Cloud Storage vs. Cloud Backup as a Service
First, let’s cover the basics. Here’s a quick overview of some of the main differences between cloud storage and cloud backup.
- Designed to supplement your existing hard drive space
- Requires you to manually select which files you want to store in the cloud
- Can typically only encrypt files on the server side, so data transfer is less secure
- Doesn’t include data integrity checks
- Typically does not provide file versioning or point-in-time restore
Cloud backup service:
- Designed to let you restore files in the event of data loss
- Automatically saves and syncs files on designated devices to the cloud
- Typically includes encryption on both transfer and storage
- Checks integrity to ensure files corrupted by ransomware or hardware failure don’t get backed up
- May (should) provide file versioning for point-in-time restore
Differences in Data Restoration
Beyond the basics we covered, some of the biggest differences between cloud storage and cloud backup happen when you’re trying to restore lost data. For example, if you’re just using cloud storage solution and you lose all your data in a computer crash, unless you’ve been on top of saving updated files to your storage vault, then you’ll lose those versions. Even if you’ve got it set up to sync the files, if a file gets deleted, corrupted, or infected on your device, then the same thing happens to that file in the cloud.
Additionally, Carbonite™ senior solutions consultant David Browne warns that even business-grade storage solutions may not have the restore capabilities you need to quickly get your organization back up and running after a data loss event.
Browne explains, “Let’s say you have the type of cloud storage where you have a local backup appliance that allows you to connect to Amazon S3 to write your data out there. That’s a great step since part of your cyber resilience strategy should be to store copies of your data off-site. But if the appliance on the ground that connects you to that cloud goes down for whatever reason, that storage in the cloud may become useless. You can't restore your systems and get back to work until you rebuild that appliance, taking valuable time your business may not have.”
But with a true cloud backup service, that’s not the case. “Even if a local appliance on the ground went down, a well-designed backup service would allow you to access the data directly from the cloud, start the restore, and start building up your mission critical systems right away so you could get your business back to normal fast. Then, when everything is up and running again, you can worry about rebuilding that local appliance for your local copy of your backups.”
Differences in Ransomware Recovery
Another major differentiator between cloud storage and cloud backup becomes clear when we talk about ransomware. Most cloud storage solutions do not include integrity checks to ensure your data is uncorrupted before copying it off-site. That means if your data gets damaged through a ransomware attack or old-fashioned hardware failure, a cloud storage solution wouldn’t know the difference, and could overwrite perfectly good files with bad ones.
“If ransomware hits your site,” Browne begins, “and you’re just sending your data straight out to the cloud, you’re going to be out of luck. Typically, you have a straight file copy command that copies the data on the ground up to the cloud over a public connection, on an open protocol. So, once the malicious actors have the credentials they need, they can send the ransomware through that S3 connection up to the cloud and encrypt all your off-site data.” He says it’s the same in cases of a local backup server that’s being replicated out to the cloud; if it’s just going to cloud storage and the server is hit with ransomware, then there’s no safeguard to protect the data in the cloud from being encrypted.
Attacks on data have evolved drastically, but data corruption due to hardware failure and physical damage is something most backup services have been able to detect and handle for a long time. As an example, Browne talks about how Carbonite’s replication process works. “For a start,” he says, “we’ll only accept a connection that’s fully authenticated through our service. Each file is assigned a checksum, which is validated as part of the backup process. Some of our processes can change files, and the checksum is adjusted accordingly each time. That way, if anything other than one of our processes changes the data, our service can automatically recognize that the file doesn’t match.” Although Carbonite backup services can’t detect whether the change happened due to ransomware or some other cause, it will recognize the data as broken, and, as Browne puts it, “we just don’t replicate corrupt data. The service is specifically designed not to.”
Moreover, backup services like the ones Carbonite offers provide file versioning, meaning you could restore files from a particular point in time prior to any data corruption. Between the integrity checks and file versioning, your backed up data effectively remains pristine.
Differences in Issue or Threat Detection
Yet another difference arises in terms of your ability to detect issues with your data. For example, if a scheduled backup fails, it’s important that you know about it right away. You don’t really have this option with cloud storage, but you do have it with the standard reporting a backup solution provides.
Additionally, a missed backup can be an indicator of compromise. Malware groups who work together to increase their likelihood of a successful attack may first infect a network with a Trojan that will listen for domain credentials. After gaining domain credentials, the attackers can perform recon to determine which systems are the most critical and begin tampering with any backups, so that a later ransomware or other malware attack can achieve maximum damage.
“If you’re using a backup service that runs on a schedule, then you can set reports and alerts, so you know immediately if something has changed or gone awry,” Browne says. “Plus, you can log into your management dashboard and see right away if something is wrong.”
Theoretically, if you noticed several missed backups, you could begin investigating a potential compromise earlier on in the attack cycle, and then do something to mitigate it before catastrophic damage could occur.
Differences in Admin Support
“Back when I was a sysadmin,” Browne recalls, “I remember that testing backups was the most important thing I never had time to do. It’s a best practice for a reason, but it was time consuming and there are so many day-to-day tasks that end up taking priority, so you put it off. But when something happens and you have to do that restore, you’re crossing your fingers, hoping and praying that the backup you didn’t have time to test isn’t corrupted. Nobody wants to be in that situation.”
With cloud storage, you’re responsible for your data, backing it up, versioning it appropriately, testing it, ensuring it stays intact and uncorrupted, and if something bad happens to it, you may not get the support you need. With a cloud backup service, you can create automatic and custom backup schedules, ensure data integrity, get alerted about any failures right away, restore data to a specific version or point in time, and much more. All of these features effectively help you prioritize data protection tasks and use admin time more efficiently. In addition, when working with an established backup vendor, you can benefit from having an award-winning support team on your side to ensure your backups are configured the way that is most beneficial to your unique business needs and available resources.
As you can see, while costs between cloud storage and cloud backup may vary widely, this variation aligns with the type and amount of service you’re getting. In the end, the biggest justification of cost can be summed up in that one word: service.
A cloud storage solution is an excellent and cost effective way to keep copies of your data off-site if you’re able to manage it properly and aren’t as concerned about the security or integrity of those files.
But if you want something that can give you better control over your data, prevent corruption by ransomware and hardware failure, put admin time back in your day, and give you the peace of mind that your data will be where you need it, when you need it, as you need it, then you need a cloud backup service.
Explore the range of Carbonite cloud backup and recovery services here.