The importance of backing up cloud resources
In this episode of the Backup Wrap-up, we continue our Backup to Basics series by discussing the importance of protecting cloud infrastructure, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). We then dive into the differences between these various cloud services and highlight the need to back up various components of each. We also discuss a recent incident where a Danish hosting company lost a significant amount of customer data due to a ransomware attack, emphasizing the ongoing threat of ransomware and the vulnerability of service providers. Tune in to learn more about safeguarding your data in the cloud.
Links to articles mentioned in the post:
https://www.pcmag.com/how-to/how-to-back-up-restore-your-documents-in-windows-10
Speaker:
Today, we're talking about protecting cloud infrastructure.
Speaker:
Like infrastructure as a service pass and SAS.
Speaker:
We hope you make sense of the differences between these very similar acronyms and
Speaker:
what parts of each need to be backed up.
Speaker:
If you've ever wondered if your pass or SAS product needs to be backed
Speaker:
up, you've come to the right place.
Speaker:
Hi, I'm w Curtis Freston and they've been calling me Mr.
Speaker:
Backup, since I wrote the first book on the topic over 20 years ago.
Speaker:
I've dedicated over 30 years to making sure that people like you
Speaker:
keep your data safe from accidents, disasters, and cyber attacks.
Speaker:
My podcast turns on appreciated backup admins and to cyber recovery heroes.
Speaker:
This is the backup wrap up.
Speaker:
welcome to the show.
Speaker:
I have with me the guy who makes me sweat.
Speaker:
Prasanna Malaiyandi.
Speaker:
How's it going?
Speaker:
Prasanna?
Speaker:
I'm good, Curtis.
Speaker:
How are you doing?
Speaker:
Are you get that?
Speaker:
Sweating is good.
Speaker:
They say it helps release toxins.
Speaker:
it helps you lose weight.
Speaker:
It helps you feel healthy and more alive and
Speaker:
know if I felt alive after our walk this morning.
Speaker:
yeah, for those who don't know, we live 400 miles apart, but we
Speaker:
go on walks together, via this
Speaker:
little device here in my air.
Speaker:
Just like we do
Speaker:
the podcast.
Speaker:
We are not in the same room.
Speaker:
We're not even in the same county.
Speaker:
Walking is good.
Speaker:
And I think the reason that you built up such a sweat today was I was a little,
Speaker:
just a tiny bit delayed in joining
Speaker:
15 minutes delayed, sir?
Speaker:
Sir?
Speaker:
I think it was actually like, yeah, it was, it was 15 minutes
Speaker:
plus you started 10 minutes
Speaker:
early.
Speaker:
And I think you mentioned that you were going to wait till I called you
Speaker:
to turn around and start walking back.
Speaker:
So yeah, so that
Speaker:
added
Speaker:
up.
Speaker:
Yeah, I walked one direction and I wasn't gonna turn around until you called me.
Speaker:
So I did, but I did a good walk, did a good walk today.
Speaker:
so let's stop talking about sweat and start talking about industry news.
Speaker:
We have, I think a very apropos story that comes to us from Denmark, the,
Speaker:
Danish hosting company that lost all of its customers data, or at
Speaker:
least the majority of its customer data after a ransomware attack.
Speaker:
What do you think about that?
Speaker:
It's sad when these things don't shock you anymore, you know, you've sort of been
Speaker:
acclimated to it, which is sad, right?
Speaker:
But I'm not surprised as we've seen, and we've had guests talk
Speaker:
about this in the past, right?
Speaker:
Ransomware isn't dying down, right?
Speaker:
It's just getting worse and worse.
Speaker:
And people are going after these larger targets, if you will, right?
Speaker:
More Centralized, right?
Speaker:
Rather than necessarily going after like mom and pops and all the rest.
Speaker:
And a service provider is like the perfect place to go attack, right?
Speaker:
Because you have all these customers, data, all in a central place, right?
Speaker:
They're offering services, it's probably business critical
Speaker:
data, all the rest of that.
Speaker:
And it's like, why not go after them?
Speaker:
And that way you're negotiating with the service provider if you are trying
Speaker:
to get ransom out of them, right?
Speaker:
Getting them to pay versus dealing with every single end user out
Speaker:
Yeah.
Speaker:
The article mentioned that, this has been an, another new tactic by the ransomware
Speaker:
folks, because by attacking a hosting provider, you create not one victim,
Speaker:
but many victims, any one of which you could potentially go and, get them to,
Speaker:
pay you a ransom in order to recover.
Speaker:
Yeah, it reminds me a bit about the Rackspace attack
Speaker:
that happened last year, right?
Speaker:
Where they did target a very large service provider, right?
Speaker:
Hitting their exchange environment,
Speaker:
right?
Speaker:
And it's the same sort of things.
Speaker:
It feels a bit like Deja Vu, right?
Speaker:
yeah, exactly.
