The Importance of Cloud Data Backup

Lessons from the UniSuper Outage

Key Takeaways

Additional Resources

For more information on protecting your business from data loss, visit the following pages on Kwik Support:

• Risks of Not Backing Up Data
• Managed Backup

Introduction

The recent outage experienced by UniSuper due to a mis-configuration in Google Cloud services serves as a stark reminder of the importance of robust data backup strategies. This incident highlights several critical points about cloud data management, risks, and the necessity for reliable backup solutions.

The Incident

In May 2024, UniSuper, an Australian superannuation fund, faced a significant outage after Google Cloud accidentally deleted their Private Cloud subscription. This mis-configuration led to the deletion of UniSuper’s data across two geographical regions intended to provide redundancy and protection against outages. The outage lasted for a week, disrupting services and preventing members from accessing their accounts.

Read more here:
Unisuper
The Register
Data Center Dynamics
Daniel Compton

Key Lessons and Risks

1. Dependence on Single Cloud Providers:
   • The incident underscores the risks associated with relying on a single cloud provider. Although UniSuper had duplication across two regions, the deletion of the subscription affected both, demonstrating the potential for catastrophic data loss if not properly managed.
2. Importance of Regular Backups:
   • Fortunately, UniSuper had backups with another cloud provider. This contingency plan significantly mitigated the impact, enabling quicker restoration of services. Regular, off-site backups are essential to protect against similar failures.
3. Mis-configurations and Human Error:
   • The outage was not due to a cyber-attack but rather an internal mis-configuration. This highlights that human errors or software bugs can cause substantial disruptions, stressing the need for automated checks and robust backup protocols.
4. Business Continuity Planning:
   • Effective disaster recovery plans and regular testing of these plans are crucial. Companies must ensure their backup systems and recovery processes are reliable and can be activated promptly in case of emergencies.

Recommendations for Cloud Backup Strategies

1. Multi-Provider Strategies:
   • Utilise multiple cloud providers to distribute risk. Diversifying cloud services can protect against provider-specific issues.
2. Automated and Regular Backups:
   • Implement automated backup processes to ensure data is regularly saved and can be restored quickly. Schedule frequent backups and test them to ensure data integrity and recoverability.
3. Comprehensive Recovery Plans:
   • Develop and regularly update comprehensive disaster recovery plans. Conduct regular drills and tests to ensure these plans are effective and that all team members are familiar with the procedures.
4. Security and Compliance:
   • Ensure that backup solutions meet industry standards for security and compliance. Encrypt data both in transit and at rest to protect against unauthorised access.

Key Summary of the UniSuper Outage

In May 2024, UniSuper, an Australian superannuation fund, experienced a significant outage when Google Cloud accidentally deleted their Private Cloud subscription. This event highlighted several crucial aspects of cloud data management and the necessity for robust backup strategies.

Key Points:

1. Risk of Single Cloud Providers: The incident demonstrated the potential risks of relying solely on one cloud provider, as a single mis-configuration can lead to widespread data loss.
2. Need for Regular Backups: Fortunately, UniSuper had backups with another provider, which helped mitigate the impact. Regular off-site backups are essential to protect against similar incidents.
3. Human Error and Mis-configurations: The outage was due to an internal mis-configuration, not a cyber-attack, underscoring the importance of automated checks and robust backup protocols to prevent human errors.
4. Effective Business Continuity Planning: The importance of disaster recovery plans and regular testing was highlighted, ensuring that backup systems and recovery processes are reliable and can be activated quickly.
5. Multi-Provider Strategies: Using multiple cloud providers to distribute risk can protect against provider-specific issues, ensuring better data safety and redundancy.

For businesses looking to safeguard their data, it’s critical to have a comprehensive backup strategy that includes automated, regular backups and robust disaster recovery plans. The UniSuper incident serves as a potent reminder of these best practices.

Conclusion

The UniSuper incident is a potent reminder of the vulnerabilities inherent in cloud data management and the critical importance of having robust, well-tested backup strategies in place. By learning from these events, businesses can better safeguard their data, maintain continuity, and minimise the risk of data loss.

To learn more about how to protect your business from data loss, visit Risks of Not Backing Up Data and Managed Backup on Kwik Support. Our managed backup solutions provide comprehensive, reliable, and secure data protection tailored to meet your specific needs, ensuring your business remains resilient in the face of unexpected data disruptions.