Backup vendor guarantees - are they worth anything?

Earlier this month, Druva announced a new Data Resiliency Guarantee aimed at providing financial compensation if the company fails to maintain agreed SLAs around data protection and security. Rubrik (another backup company) also provides a Ransomware Recovery Warranty. Are these guarantees worth the digital paper they are printed on?

Background

Vendor product and service guarantees are nothing new. You may remember EMC’s nebulous inline services guarantee from 2014, which provided recompense should a customer be able to prove their XtremIO system was in any way throttling data services. I doubt any customer received a payout or even tried to claim during the 4-month period the warranty was in place.

Hitachi Vantara still appears to offer a 100% uptime guarantee, which has been in place for over 20 years. However, it’s not particularly clear what Hitachi offers if the uptime isn’t met.

Back in 2019, we discussed vendor guarantees on a Storage Unpacked podcast episode. Infinidat had introduced its own guarantee scheme, so we probed then EMEA CTO Eran Brown as to what the guarantee actually offered.

Finally, one other guarantee discussed on the podcast and in another post was that offered by HPE for its Primera storage platforms, which still appears to be in place.

Insuring for the Worst

Insurances and warranties are commonplace in daily life. We can warrant the replacement or repair of technology, while insurance covers everything from vehicles to pets to our lives. These policies are there to cover for unexpected and potentially expensive events, generally entirely replacing any loss. In most cases, the loss is either quantifiable (the value of a vehicle) or written explicitly into a policy (as with life insurance).

Valuing Data

When it comes to valuing our data, things get a bit more complicated. The loss of a few cat pictures isn’t going to break the bank, but the inability to process sales will definitely hit the bottom line.

Ransomware has made a data loss scenario even worse, with many companies choosing to pay a ransom (which could be tens of thousands of dollars or more) instead of going through protracted recovery.

Depending on the type of ransomware attack and the severity, data may be irrecoverable, in which case a business is effectively out of business. At this point, what value can be placed on the loss other than the value of the company’s equity?

Limits of Liability

As we’ve seen from the public cloud, no service provider will cover consequential losses (although it could be argued that SaaS vendors know the relative, if not the absolute value of data loss or outage for their customers). Instead, the customer may receive service credits, which generally cover system downtime and offer only a fraction of the service cost, let alone financial loss from the outage.

Public cloud customers are expected to put data protection plans in place rather than rely on the vendor. This concept makes sense because we know that public cloud service providers don’t have unlimited funds, and if any major outage or data loss did occur, there would be a long line of claimants wanting to be compensated.

Note: we recommend that any public cloud customer has data protection implemented that makes copies into another location with another provider, even if this copy is secondary and only used for emergencies.

Bearing all the aforementioned discussions in mind, guarantees from a data protection provider must offer a lot more than cloud service providers, so what are Rubrik and Druva doing?

Rubrik

Rubrik has a “Ransomware Recovery Warranty” that covers customers with 250TB or more protected in either Rubrik Enterprise Edition or Cloud Vault. Qualifying customers must also have a subscription to a Customer Experience Manager (whatever that means).

A claim under warranty is triggered when a customer’s data is infected with ransomware and only appears to pay out if Rubrik fails to recover the customer’s data. The compensation under the warranty is pegged at a maximum of $1000/TB but declines on a sliding scale based on tiers of capacity under protection (see this link for details).

Some of the Rubrik wording makes for interesting reading. For example, “you get the resiliency against ransomware that makes it easier and faster to recover from a ransomware attack while also identifying your sensitive data exposure.” – simply by taking out the warranty, the increased resiliency somehow improves recovery time.

Then there’s this statement – “Rubrik’s warranty assures you that your data will be available when you need it most.” Now, in my mind, “assurance” rather than “insurance” is a statement that something is guaranteed to happen. For example, we take out life assurance rather than insurance to guarantee payment on death (compared to insurance which is term-based and therefore may not pay out if you survive the term). Rubrik’s offering appears to be the opposite of assurance, as payouts are made only if data can’t be recovered. However, in any event, these statements are taken from an FAQ on the website, which isn’t a legal contract. To see that, you must get in touch and engage with the process.

Druva

Druva has taken a slightly different approach with its Data Resiliency Guarantee. This guarantee covers five risk areas (cyber, human, application, operational and environmental), each of which is assigned an SLA. Notably, the SLAs aren’t all 100% but reflect a more reasonable expectation of what Druva can provide. The specifics of the guarantee are backed up by a formal agreement, which clearly states that the guarantee is not insurance.

In a similar approach to Rubrik, the Confidentiality and Immutability SLAs (cyber and human risks, respectively) are tiered based on the level of customer subscription (and therefore storage capacity), up to a maximum cap of $10 million and around a 4:1 ratio. For example, just under a $500,000 annual subscription pays out $2 million. The remaining SLAs only receive a service credit equal to 10% of the subscription fees for any month of SLA failure.

The Architect’s View®

Comparing the two offerings, Druva appears to be focused on paying out for service failure. There’s no specific requirement to claim solely due to a ransomware attack. The guarantee is all about credibility and building trust in a SaaS offering. Rubrik also pays out if customer data isn’t recoverable, but only for ransomware attacks. This approach seems more “headline-grabbing”, especially as the warranty isn’t backed up by a publicly viewable contract.

However, in both cases, the value of data to you, the customer, is clear. It’s a dollar multiple of your application data under management, whether that be mission-critical customer records, archived content, or cat pictures. Let’s not forget that data protection is still your responsibility, even with SaaS offerings and especially in the public cloud, so review any guarantee in light of what the value of your data means to you.

We see these guarantees as statements of trust, rather than for their monetary value. While any payout can’t replace essential data, the way in which guarantees or warranties are offered says a lot about the value of the service.