Speaker:
We encourage people that when they're hacked to tell people what happened.
Speaker:
And there is a, what happened section in a page that is in Danish,
Speaker:
but we have translated it via the, wonder of Google translator.
Speaker:
And what happened was they were in the middle of a server move and they, there
Speaker:
was a previously unknown infection.
Speaker:
And during that server move, they were temporarily connected
Speaker:
to, an administrative network.
Speaker:
And that allowed the hackers to gain access and infect the, backup systems.
Speaker:
And then via the backup systems.
Speaker:
They were able to, this is one of the things we talked about many times
Speaker:
that I know in recent episodes where we talked about that you really need
Speaker:
to focus on the security of your backup and recovery system because.
Speaker:
it is the goose that has the golden egg, right?
Speaker:
It has everything.
Speaker:
Or Crown Jewels, whichever way you want to think about it
Speaker:
Yeah.
Speaker:
The crown jewels.
Speaker:
Yeah.
Speaker:
basically it's one place.
Speaker:
It's like they got the golden egg within the golden egg, right?
Speaker:
They had the, this is the backups within the hosting provider that creates
Speaker:
multiple, victims, but basically.
Speaker:
I, I will say this, I have to admire the company because they're saying
Speaker:
they are refusing to pay the ransom, even though this quite possibly will
Speaker:
have significant, negative damage to the company because they don't
Speaker:
have any backups of anybody's data.
Speaker:
the craziest part was where they were suggestions for you to re, to
Speaker:
rebuild your own website that actually pointed people at, the web archive,
Speaker:
which is just the way back machine.
Speaker:
Yeah.
Speaker:
that's just fundamentally wrong.
Speaker:
So just two things to also add to this new story quickly.
Speaker:
I think one is the article I think that you had referred to earlier
Speaker:
was found on Bleeping Computer.
Speaker:
So if listeners, you want to go read more about it, go there.
Speaker:
I think the other thing is it is mentioned that there are two companies that got
Speaker:
hit, but the two companies actually belong to the same parent company.
Speaker:
So there is that aspect as well.
Speaker:
So if you do read that, Hey, there were two Nordic companies that got hit.
Speaker:
They are Owned by the same company.
Speaker:
Gotcha.
Speaker:
and the good news category, we have the fact that Windows 10 is now going
Speaker:
to have a built in backup, the built in backup features it looks like
Speaker:
that were already in Windows 11.
Speaker:
Microsoft was using that as a, has anyone in the history of computing
Speaker:
migrated to a new operating system because it had better backup software?
Speaker:
Of course, Curtis, that's the first reason to migrate.
Speaker:
but that's what Microsoft was thinking, that people would upgrade
Speaker:
to Windows 11 because it had better backup, and it's just not happening.
Speaker:
People are still hovering on Windows 10, and so they decided to add
Speaker:
these and they're saying that most of the functionality was not new.
Speaker:
It was just all put under a single umbrellas to increase ease of use.
Speaker:
And then there was some new functionality.
Speaker:
So that's,
Speaker:
don't know if you've ever tried to use backup in Windows 10, but it is awful.
Speaker:
is this, what is this windows thing that you speak of?
Speaker:
I'm sure you, so I have one Windows, no, actually I have two Windows boxes at home,
Speaker:
but yes, for both, which I rarely use.
Speaker:
And most of the time it is powered off just because of.
Speaker:
Ransomware and other things like that.
Speaker:
But yeah, so yeah, anytime I try to get in and figure things out, I'm like, oh
Speaker:
my God, I just want to shoot myself.
Speaker:
Just make it simple.
Speaker:
Yeah, absolutely.
Speaker:
I think this sort of the earlier story gives us a perfect segue
Speaker:
into what we wanted to talk about.
Speaker:
This is another part of our Backup to Basics series, where we review,
Speaker:
basically stuff from the book, Modern Data Protection by the book,
Speaker:
I mean, my book, from O'Reilly.
Speaker:
And, we're looking at chapter eight, so first we've covered sort of traditional
Speaker:
data sources, sort of servers and VMs and databases and things like that.
Speaker:
Now we're starting to look at data sources that are relatively
Speaker:
new, comparatively speaking.
Speaker:
And, so the first thing we're going to talk about is the public cloud.
Speaker:
is that a thing?
Speaker:
What is a public cloud?
Speaker:
Yeah, what is a public cloud?
Speaker:
Because, honestly, if you take 10 people on the street, right, IT professionals,
Speaker:
they don't have to be on the street because they don't have jobs, but
Speaker:
just you find them somehow, right?
Speaker:
and you talk to them, and you'll ask them, what's a public cloud?
Speaker:
I bet you, you will get a half a dozen answers.
Speaker:
Yeah, I think so.
Speaker:
I still.
