Changes in 2020 are forcing us to do more with less in many ways.
There’s a growing consensus in the IT industry that backup and archival are the low hanging fruit of the data center to benefit from cloud transformation. IT leaders prefer to consume them as a service instead of continuing with the high-cost and heavy-lifting approach of managing the software and infrastructure themselves.
Self-hosting versus vendor-hosted data protection solutions
As you move towards using HubStor for backup and archival modernization, you will have the decision to host your tenant in your cloud tenancy. Following is an exploration of the good and bad of self-hosting, and a look into the specifics of HubStor’s unique approach to SaaS.
What is your preferred cloud experience?
Not all cloud solutions are equal.
Many vendors’ cloud offerings work on the assumption that you will be the one installing, monitoring, and managing the deployment. For example, you need to spin up a virtual machine, install, secure, monitor, and manage the software deployment and cloud infrastructure yourself (far from a SaaS experience).
Software-as-a-Service (SaaS) is where the ideal experience lives.
However, most SaaS solutions have a multi-tenant design that would have your tenant running within shared infrastructure, commingled with other clients in predetermined cloud regions, without the option to self-host your tenant.
Therefore, the term self-hosting is typically misunderstood to imply you are taking the do-it-yourself approach to the cloud.
HubStor is turning this on its head. HubStor uniquely delivers the ability to self-host AND enjoy the solution as a pure SaaS experience. Yes, you read that correctly. The HubStor unified backup and archive platform is always a genuine SaaS experience regardless of who hosts your tenant (you, HubStor, or an MSP).
When self-hosting HubStor, you experience the platform as a pure SaaS solution – there is never any need for you to provision, monitor, upgrade, or manage the cloud deployment of HubStor software or its underlying cloud infrastructure. The only exception is if you elect to apply HubStor’s hybrid cloud capabilities (e.g., file tiering from on-premises storage or backup of on-premises virtual machines and file servers) that involve you running installable HubStor services in your data center.
Self-hosting a SaaS solution is a rare option
You won’t encounter the option to self-host a SaaS solution very often.
Today, precisely 42% of HubStor customers self host their HubStor tenant. The others host under HubStor predominantly, with a growing number hosting under an MSP since we launched the HubStor MSP Program earlier this year.
The reason that self-hosted SaaS is rare is that most SaaS offerings are multi-tenant architectures, and the support of self-hosted SaaS requires a significant engineering investment by the software vendor.
A self-hosted SaaS option such as HubStor requires the vendor to support and have developed the following:
- A single-tenant architecture model for its SaaS solution, and;
- A SaaS operations and security framework that automates the provisioning, upgrades, monitoring, maintenance, and billing of single-tenant deployments running in customer-owned accounts.
Why doesn’t everyone self-host if they have the option?
On the surface, self-hosting seems like a slam dunk approach to single-tenant SaaS. In theory, if you host the solution in a cloud account that is yours, then it looks as though you have de-risked the vendor relationship and given yourself full control.
However, there rarely is a material benefit to self-hosting. Vendor terms and conditions are equivalent either way, so there is no material gain in de-risking the vendor relationship or increasing your control.
There are nuances to self-hosting that will usually deter some companies from this approach.
The common deterrents to self-hosting are as follows:
- Too much red tape from internal security – Large enterprise customers can find that their internal security requirements are so arduous that self-hosting is nearly (or completely) impossible because of the SaaS nature of the solution. In other words, SaaS requires that the vendor has some level of access to provision and manage the deployment in your account. If your security regime is too strict to allow the vendor to access a dedicated subscription or resource groups, then self-hosting is not an option.
- Making compliance audits more of a thing – For organizations that want a precise compliance posture for audits and investigations, self-hosting may not be right for you. For example, if compliance requires tamper-proof records retention, self-hosting can make audits slightly more arduous because a good auditor will see that you have access to the underlying cloud resources. Therefore, in addition to vetting the controls of the SaaS solution, the auditor will want to examine your internal controls and activity logs about direct access to the cloud resources (since you have that level of access when self-hosting). If strict immutable storage requirements (SEA 17a-4) are in scope for you, self-hosting is achievable, but it adds a layer of complexity that people typically like to avoid.
