When thinking about security in the public cloud, many things come to mind. However, backups may not be readily considered when moving core enterprise applications into cloud-computing scenario. Backups of cloud data should be considered crucial to the overall security strategy of organizations with hybrid cloud or native public cloud business-critical applications, data, and infrastructure. An organization today who thinks they will never need to protect or recover public cloud data is simply not living in reality.
Backups are essential to making sure data is secure. No matter how many security mechanisms are in place, no data in existence is 100% secure. With high profile ransomware infections making headlines, many who have thought their data was secure had to rethink this conclusion. There is always a risk, even if remote, that data can be accidentally or intentionally deleted or even corrupted by a malware infection. Let’s take a closer look at this notion of backups as an integral part of the overall public cloud security strategy. With Google G Suite, how can G Suite administrators make sure their organization’s data is secure?
Why are Backups an important part of Security Best Practices?
Backups are an extremely important part of security as they allow data to be reconstructed after a potential security event resulting in data either being damaged, deleted, or corrupted accidentally or intentionally. This can be due to accidental end user or administrator actions, or intentional actions perhaps by an attacker or malware. Often, attackers want to disrupt business continuity by causing downtime as the result of data loss or data that is unusable due to being encrypted in the case of a ransomware infection. G Suite administrators want to be able to maintain business continuity by being able to reconstruct or restore data as quickly as possible.
Thinking about cyber security in this way allows organizations to have a business continuity plan that makes it possible to recover from downtime resulting from data loss. Backups, allowing organizations to recover data, are an essential part of any business continuity plan. Many businesses struggle with architecting an effective data protection solution once they start placing data in the public cloud for a number of reasons. For one, traditional backup solutions that still use on-premise backup often do not provide the features and functionality that allow tight integration with today’s hybrid cloud infrastructure. Additionally, there have proven to be misconceptions about public cloud infrastructure and the security of data residing in public cloud resources.
Public cloud vendors have up-time ratings and security that is hard to equal, let alone surpass by enterprise environments. However, at the end of the day, the security of the “data” is the organization’s responsibility. Ransomware attacks can encrypt data that is stored in the cloud the same as it can encrypt data that is on-premise. For example, on-premise files that become encrypted by ransomware can be unknowingly synchronized from an end user workstation up to the cloud with applications such as Google’s “Backup and Sync”.
Another problem presented by traditional backup technology solutions is that production backups are often stored on the same networks and server/network infrastructure as production workloads. A cardinal rule that must be kept in mind concerning backups – they are only good if they can be restored. When organizations are hit with ransomware attacks, many have found out the hard way that having backups of business-critical systems stored at the same site or in the same network location as the production workloads is not a good idea. Ransomware can infect production data AND backup data if it is accessible by ransomware encryption processes.
Backing up data stored in the cloud is no different. Organizations need a solution that is able to backup data in the public cloud and store the data safely, efficiently, and securely in another location. Let’s take a look at how Spinbackup is able to provide organizations today with powerful backup technology to protect data stored in Google G Suite. It is able to provide the following benefits to organizations:
- Automated Daily Backups
- Data Migration
- Deletion Control
Automated Daily Backups
As we have seen, backups are an essential part of security. G Suite administrators keen on protecting against data loss need to give priority to backing up G Suite data to ensure business continuity. On-premise backups are generally automated and happen in an organized fashion across the production workloads. Backups of public cloud data need to happen in an automated fashion as well.
Spinbackup allows the protection of critical emails, documents, sheets, and any other files that reside in an organization’s G Suite cloud. It enables protecting data from accidental deletion, deletion or corruption from an attacker, and data corruption resulting from the likes of a ransomware attack or any other event making data unusable.
The automated backup can be scheduled based on a time that is convenient for organizations and their data use patterns. Also, G Suite administrators can be selective to which data is protected by granularly selecting folders or data based on labels defined for G Suite services. This includes Gmail, Drive, Contacts, Sites, and Calendar.
Backups of data are crucial, especially during data migration. Migration of data to G Suite public cloud resources can be between Google accounts or from on premise data storage to G Suite data storage in the cloud. In either case, backing up data is an integral part of the process.
Spinbackup allows organizations to efficiently migrate data between Google accounts. This is especially helpful in the case of an employee leaving the organization, for example. Deleting the account is likely not desirable since there may be important data contained within the account of the employee who has left. Keeping the account and simply changing the password also may not be desirable since organizations will still be responsible for paying for the services for the employee who has left simply to keep the data intact.
Spinbackup provides an easy way to manually restore data from the employee’s services to another user in the G Suite organization. This provides the best-case scenario where important data remains, and organizations are able to clean up any unused employee accounts.
Selecting the resources for the granular restore of data from one account to another
Restoring files to the chosen G Suite account
Backups during a migration from on-premise to the Google G Suite cloud are also extremely important. Backups of G Suite data should be in place the moment that the first data is copied from on-premise to the cloud. This ensures that in the event of any disaster related scenario, data in the G Suite cloud is protected. By having Spinbackup protect the organization’s G Suite data, organizations can confidently migrate data from on-premise to the G Suite cloud without being concerned with potential data loss.
An area that correlates to backing up business-critical data is deletion control. Most backup solutions have a retention period that is cycled through for data that is kept on hand for the purposes of restoring. However, when thinking about restoring data that may have been deleted from the G Suite environment, G Suite administrators need the visibility of data that has been deleted. By having this visibility, G Suite administrators are better able to proactively manage data restores and any potential breach in G Suite organization security that may have been the result of compromised credentials or malicious actions either by a current employee or an attacker.
Spinbackup provides deletion control that allows “trash bin” checking. This allows a daily audit of files that have been deleted. The visibility to this activity greatly empowers G Suite administrators to notice trends or possible activity. One click restores, provided by Spinbackup from the “restore in time machine” functionality, provides a super easy way to recover lost data.
Backups are an essential part of any enterprise security strategy, both on-premise as well as in the cloud. Businesses today must strive to maintain business continuity in the event of a data disaster, whether at the hands of accidental data loss or a system-wide ransomware attack. Despite the resiliency that public cloud vendors offer in the way of up-time and redundancy, the “data” is still the responsibility of its owner.
Any data that is copied to and stored in the public cloud is the responsibility of the organization to maintain and protect. As cloud technologies are only now beginning to mature, the tools available to organizations are limited when compared to on-premise data protection solutions. Spinbackup is proving itself in the world of protecting business critical data stored in the public cloud. G Suite administrators who use Spinbackup for protecting data by utilizing its powerful cloud-to-cloud backup technology will find themselves in a much better position to deal with data disasters.
Spinbackup’s versatile capabilities when it comes to migrating data, either between accounts or from on-premise to the cloud, empower G Suite administrators to protect data in today’s hybrid cloud topologies. By allowing visibility to data deletion and powerful daily audits of this type of activity, G Suite administrators can be proactive rather than reactive when dealing with data loss.
For complete details of of Google’s approach to security and compliance for G Suite see Google Cloud Security and Compliance Whitepaper.
1,127 total views, 6 views today