Speaker:
Remember the first time I asked someone else, it happened to be Steven Foskett,
Speaker:
I asked him what the, I remember we were having lunch in Manhattan, I still
Speaker:
remember this, the first time I asked that question, what in the world is
Speaker:
this cloud thing they're talking about?
Speaker:
And, there is no such thing as a cloud, just somebody else's computer, right?
Speaker:
that's basically what I always tell people.
Speaker:
And the big thing, when...
Speaker:
When we're talking, the big thing I want to make sure that people
Speaker:
understand is this stuff still needs to be backed up, right?
Speaker:
Everything needs to be backed up.
Speaker:
The question is.
Speaker:
Who is doing that backup?
Speaker:
Cause the answer is not always the same.
Speaker:
and, even if...
Speaker:
You do figure out who is responsible and it's not you, you may still want
Speaker:
to back it up in some fashion to avoid the new story we talked about
Speaker:
Exactly.
Speaker:
Exactly.
Speaker:
So let's first talk, so let's look at the different parts of the public
Speaker:
cloud and just talk about that.
Speaker:
And the first is, the one that I hate the most to say as an acronym, cause
Speaker:
it doesn't, you, I as that doesn't.
Speaker:
Just doesn't, infrastructure as a service.
Speaker:
what would you, how would you define that?
Speaker:
In my mind, that literally is whatever you were running on your physical,
Speaker:
like your applications were running somewhere on, in your own data centers.
Speaker:
It needs to run somewhere in the cloud.
Speaker:
All you're doing is you're hosting those applications on infrastructure
Speaker:
that you are renting, borrowing, whatever you want to call it from
Speaker:
the public cloud provider, right?
Speaker:
So this is, if I look at AWS, these are like EC2 compute instances, right?
Speaker:
So I am borrowing Infrastructure to host my application.
Speaker:
It's probably EBS volumes because data needs to be stored on something
Speaker:
Yeah.
Speaker:
I would say I would include S3 and I would include the networking
Speaker:
that's part of it as well.
Speaker:
Basically storage, compute, and networking that you're renting.
Speaker:
Is that, that seem about right?
Speaker:
And so here's the question.
Speaker:
What?
Speaker:
Did you have something?
Speaker:
which in the past was a great first step for a lot of people trying
Speaker:
to figure out how do I go from my data center to the cloud, right?
Speaker:
Because in.
Speaker:
Your mind, right?
Speaker:
It's just an easy lift and shift.
Speaker:
Whatever I was running on premises, I just rent the infrastructure and
Speaker:
then I just run my applications on it.
Speaker:
It's not a real big, heavy lift for me.
Speaker:
I'm not changing any applications or code or redoing things.
Speaker:
It's just whatever was running here is now running there.
Speaker:
Yeah.
Speaker:
and just so that we're all on the same page, let's, because we use
Speaker:
this term lift and shift quite a bit.
Speaker:
and I often use it pejoratively.
Speaker:
Can I put Lee at the end of pejorative?
Speaker:
I think I can.
Speaker:
I use it in the pejorative sense.
Speaker:
And because I'm not a huge fan of lift and shift, right?
Speaker:
it's a good like toe in the water.
Speaker:
It allows you to start using the public cloud.
Speaker:
It is a lousy way to use the public cloud.
Speaker:
If all you do is take your VMs on prem and move it to VMs in the cloud.
Speaker:
Why do I say that?
Speaker:
Because you get some of the benefits and all of the badness, right?
Speaker:
That basically you get, you basically, it's a really expensive
Speaker:
way to have a data center, right?
Speaker:
and so there's all these people that did this big lift and shift and
Speaker:
they moved everything into cloud and they stopped using VMware and now
Speaker:
they're using EC2 and then they're like, holy crap, this is expensive.
Speaker:
You're like, You went from owning a car to renting a car and you're
Speaker:
still driving it 24, seven, it's going to be expensive to do that way.
Speaker:
The alternative is to do what's called refactor, which is, actually
Speaker:
programming to the hundreds.
Speaker:
Of services that Amazon runs and not just Amazon, but other providers,
Speaker:
other services that they run, things that are, you use on demand and you
Speaker:
pay for them as you use them rather than a server VM that's running 24
Speaker:
seven, regardless of what it's doing.
Speaker:
Anyway, I stepped down off my soapbox.
Speaker:
I like what you talked about people being surprised by the cost aspect.
Speaker:
And one of the things I just wanted to plug is, if you follow
Speaker:
Corey Quinn on Twitter, I think he's part of Duck Bill Group.
Speaker:
He does an amazing job of breaking down public cloud costs and why
Speaker:
you should be careful when you are doing lift and shift to the
Speaker:
Exactly.
Speaker:
Exactly.
Speaker:
It's a good resource.
Speaker:
does this need to be backed up,
Speaker:
Of course.
Speaker:
is The data
Speaker:
important to you?
Speaker:
yes.
Speaker:
I'll give you a clue.
