Backup Vault for Compute Engine Backups & Cyber Resilience

 

Backup with Google Vault

Backup data is more important than ever. As ransomware assaults increase, more consumers are improving their security to safeguard their information. Usability and security are therefore given top priority. In terms of security, the regularity of ransomware and other assaults jeopardizes the assets and good name of a business. Streamlining backup management is crucial to reduce operational strain and increase agility at the same time.


To better meet your evolving needs, Google is offering three major changes to the Google Cloud Backup and Disaster Recovery (DR) service, all of which are now in preview:


  • With its immutable and indelible backup features, the new backup vault storage feature keeps your backups safe from tampering and unintentional loss.
  • A fully managed end-to-end solution for centralized backup management that makes data protection easy to use and allows for direct integration into resource management activities.
  • Integration that allows application owners to establish backup rules at the time of VM creation in the Compute Engine virtual machine construction process.

Keep your backups safe from unauthorized removal and modification

Backups are often the final resort for data recovery when production data is damaged or untrustworthy, as can happen following a significant cyberattack or user error. It's critical to protect your backups from future modification and removal in addition to backing up your crucial tasks. Backup vault provides secure storage for backups created by the Backup and DR service, allowing you to confidently obtain the protection your organization needs.

Methods for Backuping a Vault

Air-gapped isolation for backups makes sense.

Conceptually, data from your backup vault is stored in a Google-managed project and kept apart from your self-managed Google Cloud project. Since the underlying backup vault resources are hidden from view and inaccessible to anyone inside your company, direct attacks against them are precluded. The Google Cloud Backup and DR services' APIs and user interface are the only ways to retrieve backup vault data.

Control and compliance: required storage

When creating a backup vault, you have the option to include a clause requiring vaulted backups to be maintained strictly protected against deletion and change until the administrator-specified minimum enforced retention term has elapsed. With this layered protection, you can achieve backup immutability and indelibility goals. These objectives are frequently driven by security initiatives and regulatory compliance obligations.

Dependable and flexible recovery

Vaulted backups that are completely self-contained enable recovery even in the case that the original resource is inaccessible. In order to ensure that backups are still accessible in the event that the source project or resource is destroyed, backup vaults can also be set up in a project that is separate from the source project. Consequently, you can configure your backup policy to provide strong defense against the removal of the original project. This makes it easier to quickly restore production apps to newly established or ongoing projects in the case of a cyberattack. Additionally supported is recovery into projects configured as isolated recovery environments (IREs) for forensics and pre-recovery testing.

The backup vault feature was made available in preview form today and will be made generally available in the coming months. Compute Engine and VMware Engine virtual machines, together with Oracle and SQL Server databases, are all secured.

Make use of fully managed, centralized backup administration.

Customers often ask for a self-serving, basic backup solution that is intended for cloud applications and does not require any infrastructure. Clients are looking for a more adaptable approach that allows app developers to backup their virtual machines (VMs) while still having the central backup team oversee and manage them. This is to make sure that essential operational elements don't get in the way of the agility that companies require.


Google Cloud's new centralized backup management experience delivers simplicity with a fully managed solution that streamlines data protection and gives app developers an integrated, developer-centric, self-service approach.

Keep important data from your Compute Engine virtual machines in backup vaults


Three easy steps simplify backup setup with the new fully managed experience, which provides first support for managing Compute Engine VM protection: Creating a backup vault (storage), establishing a backup plan (schedule), and turning on virtual machine protection are the first three steps. The simplicity of this technique eliminates the need for complex preparations, freeing you up to focus on your core company operations rather than backup management.

Offering a direct line of communication to enable application owners

Platform managers may now backup Compute Engine virtual machines (VMs) because of an integrated experience during VM formation. By empowering teams to take control of their own backup plan from the moment a virtual machine (VM) is created, this feature simplifies processes and reduces the administrative burden on IT and central backup teams. By incorporating backup operations in the VM provisioning process, you can ensure that your data protection criteria are followed consistently from the beginning. Because of their connection with Google Cloud Identity and Access Management, administrators have flexibility and control.

Centralized reporting, monitoring, and supervision


The backup service enhances oversight and control by giving application owners the ability to manage backup policies centrally and conduct their own backups. This dual-layer approach ensures uniformity and compliance across the organization by finding the perfect balance between centralized control and operational flexibility.


To strengthen data safety even further, the system provides a wealth of monitoring and reporting features:

Scheduled backup and restoration tasks


Make sure these jobs are moving along as planned by keeping an eye on their progress. Monitor job progress, failure, and success using a single dashboard.

Reports that can be customized

Generate comprehensive reports on storage utilization, compliance, failed and skipped jobs, and protected resources, among other topics. Tailor these reports to your specific needs to gain valuable insights on your backup environment.

Alerts and notifications

Set up notifications and alerts to be notified when significant backup events take place. You'll receive timely notifications about important updates or about a failed job, so you can take the appropriate action.

Automation simplicity: Combine your existing systems with at-scale protection.

Automation is necessary for effective cloud resource management, and the new software integrates with your current virtual machine management suite. Whether you're using Terraform, APIs, or the gcloud CLI, the Backup Vault enables simple integration into your automated workflows. During the preview, you will be able to encrypt Compute Engine virtual machines using the UI and the gcloud CLI. Once the product is widely accessible, you may leverage APIs and Terraform to integrate backup processes as code on top of your existing infrastructure and into your wider VM management strategy. With this capability, you can be certain that your backup processes are both efficient and well-suited to your current infrastructure.

Post a Comment

0 Comments