The Joys and Pitfalls of DIY
For most of my life, I’ve been a builder. As a young child, my imagination was consumed with a passion for cars. I’d stroll down the hobby aisle and see flashy scale models of American muscle cars with their custom flame paint, exotic European sports cars with amazing detail. I was mesmerized. I would mow yards and haul brush in an effort to earn just enough money to purchase the kits and needed supplies to attempt my recreation of masterpieces depicted on the model box.
It was fun and challenging, but there’s one thing that even my imagination couldn’t overcome. I never built the model to its potential and never recreated the level of detail exhibited by the photographs emblazoned on the boxes. It wasn’t for lack of effort, but mostly lack of skill and experience. My glue would always overrun, stickers would adhere crooked or tear as I tried to stretch them across body panels. Painting was hard and I just didn’t have all the tools needed to achieve enough detail to recreate the example on the box. It was a lackluster outcome, even with a full instruction sheet carefully followed.
Now think about how a related situation exists in the cloud. We builders are presented with a world of possibility, and while we may possess the right skills, life is a little more complicated these days and we usually have numerous other priorities competing for our time and concentration. Of course the outcome is dependent on both. There are components where the quick version is ok; for example, we can get away with oversizing instances for a while. But some details of cloud architecture leave no room for error. This is especially evident when you look through the lens of data protection. Data protection is your final line of defense. If it isn’t built with care, you are at risk when you need recovery the most.
With AWS backup, the very basics of backup are provided. If your account is healthy, you can probably restore data. Let’s define health- the region has no outages, your production environment is mostly intact and backups are available. The risk is in the if. With AWS backup you can create a backup plan for your account, but you most likely only achieve an operational recovery point with an in account snapshot. Is this what you need? In the world of infrastructure as code, builders can also become destroyers. We have incredible administrative rights that allow us to manage an entire environment and these permissive roles aren’t without risk, especially when we can create and delete backups at will. The backup plan workflow has lots of prompts to help you achieve a ‘finished’ plan by choosing a default encryption or one of the default templates given, but these choices aren’t optimal as they are not designed to take into account the need to protect your backups from intentional bad actors or accidental deletions, and they don’t address availability due to regional outages.
In the world of infrastructure as code, builders can also become destroyers.
At Clumio, we remove the risk. We’ve built a Secure Vault for cloud data sources. Our solution creates an air gap between your cloud backups and primary access plane. This ensures permissive user roles can’t compromise retention and can’t delete a backup. With Clumio you can recreate your data, regardless of the health of your source account. You get optimal protection and simple recovery, even to other regions, while providing the reporting you need to pass the most stringent audit. Having a backup ready to help you in the worst case scenario sure sounds better than one that only works under optimal conditions.
I’ve come a long way as a builder. I know my priorities and limits, and know when to source out to experts. Take for example my latest project: While my skills have improved in assembly, I’m still no painter. I could probably invest in learning that skill, but that’s just not where I value spending my time. Instead, I’ll source that important part out to ensure a beautiful outcome, instead of risking the outcome quality, timeline, or both by doing it myself.