Speaker:
The answer is always yes.
Speaker:
So here's a question.
Speaker:
Let's talk specifically AWS, because you and I have spent a lot of time in AWS.
Speaker:
it's not the only cloud provider, it's just the one I
Speaker:
have the most experience with.
Speaker:
If you have EC2 instances, Are they backed up in any way if you don't do anything?
Speaker:
I do not
Speaker:
I don't think so.
Speaker:
and when you talk about EC2, remember EC2 is just compute.
Speaker:
You need to actually attach a volume, which is an EBS
Speaker:
volume, in order to actually
Speaker:
right.
Speaker:
Really what
Speaker:
Right?
Speaker:
And I
Speaker:
the EBS volume that's behind that.
Speaker:
And yeah, it is my understanding that with EC2, If you have a VM, literally nothing
Speaker:
that anyone would literally nothing like it's not even, there's not even something
Speaker:
that maybe someone consider a backup, but others would not, there's nothing right.
Speaker:
You are 100 percent responsible for that.
Speaker:
Exactly.
Speaker:
Yeah.
Speaker:
Unless you do take advantage of things like EBS snapshots.
Speaker:
to you.
Speaker:
The tools are there.
Speaker:
But my point of making is specifically with, again, this is just speaking of EC2.
Speaker:
I think it's actually the same and other.
Speaker:
like Azure and GCP, that specifically VMs, they're assuming, you're running
Speaker:
this thing, you're in charge, right?
Speaker:
there are two ways to back up a VM in the cloud, right?
Speaker:
You can use the built in tools.
Speaker:
essentially, they call them snapshots.
Speaker:
I don't like to call them snapshots.
Speaker:
They are actually image copies.
Speaker:
It's actually a copy of that drive made to another location.
Speaker:
In the case of AWS, it is, it's in S3, right?
Speaker:
EBS snapshots are stored in S3.
Speaker:
So they're stored as an object and you can do incremental snapshots, right?
Speaker:
then what do you do once you've done that?
Speaker:
So since the EBS snapshot lands in S3, right, you get all the benefits
Speaker:
of S3, right, so it is replicated within three availability zones,
Speaker:
right, the only downside is, Right?
Speaker:
That's just one copy.
Speaker:
You still want to follow the 3 2 1 rule, right?
Speaker:
So you want to make sure that that one copy also makes it into a
Speaker:
different region, a different account.
Speaker:
So using S3 technologies, you can make sure the image copy that's in
Speaker:
S3 in a local spot gets replicated to somewhere else in a different account.
Speaker:
So you get protected as well.
Speaker:
exactly.
Speaker:
Codespace, Codespaces.
Speaker:
That's all I'm going to say, right?
Speaker:
Codespaces.
Speaker:
com, read that story.
Speaker:
That's why.
Speaker:
You've got to put it in a different account and a different region, right?
Speaker:
That, that, that's the way in the cloud.
Speaker:
That's the way you comply with the 3 2 1 rule, right?
Speaker:
Veeam likes to turn it into 0.
Speaker:
I don't like to do that.
Speaker:
I just like to say, listen, just properly follow by the 3 2 1 rule that says
Speaker:
having multiple things on different, the idea of the two is having it on two
Speaker:
different things that have different.
Speaker:
Risk profiles, right?
Speaker:
So put it in a different region.
Speaker:
And also the one, I think the truly one is to have it offsite, not
Speaker:
only to have it in another region, but to have it in another account.
Speaker:
So if you're one main account of Compromised, then it's not going
Speaker:
to, it's not going to be over there.
Speaker:
And maybe for listeners who may not have heard us talk about 3 2 1 rule
Speaker:
before, do you want to explain what the
Speaker:
3 2 1 rule is?
Speaker:
yeah.
Speaker:
if, yeah, thanks.
Speaker:
So 3 2 1 rule is just a rule of thumb that was coined by somebody who we
Speaker:
actually had on the podcast, Peter Krogh.
Speaker:
he's a digital photographer and he just said, you want to have three
Speaker:
copies of every piece of data.
Speaker:
He does see the first, the original is one of those copies.
Speaker:
So then the two of those three, two of those, you want them to have
Speaker:
them on two different risk profiles.
Speaker:
He's talking about maybe two different kinds of media.
Speaker:
and in this case, we're saying put it in two different regions.
Speaker:
some people like to take that to the point of saying, we're going
Speaker:
to put one on disc and one on tape.
Speaker:
I don't have any disagreement with that.
Speaker:
and then the one is, making sure that one of the copies is offsite.
Speaker:
In the cloud, there is no such thing as offsite.
Speaker:
So that's again, why we talk about a different region.
Speaker:
And I think the different account is.
Speaker:
gets added to
Speaker:
mainly today we use the 3 2 1 to show things that aren't backups, right?
Speaker:
We're gonna get to that in a minute Things that definitely are not backups.
