AWS Public Sector Blog
A Guide to Backup and Recovery in the DoD
As the growth of Department of Defense (DoD) data accelerates, the task of protecting it becomes more challenging. Questions about the durability and scalability of backup methods are commonplace, including this one: How does the cloud help meet my backup and archival needs?
The mission-critical nature of data within the DoD means that business continuity ensures that tech infrastructure and systems continue to operate or recover quickly, despite serious disasters. Currently, defense agencies may be backing up to tape, sending data to a base or contractor site, or sending to a third party to distribute and store with little control and significant expense. Then, when it is time to do a restore, it can take weeks to recover the petabytes of data.
With the AWS Cloud, those weeks to recover the data can be reduced to hours by using Amazon Simple Storage Service (Amazon S3) or Amazon Glacier for long-term backup. DoD backup data can sit in any AWS Region in the US, not only reducing costs but also reducing the requirements to provide backup connectivity.
Public sector organizations are using the AWS Cloud to enable faster DR of their critical IT systems without incurring the infrastructure expense of a second physical site. The AWS Cloud supports many popular DR architectures from “pilot light” environments that are ready to scale up at a moment’s notice to “hot standby” environments that enable rapid failover. Learn more about how to rapidly recover mission-critical systems in a disaster here.
Where to start?
When you develop a comprehensive strategy for backing up and restoring data, you must first identify the failure or disaster situations that may occur and their potential mission impact. Within the DoD, you must also consider regulatory requirements for data security, privacy, and records retention.
Read below for steps to get started with disaster recovery:
- Start somewhere and scale up: Choose what needs to failover and what does not. Some things may be more important than others, and some may still be working. A hybrid architecture approach can be an option based on who the mission owner is, the application, connectivity, and the Impact Level. Depending on the backup solution, you could archive to AWS, while maintaining recent backups on-premises.
- Increase your security posture in the cloud: AWS provides a number of options for access control and encrypting data in transit and at rest.
- Meet compliance requirements: Data custody and integrity must be maintained. The Commercial Cloud Security Requirements Guide (CC SRG) lays the framework for data classification and how cloud providers and DoD agencies must work to control access. The AWS Cloud meets Impact Level 2 (IL-2) for all CONUS regions, has a PATO for IL-4, and waivers for IL-5 in the AWS GovCloud (US) Region. This allows DoD mission owners to continue to leverage AWS for their mission-critical production applications.
- Test the system: DR plans can often go untested until a major change is made to the system requiring documentation updates. With AWS, you can test whether the backup was successful, by spinning up and validating the backup data completed successfully and compare it to the existing environment on premises.
In the field, backing up to Amazon S3
AWS works with many of the industry-leading backup and restore solution providers and backup storage manufacturers. This makes backing up to the cloud even easier by providing direct targeted access via API calls to AWS Cloud storage solutions. Many of these solutions can also help to instantiate backup data tests or entire DR environments in minutes.
For example, defense teams are leveraging CommVault media servers that point to a NetApp AltaVault appliance as an on-premises caching mechanism. The Altavault uses an S3 API call to push the backups to S3 buckets in the AWS GovCloud (US) Region. The customer’s media servers were able to target multiple storage solutions to test the best case scenario, pushing backups to their existing tape library and the Altavault appliance and S3 simultaneously. S3 was determined to be the lowest cost solution for long-term data storage. This solution eliminated the need for their tape library hardware refresh, as well as eliminated the need for off-site tape set rotations, resulting in cost savings and operational improvements.
Download our “Backup and Recovery Approaches Using AWS” whitepaper here for the technical steps agencies take to get started today.
Whether you are interested in backup and recovery, security, or DevOps, there is something for everyone at the AWS Public Sector Summit June 12-14 in Washington, DC. Join Telos and AWS, and register today!
Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox, or contact us.