Data protection technologies have come a long way over the past decade, making protection consistent across infrastructure. Technologies developed for data protection have effectively safeguarded business information not only in regular sectors, but also in government and regulatory industries.
Transforming some of the elite data protection technologies into a solution that has already over 105K users, AWS is modernizing data protection with the ability to protect exabytes of data across AWS resources.
This solution was in the spotlight in the AWS presentation at the recent Storage Field Day event in California. Head of Product, Ajay Dankar, and Head of Growth, Palak Desai gave a quick overview of the key capabilities and use cases of AWS Backup, and explained the drivers that led to designing it. Their presentation was followed by more in-depth sessions that offered a peek under the hood.
AWS defines AWS Backup as a fully-managed service that automates and centralizes data protection across tons of AWS resources. At the core, it is a solution designed to squarely meet the specific asks of users around data protection.
Balanced Features
Today, any business bigger than a lemonade stand needs data protection. But data protection is not just about protecting data integrity from malware and malicious manipulation. Across customers, data protection means different things. Among those, a few requirements rise up becoming the common expectations of users.
“The most important thing what we heard from our customers is that they are looking for a centralized backup or data protection solution across multiple AWS resources,” said Mr. Danker.
Drilling further into it, he explained that most users expect data protection to be first and foremost, automated. Over the past decade or so, data protection technologies have had some triumphs and tragedies, but continued innovation has helped spark new technologies, many of which have greatly benefited users.
Immutable backup is one of those disruptive technologies. Unsurprisingly, modern businesses – even the smallest outfits – are set on putting their data under lock and key, preferably in digital vaults where it is fully secure.
Immutable backups provide a way to do that. It locks data in its original state allowing it to be neither altered, nor deleted.
Another key user requirement that AWS found while researching is data resiliency and continuity. Irrespective of any change or disruption in digital technology, data needs to be available, and accessible whenever required. Users expect to have full control over how their data is used.
A requirement typical to businesses operating in the regulated industries is data governance. With the growing complexity and volume of regulations, achieving compliance in certain critical sectors is extremely challenging. It entails establishing and enforcing data management policies rigorously and in that, governance plays a major role.
AWS’ Solution
AWS tames the beast with three granular capabilities that define AWS Backup. First and foremost, it is centrally managed, and designed to make data protection at scale possible. Users can configure, manage and govern all backup operations across AWS resources, – instances, databases and volumes – accounts and regions from one place.
In tune with the increasing data needs, AWS Backup provides policy-driven protection that is fully scalable. “We give companies a centralized and policy-driven interface that can scale as they bring in more resources, or as they start backing up more and more data – the interface scales as the needs grow,” said Mr. Dankar.
As soon as administrators have backup plans ready to go with all the parameters defining their backup requirements such as backup frequency and retention policies, administrators can start tagging resources to them, and the service takes over managing the backups as intended.
Data resiliency is improved with AWS Backup, allowing users to copy secondary data across accounts and regions using AWS’ cloud administrator, AWS Organizations. Cross-account copies of backed up resources can be used to restore data quickly and effectively when required.
Among the things that AWS does around data governance and compliance, a key piece is audit and report. AWS Backup Audit Manager helps organizations audit compliance of their backup policies against set definitions. This is particularly helpful for regulatory industries as it not only helps keep a close eye on what active resources and practices are compliant and what are not, but it also generates an audit trail, publishing reports periodically or on demand, that are often required for legal purposes.
Best Features
During her part of the presentation at Storage Field Day event, Ms. Desai called attention to two features in particular. One of them is AWS Backup Vault Lock. AWS Backup stores backups in secure containers called backup vaults. Vault Lock is an optional feature that extends the control and security of these vaults.
Users can activate a lock on each vault enforcing immutability. In compliance mode, the lock is irremovable, which leaves the vault configuration unchangeable even after the expiration of the grace period. The vaults can only be modified in Governance mode by those who have appropriate permissions.
“AWS Backup provides the capability of vault locks which allows customers to lock their backups into a vault and define lifecycle management for it. This provides customers the ability to write once and read multiple times making the data immutable,” said Ms. Desai.
She also touched on the service’s centralized data governance feature with emphasis on reporting capabilities. The AWS Backup Audit Manager monitors, assesses and reports the health and state of backup compliance. By automatically tracking all backup activities, it ensures that all controls and compliance of policies are aligned.
Wrapping Up
A company’s progression to full and complete data privacy can be messy. An initiative to implement broad data privacy across resources can typically fall into chaos or cause nonsense. A balanced solution like AWS Backup can help sidestep this cumbersome exercise. AWS Backup delivers automated data protection across resources both on AWS, and now on-premises, making protection consistent. By constantly keeping track of compliance at the back end, it can potentially prevent legal trespasses and reputation issues. Add-on features improve data resiliency and help perform faster recovery.
For more information on AWS Backup, check out AWS’ in-depth presentations on the solution from the recent Storage Field Day event.