Speaker:
Alright, so what's next?
Speaker:
We're talking about PaaS.
Speaker:
What is PaaS Prasanna?
Speaker:
platform as a service, right?
Speaker:
And I think this evolved because, okay, IaaS was the first level,
Speaker:
the base level, if you will.
Speaker:
And then people were like, that's too complicated, right?
Speaker:
It basically doesn't help simplify my management aspects, right?
Speaker:
I'm still managing infrastructure.
Speaker:
I don't want to have to deal with that.
Speaker:
And so PaaS was built on top and it's more platform as a service.
Speaker:
So these are things like.
Speaker:
You'll still be managing and deploying your applications, but you don't
Speaker:
have to deal with all the underlying infrastructure and figuring out
Speaker:
how many EC2 instances you have to spin up and everything else.
Speaker:
So an example of this would be AWS RDS, which is their database
Speaker:
service, which allows you to say.
Speaker:
Provision for MySQL or Oracle, right?
Speaker:
or Postgres, I believe.
Speaker:
And so you can spin up these database instances without having to worry about,
Speaker:
okay, how many individual EC2 nodes do I need and all the rest of that.
Speaker:
Yeah, instead of saying, build a box and then install Oracle on it, right?
Speaker:
They're like, here's an Oracle database, right?
Speaker:
Here's your, here's your admin password and log in and do all the things,
Speaker:
Tell us how big you want it, what tables you want, all those things.
Speaker:
And you're administering it, maybe even not even through the
Speaker:
traditional Oracle interface.
Speaker:
You may have a, Another UI that you're using to create the tables.
Speaker:
you probably in the case of Oracle and MySQL, you probably can also
Speaker:
administer it via the standard tools.
Speaker:
But you may have this additional UI and you just get this, here's this database.
Speaker:
Now, I won't bother asking, should it be backed up?
Speaker:
But here's my question.
Speaker:
Do you know whether or not RDS databases, for example, are automatically backed up?
Speaker:
So I think that they do have a policy that you can create to say,
Speaker:
I want to do automatic backups.
Speaker:
I am not sure if it's default on or not.
Speaker:
I believe that it actually is by default on.
Speaker:
but it's just a very basic, like snapshot replicated S3.
Speaker:
Stays in the same account, stays in the same region, all of that.
Speaker:
I'm pretty
Speaker:
For 30 days only,
Speaker:
for 30 days, yeah.
Speaker:
and then if you want to do more than that, if you want to replicate
Speaker:
to another region, if you want to replicate to another account, which you
Speaker:
should, that's where it's up to you.
Speaker:
but even that, again, that's still, if you're not getting it out of that account.
Speaker:
I don't think of that as a valid backup.
Speaker:
Leave it in the account, yes, for convenience and ease of restore, but get
Speaker:
it out of the account from a security perspective and a risk perspective,
Speaker:
and that other account should be locked down, right?
Speaker:
You don't want anyone and everyone to have access.
Speaker:
if someone gets access to the production account, you don't want
Speaker:
them to necessarily be able to quickly get access to that backup
Speaker:
exactly.
Speaker:
in addition to locking it down and having super crazy MFA and all of those
Speaker:
things, I would configure it so that if, and when somebody does log into
Speaker:
it, it sets off all kinds of alarms.
Speaker:
that go to important
Speaker:
Will Robinson,
Speaker:
Will Robinson,
Speaker:
Yeah.
Speaker:
some of our listeners might not get that reference, but...
Speaker:
Um, so yeah.
Speaker:
Also needs to be backed up, also needs to be transferred.
Speaker:
with the case of EC2, right?
Speaker:
There's a couple different ways we talked about that, the snapshot
Speaker:
plus replication is the typical way.
Speaker:
There, you can also load an agent on an EC2, thing.
Speaker:
With RDS specifically, and again, we're only talking about RDS
Speaker:
just because this is where you and I have a lot of experience.
Speaker:
There are other tools you need to look into those tools.
Speaker:
In the case of RDS, I'm pretty sure you're stuck with the RDS way of backing up.
Speaker:
You can't put in an agent.
Speaker:
And I know, for example, in the case of Oracle, and I don't know
Speaker:
if they've changed this, but the last time I checked, RMAN backups
Speaker:
work, RMAN restores do not, which
Speaker:
Yep, which is
Speaker:
is really weird, and just wrong, right?
Speaker:
I don't even know how, like, how you would go about restoring.
Speaker:
so what do you think people that are doing, RDS backups, via non
Speaker:
standard, or standard ways, what do you think they should do to
Speaker:
know exactly how that stuff works?
Speaker:
they should try it out, right?
Speaker:
Test your backups, do your test restores, right?
Speaker:
Try these various scenarios and figure out, can I restore a tablespace?
Speaker:
Can I restore an instance, right?
Speaker:
Can I restore...
