Do people seriously NOT perform backups via independent methods utterly independent of their primary cloud service provider?
No one remembers Photobucket or the hundreds of other cloud services that went "poof" into the night?
There is no cloud, just someone else's computer - always have backups of some other means. A different provider with a different account, alternate mechanisms (i.e. email addresses with different email providers, etc.) to get to that data and accounts...
It's even easier now with VM's, snapshots, free open source backup software that understands all of that - fairly inexpensive commercial solutions like veem - there is zero excuse.
My favorite was a small SAAS provider that had all their backup infrastructure on AWS under the same account as the test/dev and operations - and someone got in and deleted it all. Partitioning - yes, it's an essential thing. And not just for technical. Separation of duties. Requiring concurrence by more than one person for critical operations. Lessons that should have been learned from past experience.
Peoples (especially developers) eyes glaze over with documents like NIST 800-53 - but all those controls exist from experience. The bigger/more critical your system is to your survival, the more of those controls you should have answers for!
Honestly, they generally don't go poof. I remember I had a VPS for more than 10 years with Hetzner. No poofing till they had to get rid of that offering. I have the backups but I think now I prefer just running on GKE + RDS for funsies. Costs a bunch (like $50/mo) but I don't have to worry about anything.
And fuck me if I'm ever writing a BIND zonefile ever again.
Only if you let them.
Do people seriously NOT perform backups via independent methods utterly independent of their primary cloud service provider?
No one remembers Photobucket or the hundreds of other cloud services that went "poof" into the night?
There is no cloud, just someone else's computer - always have backups of some other means. A different provider with a different account, alternate mechanisms (i.e. email addresses with different email providers, etc.) to get to that data and accounts...
It's even easier now with VM's, snapshots, free open source backup software that understands all of that - fairly inexpensive commercial solutions like veem - there is zero excuse.
My favorite was a small SAAS provider that had all their backup infrastructure on AWS under the same account as the test/dev and operations - and someone got in and deleted it all. Partitioning - yes, it's an essential thing. And not just for technical. Separation of duties. Requiring concurrence by more than one person for critical operations. Lessons that should have been learned from past experience.
Peoples (especially developers) eyes glaze over with documents like NIST 800-53 - but all those controls exist from experience. The bigger/more critical your system is to your survival, the more of those controls you should have answers for!