- Your time is too essential for minutiae – If your goal is maximum efficiency with your HubStor backup and archive infrastructure (so that you can focus on more pressing IT challenges), then self-hosting may be contrary to your ideal SaaS experience. When you self host, you need to be somewhat involved in the initial deployment. You’ll need to create a dedicated subscription or set of resource groups. And you’ll need to create a user account and provide directory permissions. None of this is rocket science—we provide step-by-step instructions and can even walk you through it. There is the ongoing task of billing also. Either you will need to fetch and share the relevant billing data each month, or you will need to refresh and share the billing API key each quarter. If you must self-host and are unwilling to share the billing API key, then we provide you with a billing utility that facilitates you manually capturing and sending along the billing data each month. These things requiring your involvement are not huge tasks, but they are things that need your time and attention, which do not exist in the HubStor or MSP-hosted approaches.
- Insider threats are a concern – You must minimize and govern access to the subscription or resource groups that contain your HubStor compute and storage when self-hosting. If accidental or malicious data deletion was to occur, it could mean downtime for your HubStor tenant. In the worst cases, we can recover from a backup. However, a malicious insider may go after the backups too. For this reason, we recommend that self-hosting customers include HubStor’s cloud backup option for Azure Blob Storage—it maintains an air-gapped copy of your data and metadata.
- Slightly higher cost – HubStor offers better pricing when we host the tenant. It’s a simpler model operationally for us. And we see it as a safer model since there is no way for anyone on your team to accidentally or maliciously tamper with the tenant. Deployment and monthly billing are streamlined when HubStor hosts. Therefore, self-hosting your HubStor tenant comes at a premium.
When does it make sense to self-host your SaaS?
So when does it make sense to self-host HubStor?
- Compliance requirements – Legal or compliance requirements can necessitate self-hosting. For example, all of HubStor’s customers in the EU self-host as a result of interpretations of the EU’s General Data Protection Regulation (the GDPR).
- You want or need the Azure consumption in your account – In rare cases, we see a preference to self-host based purely off the desire for the HubStor-related Azure usage to occur in your account. Any of the following reasons can drive this:
- Your Azure pricing is special – Perhaps you have received discounted Azure pricing unique to your organization. By self-hosting your HubStor tenant, not only will you enjoy your special Azure pricing, but your HubStor pricing will be sharper also (because it is a markup-based pricing model).
- You’ve made a substantial commitment and need to use it – If you signed on to a considerable Enterprise Agreement, or perhaps allocated capital to Azure Storage Reserved Capacity or Azure Reserved Instance pricing, and need to use it or lose it, then by self-hosting HubStor you can incur more Azure usage in your account.
- You can pass on the costs – If your HubStor tenant is a component of your organization’s fulfillment of a large contract, for example, then self-hosting may be desirable because you can pass on the Azure costs.
- The warm and fuzzies matter – There can be a perceived risk and/or security benefit to self-hosting. If key people at your organization feel that self-hosting provides better security and reduces risk, then it should be the path you take provided that the pros outweigh the cons.
Backup and archive are not the aspects of IT that carry the most glory. However, they can be significant cost areas in the IT budget, and they can cripple a business if not executed right.
For most people, cost savings are a side benefit of shifting workloads and infrastructure to the cloud. The real motivator is the promise of simplicity and convenience, driven by the need to “do more with less” while focusing on the significant IT priorities that align with the future success of the business.
However, if you need to self-host, the excellent news with HubStor is that you absolutely can, and it does not mean you have to provision, monitor, and manage the deployment. HubStor uniquely offers self-hosting while keeping it an authentic SaaS experience.
Finally, we see that self-hosting is not as popular as one might expect. The majority of IT teams prefer to have HubStor host because it offers simplicity, reduces risk, generally costs less, keeps compliance audits straightforward, and is (in our opinion) more secure since fewer people have access.