Speaker:
Logs, right?
Speaker:
Roll back in time.
Speaker:
Yeah, roll back in time, right?
Speaker:
Do all those things work?
Speaker:
Because it's better to try it now before you actually need
Speaker:
it, rather than scrambling
Speaker:
Exactly.
Speaker:
and there are all kinds of different PaaS.
Speaker:
Generally, when I think about PaaS, generally, I find myself talking
Speaker:
about a database of some sort.
Speaker:
I was also thinking about things like VMware right?
Speaker:
Which runs in the public cloud, right?
Speaker:
That's probably more of a PaaS.
Speaker:
no, I see that.
Speaker:
I see that as IS.
Speaker:
Yeah.
Speaker:
Yeah.
Speaker:
Because again, you're just managing VMs, right?
Speaker:
now, let's talk about that.
Speaker:
VMware Cloud on AWS is a great thing to talk about.
Speaker:
And that is that It's, it has a completely different backup
Speaker:
and recovery paradigm, right?
Speaker:
You need to use a tool that knows how to backup VMware cloud, on a
Speaker:
w s or on the other places where VMware cloud happens to run.
Speaker:
And, any decent modern backup and recovery tool is going to have that.
Speaker:
but don't assume if you're moving from VMware on prem to VMware cloud on AWS,
Speaker:
don't assume that your backup product.
Speaker:
we'll support it because one big thing, for example, is, like
Speaker:
you, you have to use the APIs.
Speaker:
You can't, there, there's no, place where you can, install stuff to,
Speaker:
to do things like the old way.
Speaker:
you have to use the APIs.
Speaker:
the other thing also, specifically with VMware Cloud, is you have to
Speaker:
also check to see, because I know at least in the past, there was some
Speaker:
functionality which isn't fully available in the VMware Cloud environment just
Speaker:
because of the infrastructure and other complexities that you might
Speaker:
have been able to do on premises.
Speaker:
if you were relying on certain restore functionality specifically,
Speaker:
that may not work in VMware Cloud.
Speaker:
By the way, speaking of VMware cloud, six years ago today, according to
Speaker:
photos in my library, VMware was talking about VMware cloud on AWS
Speaker:
at VMworld that I was attending because it popped up a photo of the.
Speaker:
Of the, the slides I was like, what?
Speaker:
They're kind of run VMware on AWS.
Speaker:
what in the world, who would want to do that?
Speaker:
I said, and once again, the world said us.
Speaker:
Yeah.
Speaker:
All right.
Speaker:
so the next is Server Serverless Services.
Speaker:
that's a mouthful.
Speaker:
That's a handful.
Speaker:
Yeah, I was going to say, say that 10 times fast, Curtis.
Speaker:
Yeah, I'm not gonna do that.
Speaker:
So this is like Lambda and other things.
Speaker:
remember there's always a server behind Serverless Services.
Speaker:
But, I don't, these are typically actions that do things against
Speaker:
other things that I don't think.
Speaker:
is this the one exception to the backup rule?
Speaker:
So I would disagree
Speaker:
Okay.
Speaker:
All
Speaker:
I think you still need to back up because think of serverless
Speaker:
as your writing function.
Speaker:
I think you have to back up the actual
Speaker:
Okay, so the function that you've created, yeah, just this is just
Speaker:
like Kubernetes and Dockers.
Speaker:
You're backing up sort of the configuration, but the thing the
Speaker:
serverless action is doing is going to affect some other piece of storage.
Speaker:
That's the thing that you're going to be backing up.
Speaker:
Yeah, you should already be backing that up
Speaker:
Okay.
Speaker:
so I, as I was saying it, I was probably in back of my brain was
Speaker:
like, what about the configuration?
Speaker:
Yeah.
Speaker:
So yes, you want to back up the configuration of the
Speaker:
thing that you developed that you're running as a function.
Speaker:
and it may be complicated because one of the things like I know We haven't
Speaker:
quite talked about it on this episode, but it's why do you back up right?
Speaker:
It's to be able to restore in the case of different types of failures, right?
Speaker:
And one of it is hey that lambda file or the serverless function that I wrote.
Speaker:
It's not behaving the way I want it I want to be able to go back in time and restore
Speaker:
whatever it was from like a month ago
Speaker:
Yeah.
Speaker:
Yeah.
Speaker:
The whole agile development model.
Speaker:
I'm 17 revisions in and, yeah, exactly.
Speaker:
that is one of the reasons we restore is developers mess up stuff, right?
Speaker:
All right.
Speaker:
So let's talk about our next cloud resource that we may or may not want
Speaker:
to back up a little thing called SaaS.
Speaker:
sa.
Speaker:
Software
Speaker:
so I think first before, so before we get into whether or not we should
Speaker:
back it up, Curtis, I want you to give your definition of what you think S
Speaker:
is and what you think ssas is not, because there's a lot of confusion out
Speaker:
there when people use the word SaaS,
Speaker:
Yeah,
Speaker:
and
Speaker:
there are two things that are often marketed as SaaS.
