Which backup solution is better? If you are looking for a simple answer, pointing to the better solution, this article isn’t probably for you. Cloud and local backup solutions are different and to decide which one is better for you, you will have to consider all their pros and cons. The comparison below shows you all the good and dark sides of those different approaches. Let’s leave the marketing mumbo-jumbo for others – neither solution is simply the perfect one for everyone.
One rule of thumb is to back up data residing in the cloud to a local storage and to create cloud-based backups for the on-premises servers. This is a reasonable option, but still, it will not be perfect for all situations. That is why it is best to analyze your specific deployment and see what will work best for you. What is more, the comparison between the cloud-based and local backups is just the first step. The next phase is checking if the specific tool has all the features you need.
Quick cloud vs local backup comparison
|Many cloud services offer availability on a level of 99.9 percent and higher.
|Limits do not apply to local storages.
|Necessary evil for all cloud solutions. You have to trust your service providers.
|No third party is involved in the process.
|There are special regulations concerning government-related information. In some cases the cloud is just not an option.
|Everything is under the administrator’s control. It might be much easier to ensure compliance with all data storing legislation.
|Subscription fee, technical support.
|License for the backup software, possibly additional data storage devices, modernization and upgrade of the storage later on.
|Backup and recovery speed
|Usually slower, depends on cloud service and internet provider limits.
|Usually faster, depends mainly on your LAN connection
There has been an ongoing discussion about the security of the cloud. Can you ensure maximum protection for data transferred over the Internet? Well, as long as the connection is encrypted, it should be completely safe on the move. The problem is, the cloud can be accessed from any place in the world, as long as it has access to the Internet. This accessibility creates some potential threats. Firstly, your data can be attacked from pretty much anywhere. Secondly, there is a possibility that someone with the access to sensitive data enters their credentials on their personal, or someone else’s PC. It could be done “just to check something,” nonetheless, a chance for this credentials to leak skyrockets in this event. Personal computers usually are not as well-protected as those in a company, which have an administrator to look out for them. With poor protection, passwords can be stolen with keyloggers, or even recorded.
Surely, there are ways to make such attacks less probable. For a start, make sure that your cloud services provider offers multi-factor authentication. MFA can be very annoying in the long run, true, but it also is one of the best ways to prevent unauthorized access. Also, limit access to critical cloud services only to trusted and highly aware people, or make them realize how important it is.
When it comes to the raw data in cloud storages, it should be safe. If you can afford a large data center, you cannot afford not to invest in its protection. However, data leaks are possible, even if they do not happen often.
Local backup solutions leave everything in your hands. On the one hand, you get the complete control over your (and your clients’) data; on the other, you are in charge of ensuring adequate security measures.
If you back up data from the cloud, it will have to travel through the Internet, so make sure that data is encrypted. If you only want to backup information from a local, on-premises server, the encryption does not seem as crucial. Don’t be fooled, though, internal attacks are not as unlikely as you might think. Test the tools thoroughly before actually deploying them.
Another tool-dependent issue is the storage protection. If a tool enables you to protect data with a password, it should prevent any unauthorized access. Most security-related issues known from the cloud do not apply to the local backup. The local backup solutions should be completely secure. That is unless you go with setting “admin” as your login and password.
The keyword here is SLA (Service Level Agreement). Many cloud services offer availability on a level of 99.9 percent and higher. 99.9% availability means that you will probably suffer from downtime for around 43 minutes monthly. Another 9 decreases the potential unavailability to slightly above 4 minutes monthly. Most companies struggle to increase their availability even further.
The numbers do not look bad if the SLA is high enough. Unfortunately, server downtime is not the only limiting factor affecting the availability of services. To access the cloud, you need an Internet connection. Have you ever experienced problems with your Internet connection? It is not that uncommon.
Those limits do not apply to local storages. You decide when your data is backed up (preferably an on-going incremental or differential backup) and when to schedule maintenance for the machine with storage. No matter if you are connected to the Internet or not, you can search through your data instantly. That is a feature indispensable, for example, in case of litigation.
