{ Abhilash Kumar Bhattaram : Follow on LinkedIn }
Once you have moved to OCI Cloud - have you cross verified with Infformation Security Teams that the Company wide backup policies are in line with the backups with OCI Backups.
OCI Cloud backups are cloud defined but each oragnization policy has a different backup policy. A few things that information security team that regularly come up with are below
- Regulatory Alignment
- RPO / RTO
- Custom Encryption Requirements
- Retention Lifecycles
- Geographic Sovereignty
- Ransomware Defense
1. Ground Zero: Where Challenges Start
One main issue with Information Security Teams requirements to Databases in enterprises is understanding what does OCI provide out of the box
Relying solely on default OCI provisioning without an overlaid corporate strategy creates several operational and compliance vulnerabilities.
----------------------------------------------------------------------------------------------------
## 1. Ground Zero: Where Challenges Start
----------------------------------------------------------------------------------------------------
- "At a minimum" backups are created with the default Object Storage Bakcups provisioning available in OCI ExaCS and DB Systems
- There would be no Long Term Backup Strategy set up
The above two are typically the most common use cases OCI customers face.
2. Underneath Ground Zero:
Understanding Oracle Database Backups provide out of the box
Oracle OCI and DB System Backups provide two kinds of backups
- OCI Object Storage Backups This is the default backup mecahnism for any OCI Class of databases Documentation here : OCI Backup Services
OCI Object Storage Backups does not have a retention mechanism for Long Term backups but it is possibile to have a standalone backup which does not expire , this is a crucial area where compliance misses are seen. I had this clarification by spending a lot of time on documentation and working with Oracle Support.
- Autonomous Recovery Service Documentation here : ARS Documentation
----------------------------------------------------------------------------------------------------
## 2. Underneath Ground Zero: Finding the Real Problem
- One of teh difficult pills to swallow is that you have big gap of what is currently set up and what is needed for compliance
- Understand compliance/policy needs of the organization like Weekly, monthly , yearly backups and retention times
- Identify and separate the clss of databases ( as ExaCS have a different mechanism to DB Systems )
- Once you have put them together you need to set upa. framework for long term backups
- Remember a Backup is only as good as you can recover from it , so include sufficient testing plans
----------------------------------------------------------------------------------------------------
3. Working Upwards:
There are multiple ways of setting up Long Term Backups , but what works best is how we have a framework called TAB ( Total Automation Box ) and how systematically we plug in organizational requirements into this framework
----------------------------------------------------------------------------------------------------
## 3. Working Upwards: From Understanding to Solution
- Segregate the requirements into technical terms
- Identify the number of databases and the testing strategy for them
- Identify a method to automate the Lomg Term backups in a reliable way and showcase to auditirs on demand
----------------------------------------------------------------------------------------------------
How Nabhaas helps you
If you’ve made it this far, you already sense there’s a better way — in fact, you have a way ahead.
If you’d like Nabhaas to assist in your journey, remember — TAB is just one piece. Our Managed Delivery Service ensures your Oracle operations run smoothly between patch cycles, maintaining predictability and control across your environments.
TAB - Whitepaper ,
download here
Managed Delivery Services - Whitepaper ,
[download here](https://www.nabhaas.com/_files/ugd/dab815_96198a0627d64f75a3d3a2dce9bf185d.p
Top comments (0)