MSPs claim to practice securing users’ cloud-based data and showcase their data center’s best security features. But, what happens if even industry best practices fail and customers experience data loss? Data recovery contingency planning needs to be an integral part of cloud storage security. Because some vendors scramble to work the angles and avoid answering directly in order to win contracts, we’d like to put it all on the table. You deserve to know the answer to the cloud management industry’s most taboo question: what happens if customer data evaporates in the cloud?
It’s the MSP’s responsibility
By using a cloud vendor or MSP, you’ve typically given the responsibility of hosting and maintaining your IT system to someone else. So, cloud storage security as well as data recovery falls under their umbrella of responsibility. To ensure a vendor is able to provide continuity by managing your data in a way that supports the best possible recovery practices, check their Service Level Agreement for the following:
Constant duplication and reinforcement measures can protect data if it has been compromised in a single location. For example, multiple data center locations, firewalls, file and print services, carriers, and Internet connections ensure that hosted materials are secure and protected during regularly administrated backups. [The Cetrom Hybrid Cloud infrastructure also offers an additional redundancy measure, as it permits on-site data storage.]
Your data should be backed up on a daily basis. Period. Every business day, users are making changes to your organization’s data. Even if a simple outage should result in data loss, your provider should be able to recover the most recent backup (which should be from the previous business day). Additionally, your provider should have backup uninterruptible power supplies to support these daily backups, as well as daily performance. Bottom line: there is no excuse for data loss under your MSP’s watch.
Practice makes perfect
Employing the best backup and redundancy measures means that stored data should be retrievable in spite of a catastrophic or Force Majeure event. But how does a cloud vendor go about recovering the hosted materials in the midst of emergency events? Just as fire fighters perform regular drills and training to prepare for the most precarious challenges they may face, your MSP should do the same… in a test environment, of course. A vendor can simulate outages and other business down situations to practice recovering data. These drills should be detailed in the MSP’s Service Level Agreement, along with the following contingency plan details:
Your hosted data is legally your property, so you have a right to know where it is at all times. This remains true even if a Force Majeure situation causes data loss. In case of this scenario, a provider should, at the very least, be expected to keep you in the loop on the recovery process. Some MSPs agree to provide a daily report to their customers, detailing progress and the actions taken to recover the lost data.
You should expect that your most current data be recovered and returned to you. After all, if your vendor was following the cloud management industry’s best practices, they would have backups from the most recent business day. Furthermore, you should expect service fees to reflect the services provided during these events. In other words, if the vendor’s servers are down for an extended period of time, your bill should be reduced. For more information on disaster recovery and cloud storage security, contact a Cetrom cloud professional today!