If you've ever passed through a major airport in Ireland, perhaps stopping along the way to pick up a snack or duty-free item, chances are you have experienced the expertise of daa.
Formerly called the Dublin Airport Authority, government-owned daa manages two of the three largest airports in Ireland, along with subsidiaries dedicated to airport retailing and aviation consulting.
This diverse organization, with operations in more than a dozen countries, faces multiple challenges related to data backup and retention. Until a few years ago, most of daa’s 200TB of data was backed up via Veritas NetBackup on-premises across an environment of 25 physical and virtual servers. The data included data from critical airport applications, along with infrastructure data and regular file server data. While it took the 80-strong IT staff many hours each week to keep things backed up, it worked fairly well for years.
However, things began to get more complicated when the organization adopted Microsoft Office 365, a cloud-based application suite. Despite trying different methods, daa’s IT team couldn’t make the existing on-premises backup system work properly with Office 365 data.
“We needed something that was very scalable, and could back up and restore data across all of our workloads, because expanding our on-premises infrastructure meant engineering time, potential hardware issues and network support,” said Kevin Ryan, daa’s IT operations lead. “For something with the potential data growth of Office 365, we needed something that had the scalability, at reasonable expense, to mirror that growth.”
Must-Have Data Backup and Retention Security Features
As a semi-state organization, daa has a lot of eyes on it, especially when it comes to security.
Key requirements for a new backup solution included full encryption of data at rest and in transit, multifactor authentication and compliance with international information security standard ISO 27001:2013.
Because daa is based in Ireland, it also must adhere to the General Data Protection Regulation (GDPR), the European Union’s data protection law that protects personal data belonging to EU citizens and residents and requires that the data be stored in the EU. That gets tricky with cloud services, which tend to have data hubs across the world. To ensure compliance, Ryan’s team decided to choose only cloud services that house the data within Europe.
The ability to extend the native Office 365 retention period was another must-have. In addition to providing executives with the ability to retrieve email past 90 days or divisions with important data for a new project, there are plenty of legal reasons for longer retention periods, Ryan said. For example, if a former employee’s data is required for legal reasons, it might not be available without extra retention and backup, ideally in a different service. While Office 365 Legal Hold can help, Ryan noted that it requires knowing what’s needed in advance, which isn’t always possible.
Ryan’s team also wanted more granular backup for permissions, which it considered an essential part of the security equation.
“In some cases, the restoration capabilities can be as or more important than the actual restoration of the data itself,” Ryan explained. “For example, permissions of a SharePoint file structure online may need to be recovered to a point in time before an event, which could have had permissions altered. That means that people could have access to data who shouldn’t have access to it, which can be extremely disruptive and cause data loss and leakage.”
Retaining all data to one location also wasn’t an option, which ruled out Microsoft Office 365’s native backup. That made it key to choose another backup option. Doing so also would give daa an exit strategy away from Office 365 in the unlikely case that it was required.
“In the unlikely case that we would move something, like our email service, back on-premises, having an independent source for our data would be essential,” Ryan said. “Microsoft would still give us access to our data, but that wasn’t good enough. We needed to have at least one other option.”
Up, Up and Away
All of these factors added up to one truth: daa needed more backup, with more features, than Office 365 alone could provide. Focusing on a cloud-based backup solution made sense, Ryan said, and AvePoint Cloud Backup seemed to check all of the boxes.
Today, AvePoint intercepts all of daa’s Office 365 data, replicating it as it lands in any Office 365 service and backing it up within a few hours. If anything should happen in the intervening few hours, Microsoft’s retention window will kick in. Once the data is backed up in AvePoint, daa can restore it if and when required.
With an on-premises solution backing up about 200TB and the AvePoint backing up about 38TB of Office 365 data, daa would seem to be all set. But there was still the problem of its public-facing websites, which the organization had been backing up in a physical colocation data center managed by a third party. When the contract lapsed, the IT team chose to go with a cloud-based solution. Azure backup was a simple solution for a cloud-to-cloud problem.
As data continues to grow, daa continues to retain all of it, at least for the time being. Ryan admits that it’s not the best option, and the IT team plans to address retention issues soon. The team also is considering other options for consolidation, such as reducing the number of backup solutions, consolidating when possible.