Article Insight Data Protection Proposition for AWS
By Ozioma Uzoegwu / 26 Sep 2019 / Topics: Data center
-->
By Ozioma Uzoegwu / 26 Sep 2019 / Topics: Data center
Data Protection involves building and implementing an IT strategy to safeguard critical data from security threat, corruption or complete data loss. As businesses undergo digital transformation, data generation and storage of that data continues to grow exponentially and given businesses now rely on critical IT platforms for revenue generation, there is little tolerance for downtime or data loss.
However, IT platforms do fail; it is unrealistic to build or assume to have a system that will never fail. Hence, the ability for businesses to recover from failure will be dependent on the robust measures put in place to ensure data can be restored quickly after a failure incident.
Prior to the advent of public cloud platforms, implementing data protection has been cost prohibitive given the upfront capex investment in additional physical infrastructure. Furthermore, the overhead management of the infrastructure, test drills to simulate disaster incident, automated orchestration and storage scalability have all been major blockers for businesses to recover from failures at set RTO and RPO targets.
With the AWS cloud platform, customers now have access to a scalable platform for implementing a data protection strategy at optimal price points without managing any physical infrastructure. Customers can leverage the range of services within the AWS platform to automate the restoration of data and ensure minimal downtime for critical IT system.
Building and implementing data protection in AWS requires a good understanding of the platform and the range of third party tools and products that seamlessly integrate with the AWS cloud platform. In addition, most of the leading storage and data protection vendors (e.g. Veeam, Veritas, NetApp etc) which clients use in on-premises environment already have robust solutions that integrate with the AWS cloud platform.
To help clients protect data, Insight is launching three propositions to minimise the impact of any data loss and ensure business continuity. These include:
This is suitable for clients who are currently running out of on-premises SAN, NAS or tape storage and need a sustainable and scalable storage platform for backup and archive. This also applies to clients looking at implementing the 3-2-1 backup rule i.e. keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite. Once the data is in the cloud, it will facilitate implementing a cloud based disaster recovery strategy or carrying out data analytics using compute resources in the cloud.
AWS cloud platform provides the Simple Storage Service (S3), an object storage service that offers industry-leading scalability, data availability, security and performance. S3 is designed for 11 9’s durability and provides easy-to-use management features to help organise data and apply fine-grained access control.
S3 can be used as the target for backup and archive of on-premises workloads using native AWS backup services or third-party tools that integrate with S3. For example:
To ensure business continuity, companies require a plan of action to respond to a disaster and eliminate the risk of losing business and reducing employee productivity. Disaster Recovery (DR) is about establishing an IT strategy that will be deployed in the event of a disaster. Traditionally, this is achieved by building two or more data centres, each with redundant power, networking, and connectivity, housed in separate facilities which can be cost prohibitive.
In today’s world, businesses can take advantage of the AWS global infrastructure to implement a DR strategy without the need to build multiple data centres. The pay-as-you-go model, flexibility, scalability and reliability of AWS provides the platform the foundation to implement a DR strategy tailored to meet set recovery targets.
The AWS cloud platform provides a range of services to help build a disaster recovery environment. These include:
Disaster Recovery can be implemented using these services as covered in this article. There are also a range of third-party tools that enable businesses to easily configure a DR environment on AWS. Some of these include: Veritas Replication Platform (VRP), CloudEndure Disaster Recovery and Zerto.
Data protection, compliance and security is a shared responsibility between AWS and the end user. The customer is responsible for the customer data that is stored on the AWS platform while AWS operates, manages and controls the host operating system, virtualisation layer and the physical infrastructure provides the platform where data is stored.
A guiding principle for a shared responsibility model is that AWS is responsible for the security “of” the cloud while the customer is responsible for the security “in” the cloud.
This implies that customers running workloads on native AWS (using AWS services e.g. EC2, EBS, EFS etc) or in VMware Cloud on AWS are responsible for implementing measures to protect data in these environments and most importantly, be able to recover from a disaster incident as a result of failure in the AWS physical infrastructure or host operating system.
For native AWS workloads, its important to implement the cross region backup and archive of workloads i.e. storing backups in a different AWS region from where the workload is currently running and testing these backups regularly to ensure the environment can be restored in the new region. If there are data compliance requirements that prevent cross region transfer, customers can replicate data to different availability zone within a given region to improve resilience. Native AWS services such as AWS Backup and third party tools such as Veeam N2WS can be used to implement disaster recovery for native AWS workloads.
Similarly, VMware Cloud on AWS (VMC) customers will need to implement the backup and archive of VMs running in the software defined data centre (SDDC) on AWS. With the seamless integration of VMC with native AWS, backup files can easily be transferred to S3 storage and restored in the event of a disaster. Third party tools such as Veeam Backup and Replication, Veritas NetBackup and Druva can be used to implement the backup and archive of virtual machines on VMC to Amazon S3.
As an AWS Advanced Consulting Partner, Insight is well positioned to provide the technical expertise for AWS clients to implement data protection strategies and ensure seamless recovery in the event of a disaster.
Furthermore, Insight has built an unprecedented relationship with a range of technology partners who are leaders in providing data protection solutions on AWS. Some of these include Veeam, Veritas, NetApp and CloudEndure (part of AWS). For clients who currently use these vendor solutions on-premises or net new clients, Insight can provide the expertise required to leverage these vendor tools.
To guide clients through the implementation, Insight’s proven professional services engagement model can be tailored to meet individual clients’ need. These services include:
To find out more Insight Data Protection Proposition for AWS, please contact your Insight Account Manager or get in touch via our contact form here.