April 09, 2021

Why a Purpose-Built, Private Cloud is a Good Fit for Data Protection

By John Maxwell
Cloud BackupDatto SIRIS

The evolution of the cloud for backup and recovery

Data protection has evolved greatly over the days of on-prem tape backup. It wasn’t long ago that organizations sent their backup tapes offsite for storage in case of a disaster. And for large organizations, synchronous or asynchronous replication between data centers allowed for failover from the primary site to a secondary site in case of disaster.

With the growth in cloud computing, specifically public cloud providers like AWS and Microsoft Azure, the cloud has become a resource that organizations of any size can leverage. While many think of the cloud for computing either in the form of Infrastructure as a Service (IaaS) or Software as a Service (SaaS), the cloud can also be used for data protection.

From a data protection perspective, the cloud can serve as both a repository for backups and as a resource for disaster recovery. Disaster recovery today can be caused by anything from an extended power outage, a ransomware attack, a failed server, or any event that requires servers or virtual machines to be recovered in an alternate location.

Given the limitations of most networks, direct cloud-to-cloud backup isn’t feasible, at least for large workloads like those that run on servers or in virtual machines. Most cloud-to-cloud backup today is for endpoint devices. Additionally, it breaks the 3-2-1 rule where at least three copies of data are backed up using two different media in at least one offsite location. The 3-2-1 scenario is most commonly used in a scenario where primary local backups are replicated offsite for safe storage.

By having data offsite in a secure cloud environment, organizations can be assured that they not only have their primary and secondary backups available for recovery, but they have an alternate location to recover from.

The growth of DRaaS

Disaster Recovery as a Service, or DRaaS, has become wildly popular for managed service providers (MSPs) because it gives organizations the ability to recover all or part of their primary workloads in the cloud in the event their primary compute environment is not available. And thanks to virtualization, the recovery of workloads in the cloud can be as easy as spinning up a virtual machine (VM), attaching it to a specific backup data set (recovery point), and then connecting end users to the new VM (s) network. This process can take seconds to minutes depending on the process required to make the recovered workload available and the network connections established.

MSPs are ideal for delivering DRaaS because they have staff with the expertise in data protection, virtualization, and networking needed to offer the service. That said, the cloud resources needed to deliver DRaaS aren’t as simple as signing a contract with AWS or similar cloud providers.

The economics of using the cloud for backup and recovery

As mentioned, having the cloud resources needed for DRaaS or just for offsite backup retention isn’t as simple as it may seem. Cloud providers like AWS have many options, like S3 (Amazon Simple Storage Service) specifically for backup. The options are tiered based on performance and price. For example, S3 recommends the following for backup and recovery.

  • S3 Glacier – for object data
  • Amazon EFS – for file data
  • Amazon EBS – for block data

In addition to these storage options, AWS Storage Gateway is an offering for sending on-premises backups to AWS. Given the number of possibilities for storing backup data, two considerations should come into play when evaluating cloud options: Performance and cost. While one can argue the attractive price of AWS offerings like S3 Glacier, you aren’t going to recover data in seconds or minutes if it isn’t stored on storage that can provide the same or better performance as the primary storage the system is being recovered from.

Cost is a major factor because there are normally multiple copies of backups stored in the cloud to provide multiple recovery points from which to recover. The key variables needed to calculate the cost for storing backups in the cloud and recovering images (systems/VMs) would be the following for AWS:

  • S3 Standard Storage (priced per GB)
  • S3 Glacier Storage (priced per GB but would need to be recovered to S3 standard to recover from)
  • EC2 compute (a combination of vCPUSs, memory, and GB2 storage if not already allocated)
  • Egress outbound costs (priced by GB)

AWS and other public cloud providers are very transparent with their pricing and offer calculators to determine the compute, storage, and networking costs. The issue is how does an MSP calculate the cost for offering DRaaS to their clients based on so many variables?

There are personnel costs associated with defining and managing the compute environment to support the recovery in addition to the actual personnel costs to perform the recovery. All of these can make it challenging for an MSP who wants to offer a turn-key DRaaS solution to their clients.

And lastly, there is security. AWS has a shared responsibility model that clearly defines that AWS maintains the security of the cloud whereas the customer (e.g. the MSP) is responsible for security in the cloud. This means that the MSP is responsible for the customer data, platform, and identity access, operating systems, and more.

