The rise of ransomware attacks highlights the importance of effective backup planning, especially because cybercriminals target data backups to cut off any possibility of recovery and force their victims to pay.
Many companies wrongly assume that adequate backups are automatically included in the service provided by their hosting partner or hyperscaler. This is not the case, and companies should have backup plans tailored to their systems, irrespective of how they are hosted.
Migrating to the Cloud means that the traditional backup leaves its comfort zone of data restore to enable more elaborate scenarios. However, the transition from traditional tapes and backup robots to API-called services requires substantial change.
“By moving to operation in the Cloud, we are changing the way of designing backups, because the technological base is totally different.”
Jérôme Mollier-Pierret, the director of SAP outsourcing at PASàPAS.
One more notable development in recent years has been the increase in data volumes, particularly noticed in SAP environments since the migration to the In-Memory HANA database: you have to manage growing volumes with ever shorter recovery times.
Hyperscalers may offer short recovery times, but their standard services are often platform-dependent and unsuitable for the SAP application context. As Brian Passante, Cloud & Innovation manager at PASàPAS, explains: “in practice, these solutions, which operate in snapshot mode, offer no guarantee in terms of data integrity, nor the ability to restore a specific point in the past, and both features are essential when dealing with SAP systems.’’
Also, the announced restore speed is only possible because this operation is limited to the index files, and the data files are then restored on demand. In the context of SAP applications, this results in disastrous performance on the first transactions following a restore, which is incompatible with the commitments made by PASàPAS to its customers.
This combination of factors led to PASàPAS designing and implementing a backup solution for SAP environments hosted on the Cloud, meeting the performance levels our clients require.
Faster restore that supports the transformation of IT operations
PASàPAS designed its backup solution specifically for SAP environments hosted on the Cloud. This solution had to deliver high restore speed, integrate into complex chains (via APIs), be hyperscaler-agnostic, and offer optimized operating costs in a FinOps logic.
Having to meet all these criteria is what led to the choice of an Open-Source core component, enabling backup in deduplicated mode, around which the PASàPAS teams then built the functionalities needed to support the backup of SAP environments, in all their complexity: backup of operating systems, log files management, scheduling, database backup, etc.
The solution developed by PASàPAS allows businesses to go beyond the limits of the services offered by hyperscalers, whilst building on the strengths of their platforms. “This solution doesn’t just allow us to restore a production environment to the Cloud very quickly, it also supports all our use cases, including Move-to-Cloud and DRP as-code” adds Jérôme Mollier-Pierret.
Read our article Increase the resiliency of your SAP systems by leveraging the Cloud and PASàPAS’ DRP-as-Code
So, unlike tapes, which can barely be used for anything other than restoring data, backup in the Cloud also supports the transformation of IT operations.
Increased protection against ransomware
Our solution natively provides protection against data encryption by ransomware. “We take advantage of the immunity provided by storage in blob mode in the Cloud,” notes Brian Passante. “To encrypt data, it would have to be downloaded, corrupted, and then put back in the same place. Because of access rights based on short-lived access tokens, this is basically impossible in practice.”
Also, whilst many backup solutions still work with catalog mechanisms, which constitute a point of weakness for a cybercriminal, our approach relies only on local directories, stored on each machine and which are self-reproducible: “the backup embeds an index allowing the directory to be rebuilt”, explains Jérôme Mollier-Pierret. The operating systems, the log files, and the database itself are backed up with different time frames and can be restored independently of each other.
Everything is, of course, fully integrated into the PASàPAS supervision environment.
A multi-cloud approach to backup
The PASàPAS solution has now been in operation for more than four years, with all our Cloud customers.
“We are able to restore and rebuild a 5 TB fully operational database in an hour and a half. This timeframe also applies across ten databases of this size, all restored in parallel. There must be a limit to the performance offered by hyperscalers, but we have so far never succeeded in touching it.”
specifies Brian Passante, the Cloud & Innovation manager of PASàPAS.
The solution is also regularly improved by our teams both to support SAP HANA, AWS, Microsoft Azure, or Google Cloud Platform evolutions, and to incorporate functional improvements offered by PASàPAS.
The next step on the roadmap will be to include multi-region and multi-platform Cloud backup and restore.
Today, it is technically possible, but insufficiently automated. This is an essential point because the solution developed by PASàPAS relies on the autonomy of the different machines for their backup and restore operations. This means that each machine must be able to rebuild itself from scratch.
In a multi-cloud context, this choice leads to a multiplicity of different cases, as each hyperscaler offers multiple options, with technical and economic trade-offs specific to its platform. So, many scenarios must be automated via scripts.
“We also touch the orchestration chain that works in the background,” notes Jérôme Mollier-Pierret, which means this development has an impact on many other systems.
This integration requirement clearly illustrates how the status of backup planning has changed. It has transitioned from a discrete operation, grafted at the very end of a project, or even often neglected, to a key component at the heart of the managed services engine, natively integrated into the IT operations tools.
To learn more about our multi-cloud approach to backup, click here to arrange a call with our team.