Speaker:
and there's one really big company that's marketing.
Speaker:
itself is SaaS.
Speaker:
And I'm like, I'm sorry, that is not SaaS.
Speaker:
SaaS is, it's easier to define it.
Speaker:
in terms of to give examples of it, then, An example of SaaS is
Speaker:
Microsoft 365, Salesforce, HubSpot.
Speaker:
It's a service.
Speaker:
It's an application.
Speaker:
Yes.
Speaker:
But it's an application where you don't manage any of the infrastructure.
Speaker:
You just use the thing.
Speaker:
You go to Microsoft 365 and you say, I want to add 7, 000 users and
Speaker:
magic happens underneath the covers.
Speaker:
All of the, all of the infrastructure that does have to
Speaker:
be provisioned to make that happen.
Speaker:
That happens without you, hopefully without you even feeling it.
Speaker:
it may, if you go and you say, I need to provision a hundred thousand users.
Speaker:
Microsoft 365 might say, give me a minute because it's got to go out
Speaker:
and provision a bunch of storage.
Speaker:
But, go ahead.
Speaker:
or even like how we're recording this podcast.
Speaker:
Oh, yeah, this is a SaaS.
Speaker:
We're now using Squadcast, to record this podcast.
Speaker:
And you and I log in, we go to a website, we go, we say record.
Speaker:
It does the magic and then saves the data.
Speaker:
That is another example of a SaaS service.
Speaker:
What is not an example of a SaaS service?
Speaker:
Adobe software.
Speaker:
This is,
Speaker:
Creative Cloud.
Speaker:
yeah, Adobe Creative Cloud is not SaaS.
Speaker:
They keep like the CEO of Adobe say, we want to be a hundred
Speaker:
percent SaaS by 2025 or whatever.
Speaker:
And I'm like, you're not 0 percent SaaS.
Speaker:
What is often called SaaS is subscription based pricing.
Speaker:
They're saying, you're, it's a software as a service, right?
Speaker:
No, it's software as a subscription, right?
Speaker:
Which also by the way is SaaS.
Speaker:
It comes out as SaaS.
Speaker:
so so I think there is one correction though.
Speaker:
I know with Adobe, there is a lot of the tools.
Speaker:
one reason why I know you complain about it is you want to use Photoshop, right?
Speaker:
You subscribe to Creative Cloud, you download Photoshop, you have to
Speaker:
install it, you have to manage the updates, you're doing all of that.
Speaker:
I believe now Adobe is actually pushing towards a true SaaS product for
Speaker:
Photoshop where it is everything done on
Speaker:
When that happens, I will rescind my, thing.
Speaker:
But if I'm downloading something And I'm installing it on my infrastructure.
Speaker:
That is not SaaS.
Speaker:
I can think of, I don't want to pick on them by name, but there's
Speaker:
a backup vendor that sells their stuff now through subscription
Speaker:
based pricing and they call it SaaS.
Speaker:
And I'm like, I'm sorry, that is not SaaS.
Speaker:
Right.
Speaker:
and I don't really care what you call your product.
Speaker:
It's just.
Speaker:
It's just a little confusing when we're trying to talk about, backing up SaaS.
Speaker:
I think that when you say SaaS, it should mean one thing.
Speaker:
And it means like Microsoft 365, a service that I use via, I'll give you one.
Speaker:
if I've got, I don't think anyone does this, but if I
Speaker:
had To, what, you know what?
Speaker:
Zoom.
Speaker:
Zoom is a perfect example.
Speaker:
I have to install a piece of software to use Zoom.
Speaker:
But it's just a UI to the infrastructure that's running in the background, right?
Speaker:
It's not...
Speaker:
I'm not running Zoom on my platform.
Speaker:
That's still
Speaker:
and Yes, and technically, you could also not have to install a
Speaker:
client locally, you could always use a web client and join via that.
Speaker:
yeah, so here's my, we've talked about this plenty of times, but my biggest
Speaker:
problem with SaaS is it's so many people seem to think that because
Speaker:
I'm getting the entire application delivered to me on a silver platter.
Speaker:
Backup is part of that service.
Speaker:
Isn't it, Curtis?
Speaker:
Come on!
Speaker:
Now you're just poking the bear.
Speaker:
yeah, it's not, here's the thing.
Speaker:
There may be a SaaS service out there.
Speaker:
In fact, I may have encountered one where they actually include backups
Speaker:
as part of the infrastructure.
Speaker:
And, it's in the service contract, it's in the documentation, right?
Speaker:
and those backups, by the way, if you actually have backups as part of the
Speaker:
product, all I want to know is how do they conform to the 3 2 1 rule?
Speaker:
How can I make sure that at least one of those copies is being managed?