The administrative costs associated with security alone, not including Identity Access Management (IAM) software and firewalls can be challenging for MSPs who want to offer a competitive solution to their clients.

Public vs. private cloud

Given the many choices of public cloud providers, should MSPs look at private cloud-based solutions? It can be argued that data that resides in public clouds should not be stored with the same cloud provider for safety. The argument for private clouds ironically comes down to the same two considerations as the public cloud, performance, and cost. However, performance and cost include additional considerations for private clouds.


  • What is the availability of the private cloud?
  • What types of service levels exist for the time it takes to recover in the cloud?
  • What level of performance can be offered for production workloads once they are recovered in the cloud?
  • What level of technical support is offered for disaster recoveries in the cloud (live and test)?


  • What is the cost of storing backups?
  • Are there tiers associated with performance or the amount of storage used?
  • What compute costs are associated with recovering workloads in the cloud?
  • How long can a recovered system (s) run in the cloud?
  • What will the costs be to “failback” to the primary system? Egress fees? Round Trip charges for shipping hard drives?
  • Are there costs for DR testing?

Included in the category of private cloud is build your own (BYO) which can be daunting not just in the capital expenditure needed to build out the environment but also the liabilities associated with building and maintaining an “always-on” cloud capable of storing backups and providing platform recovering entire systems.

The Datto Cloud

The Datto Cloud is a private cloud built for data protection and in conjunction with Datto SIRIS provides an all-in-one business continuity and disaster recovery (BCDR) solution that spans backup and recovery to DRaaS.

The Datto Cloud is built to securely store backup snapshots for SIRIS while providing an always-on platform for recovery. Most importantly, the Datto Cloud is a proven platform for data protection.

  • 99.99999% reliability across nine geographically dispersed locations
  • Over 25,000 disaster recoveries of systems in a 12-month span
  • Over 10,000 cloud-based recoveries from snapshot backups stored in the cloud
  • Supporting the data of over one million end clients in the exabyte class cloud

Reliability is just one aspect of the Datto Cloud–the other is security. Given the growth in malware and hacking, backup solutions themselves are coming under attack. The Datto Cloud d is designed with security in mind.

SIRIS and The Datto Cloud

The combination of scalability and security along with proven always-on reliability make the combination of SIRIS and the Datto Cloud the choice for more than 9,000 MSPs around the world. The predictable cost model offered by SIRIS enables MSPs to deliver cloud-first backup as a service (BaaS) and DRaaS. The unique one-SKU approach to SIRIS includes all of the benefits of the Datto Cloud at no additional cost.

  • No tiers or additional costs associated with:
    • Data stored
    • Performance
    • Service levels
  • No hidden costs for:
    • DR testing
    • Compute, egress
    • Data seeding

By providing an all-in-one BCDR solution built on SIRIS and the Datto Cloud, MSPs can deliver cloud-first data protection to their clients with a predictable cost model that requires none of the costs or administrative overhead associated with solutions that utilize public clouds or build-your-own.

Additionally, the Datto Cloud combined with SIRIS delivers true 3-2-1 backup best practices by providing multiple backup copies (3+) on two different media with one or more copies offsite. While this backup rule seems simple in principle, without a cost-effective cloud to implement the rule, MSPs may be challenged to provide a backup solution to their clients.

Reliable Recovery

With SIRIS and the Datto Cloud, recovery of everything from files to entire systems is driven via a secure, intuitive interface. In addition to the Datto Backup Portal “Recovery Launchpad”, Datto provides 24x7x365 direct-to-tech support to assist MSPs with every aspect of recovery.

The Datto Cloud represents a major investment by Datto to deliver a reliable, scalable, and secure environment for MSPs to store and recover their clients’ data. Purpose-built for backup and recovery, the Datto Cloud requires no administrative overhead on the part of the MSP nor does it entail additional fees for the storage of backups or to perform recoveries. And since the exabyte class design of the Datto Cloud spans multiple secure data centers across the globe, MSPs can be assured they have production caliber resources to recover multiple client systems concurrently, minimizing downtime for their customers. All of this with a predictable cost model that is substantially more competitive than public cloud or cost fee-based private cloud solutions.

Suggested Next Reads