensitive data handled by the application. We can capture and record individual user and object level audit logs.

this task has to be performed manually. you can easily accomplish the same with Audit Feature. If required we need to write some scripts for that. If required we have to use SQL Server Reporting Services for that. There is no inbuilt. In a nutshell.  We can view audit logs in audit viewer only. if you don’t want to purchase any third party utility for Security of your database. My recommendation is. It’s difficult to manage multiple instance audits from one centralized location. If we want to filter some events. Audit is a tool that allows Database administrators to capture all the events which were performed on Database Server.  Audit logs track each event at user level and object level. up to mark report available. .