Now, this is an aspect where opinions differ very much. To be completely sure which solution will be more costly, you will need to do some math. Here is a list of things you have to include in your calculations:
- The cost of a cloud backup solution is rather easy to deduce – it is a subscription fee, usually paid monthly or yearly.
- It is worth checking if the subscription fee includes all the features you need and the technical support.
- The cost of a license for the backup software.
- Might require additional data storage devices.
- Possibly a need to modernize and upgrade the storage later on.
Cost-wise, the greatest difference between the cloud and the local backup solution is that, usually, in the former, you need to pay as you use it, while in the latter, you invest in the hardware and software once. Additional investment in security measures is not obligatory – you have to ensure your data safety on each PC anyway. After all, what is the point of securing crucial, business critical information on the backup, if it can be easily intercepted or stolen from other devices? It might sound like a cliché, but you need to remember about looking at the backup from the broader perspective.
Backup speed depends on many factors. In this context, local backup has a clear advantage. Both backup and restore speed depends mainly on your LAN connection. In the case of the cloud, there are a few bottlenecks.
To provide equal, or at least, similar experience for all users, cloud service providers have to introduce thresholds or speed limits. If you have a lot of data to secure, those thresholds can prove to be a problem. Besides that, your Internet is not likely to reach the speeds you can get on a local network. What is more, if you want to have a continuous backup solution, you have to think about the impact it will have on users. Too much traffic to the cloud-based backup service might lag the Internet connection for employees. Sometimes it makes it reasonable to schedule backups outside of the office hours.
Depending on third parties is a necessary evil for all cloud solutions. Why evil? You have to trust your service providers. They store your data. They have to comply with all regulations concerning data security. Also, they are in charge of all the security measures taken to protect your data. Of course their business depends on their reputation; nonetheless, you can find it hard, not to mention – unreasonable, to trust just any other company completely. The situation complicates further if your cloud service provider outsources some of their aspects to a third party.
When it comes to local backups – as long as no data is automatically transferred to a third party “for analysis,” you can rest assured that no third party is involved in the process.
Some countries introduce data localization policies (applies to PII collected from Russia, Indonesia, Australia, to mention a few). Those legal acts require data collected from citizens to remain within the borders of a country. You have to know where your stored data is. Simply saying “it’s in the cloud” is not enough. You have to make sure that you will be able to control the physical location of the data by choosing the target data center, and making sure that no data leaves this data center, for example, in case a failover server is turned on. Some data localization acts apply to all personally identifiable information, while other concern health and medical information. Moreover, there are special regulations concerning government-related information. In some cases, regardless of its good sides, the cloud is just not an option.
Data localization policies and other security-related acts cause local backup solutions to be more attractive for the government and companies which deal with highly-sensitive data. In local backup solutions, everything is under the administrator’s control. As such, it might be much easier to ensure compliance with all data storing legislation.
Suggested local email backup solution
If, after the detailed analysis of your situation, you decide that the local backup solution is what you are looking for, you still have to choose the right software. As I mentioned before, there are some software-specific features and simply selecting a program because it is local or cloud-based will not guarantee you will have everything you need. That is why I present a good example of a local backup solution which works:
CodeTwo Backup for Office 365 – for Office 365 tenants and CodeTwo Backup for Exchange – for the on-premises Exchange Servers backup emails from the corresponding servers to local storages. Emails are the backbone of pretty much any business – they include all kinds of personally identifiable information, details about users and clients, and, very often, most of the business-critical information. Both solutions proposed above come with many security-oriented functionalities, topped-up with an easy to use and powerful UI. The most important features are:
- Encryption and password protection – which make it secure even in case of an internally-sourced attack.
- No third-party involvement at any point – which means you do not have to worry if your providers abide by the legislation that applies to your data.
- No impact on users – you set it up, and all or chosen data is backed up according to the schedule. Users do not even have to know there is a backup software working.
- Easy-to-use search tool – No matter if you need to find all data relating to a customer, or if you need to collect data relating to a litigation case, you can easily find and restore the required data to the location of your choosing.
- Support for Office 365 MFA – CodeTwo backup solutions support Office 365 multi-factor authentication. Thanks to that, you can use CodeTwo Backup for Office 365 while protecting your tenant with strict authentication policies.