Speaker:
In a different location and has a different risk profile
Speaker:
than the primary stuff.
Speaker:
My, can you remember what three letter acronym I would throw out to remind
Speaker:
people about what happens when you have the backups managed by the same people?
Speaker:
OVH.
Speaker:
Exactly.
Speaker:
Yeah.
Speaker:
OVH, the largest cloud provider headquartered in France, had a backup
Speaker:
service for the back, the servers that they were backing up, and the data was
Speaker:
stored literally in the same data center.
Speaker:
And when they had this giant fire, it took out both the
Speaker:
production and the backup systems.
Speaker:
And even if I was using a SaaS service that said it had
Speaker:
SaaS, or said it had backup.
Speaker:
I would need a really good reason to use that service.
Speaker:
it would be so much easier for me in terms of to feel better, to back
Speaker:
that up to a different service.
Speaker:
at least that way, again, it's splitting the risk profile, right?
Speaker:
the one other example, I know we don't normally think of it as SaaS,
Speaker:
but I think the Rackspace example with their managed email is actually
Speaker:
Yeah, yeah, I think it might actually be PaaS, because it was hosted
Speaker:
Exchange, but I never, it's somewhere between PaaS and SaaS, right?
Speaker:
because if you're still managing Exchange, Like it's exchange and you're not just,
Speaker:
but if the UI, I never administered, if the UI is basically the same as
Speaker:
365 and you just get the advantages of having all your data in one place,
Speaker:
then it would be, then it would be, that would be SaaS, but, but yeah,
Speaker:
But they were doing their own
Speaker:
they were doing their own backups as well.
Speaker:
And we know how that went.
Speaker:
so
Speaker:
We don't mean to pick on these same companies, but it's
Speaker:
just good learning examples,
Speaker:
for...
Speaker:
right?
Speaker:
And yeah, if you don't want me to name you as an example, uh,
Speaker:
then don't, don't do bad stuff.
Speaker:
Back up your
Speaker:
Bag of your data.
Speaker:
Yeah.
Speaker:
If you don't want to be the next example that I talk about on some
Speaker:
future episode of, this podcast, then, just don't do that stuff.
Speaker:
So summary statement, Prasanna.
Speaker:
All cloud stuff needs to be backed up.
Speaker:
Any problems with that statement?
Speaker:
Okay.
Speaker:
And then what do we want to do?
Speaker:
We want to make sure that we separate.
Speaker:
The backups from the primary as much as possible.
Speaker:
And I talk about a different region and a different account.
Speaker:
and then You brought up a really good point of making sure that backup,
Speaker:
because again, now this is your core.
Speaker:
It's your, you know, it's the, the golden goose and the egg, right?
Speaker:
So make sure that you've locked that down as much as you possibly can.
Speaker:
I was thinking about this.
Speaker:
You know what we should be calling that thing?
Speaker:
You know how they have that seed vault in...
Speaker:
where is it?
Speaker:
Somewhere in, the Arctic region, where they have, like, all these seeds for
Speaker:
yeah, yeah, yeah.
Speaker:
The, um, give me a second.
Speaker:
It's, um, Heirloom, the heirloom seed ball.
Speaker:
Yeah,
Speaker:
Yeah, so that, that's what this should be, right?
Speaker:
This is literally the last copy of all your data for your entire company, right?
Speaker:
You want to preserve it just like that.
Speaker:
exactly.
Speaker:
Exactly.
Speaker:
Yeah.
Speaker:
That's a, people probably don't know about that, but basically, an heirloom
Speaker:
seed is an unmodified original, thing and the somewhere, somebody is
Speaker:
storing seeds for all these things.
Speaker:
just in
Speaker:
It's across the world,
Speaker:
yeah,
Speaker:
a nuclear disaster or something.
Speaker:
this has been a good episode.
Speaker:
hopefully you've, uh, learned a lot about, backing up cloud resources.
Speaker:
The first of, let's see, the first of like three different, um, modern things
Speaker:
that need to be backed up and, um, any final thoughts on that, Prasanna?
Speaker:
I think the final thought would be, just because it runs in the cloud doesn't
Speaker:
mean you don't need to back it up.
Speaker:
Ask the question, how are you protecting your data and where is it going?
Speaker:
Yeah.
Speaker:
Couldn't have said it better.
Speaker:
so anyway, thanks a lot, Prasanna.
Speaker:
Thank you, Curtis.
Speaker:
Always fun, always a
Speaker:
Always fun.
Speaker:
I want to thank you for listening to this episode of the backup wrap-up.
Speaker:
It is an independent podcast.
Speaker:
And any statements made are the opinions of the speaker and
Speaker:
not necessarily their employer.
Speaker:
Be sure to check out our other episodes on backupwrapup.Com.
Speaker:
Our YouTube channel by the same name, or of course, wherever you get your podcasts.
Listen On
