Backup and Data Security Benefits of Virtualization

By CIOReview | Friday, July 22, 2016

The dropping price of hard disk drives, boom in cloud based offerings, and decentralized orientation of information have altered the course of data backup technology. The traditional backup options such as Full Backups, Incremental, Differential and Synthetic Backup can very well be incorporated in the cloud. Several firms and analysts advocate for these approaches citing reasons of security and longevity. And the advancement in encryption, disaster recovery preparedness and virtualization has further imparted innovative capabilities to the data security and back up technologies.

Cloud based backup solutions addresses the vulnerability and cost issues of an in-house data centers, but still fall short due to bandwidth limitations. A Hybrid Cloud backup draws in the advantages of both the approaches by storing a local copy of backup along with a replication on the cloud. This is implemented through the use of an application that acts as both a virtual tape library and a gateway to the cloud.

When cloud services promise scalability, it is natural to expect a degree of speedy data recovery from backups aimed at reducing downtime. Virtualization allows running ‘multiple instances (networking, storage, visualization) on the same hardware’ there by adding flexibility to the cloud platform. It can therefore be improvised as a security and backup option.

Snapshots being a copy of the Virtual Machine’s Disk file (VMDK), can be used in restoring VM as they maintain the change log over time. They bypass disruptive, long running backup procedures thereby offering a fast recovery for the systems. Unlike traditional backup software that changes the format of the backup data, snapshots maintain the original disk-based format. Snapshot types include hypervisor, file-system, storage-infrastructure and backup-application snapshots. Many data centers resort to multiple snapshot methods.

The snapshot feature in VMs, originally introduced by VMWare, was considered as a liable data backup option as they often showed incompatibility issues in the context of application servers.  Lack of application-level support was a common complaint against using snapshots. As a measure to address this shortcoming, several vendors have begun incorporating application awareness into their snapshot mechanisms, allowing the system to maintain information about its applications such as state, resource requirement and utilization patterns which make it possible to optimize data layouts, caching behaviors, and quality of service (QoS) levels. Also, the feature has matured over the years; they can be taken at much shorter intervals, significantly improving Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO). For instance, the newer redirect-on-write (ROW) snapshot functions in a way such that applications remain least affected as compared to the earlier copy-on-write (COW) method. Thus snapshots became widely regarded as a speedy backup option.

Snapshot Manager Software which is often part of an application, a file system, hypervisor, software-defined storage platform or physical storage array; triggers snapshot and manages the multiple copies of metadata they generate. Snapshot utilities often built for specific applications are limited to the application(s) that they support, which means that the data center may require a separate snapshot process for each application.

Snapshots reside on the same storage mechanisms that they intend to protect and are as vulnerable to corruption as the data on the system. The method of saving storage snapshots on to another secure location is termed as Flat Backup and can be perceived to amplify the benefits of snapshots while being cheaper than traditional backup procedures. Many vendors also offer seasoned software to manage flat backup and recovery.

Instant VM Recovery is a feature offered by many vendors (although it is named differently across vendors). Being on the cloud is equivalent to being online, and backup files/snapshots are no exception to it. Workloads can be temporarily redirected to the backup storage while snapshots ensure that backups remain unmodified and the original VM is recovered in the background until the process is reverted after completion.

Despite all these supposed ‘innovation’ in backup offerings, the replacement of traditional backup software seems farfetched. In heterogeneous storage environments where offerings from multiple vendors are in use; flat backups may lead to compatibility issues and a snapshot based approach for data backup may not be the right way to go. Nonetheless, depending upon the sensitivity and crucial nature of data, organizations ranging from enterprises to government entities now have a number of options on the table to enforce strategies to secure as well as backup data.