HYCU offers free AWS EC2 data protection – we test drive it

HYCU offers free AWS EC2 data protection – we test drive it

Chris EvansCloud, Cloud Practice, Data Practice: Data Protection, Data Protection, HYCU

HYCU Inc recently introduced a “Free Tier for Life” option to protect workloads running in AWS.  Developers, end users, basically anyone can use this option to manage secure copies of data.  So, what’s on offer and how does it work?


HYCU is a data protection vendor with solutions that span multiple public clouds, on-premises, SaaS, and Kubernetes solutions.  The company made its name supporting Nutanix workloads and, from there, quickly expanded to the public cloud, VMware, and containerised applications.  You can learn more about the range of offerings from HYCU through our dedicated microsite

Shared Responsibility

Figure 1 – signup

It’s worth quickly discussing why 3rd party data protection in the public cloud is needed at all.  AWS and all the public cloud vendors of IaaS and SaaS work off a shared responsibility model.  AWS, for example, promises to ensure its platform is available and operating within the service level agreements published.  This means (at best) recovering from hardware failure such as server crashes or data corruption.  The extent of this agreement is narrow; AWS will not keep application-based copies of data and offers little in the way of compensation for any service outage (generally service credits).

Data protection is the responsibility of the customer, either the application owner or someone acting on their behalf (such as a dedicated infrastructure operations team).  This fact is often forgotten until data needs to be recovered, but by then, it’s too late.

Free Tier

HYCU is offering a free tier of data protection to any AWS customer.  We took the solution for a test drive to see what’s available.  The first step is to fill out the basic information available through this link.  This starts the registration process and provides a link to the HYCU environment, once deployed.  After a mandatory password reset, the user enters their AWS account number and a brief description.

Figure 2 – linking AWS Account

One requirement of all SaaS offerings that access data in IaaS platforms is to configure IAM and provide connectivity to applications and data.  HYCU simplifies this process through a CloudFormation stack that automates the configuration work (see figure 3).  Once this process completes, the deployment discovers resources (EC2 instances as shown in figure 4), enabling data protection coverage to be completed.


In the free tier, the only option available to users is “snapshot”.  In my testing, I assigned the snapshot policy to my three test virtual instances and, as shown in figure 5, quickly had snapshots procured by HYCU.  I can also set snapshots as the default protection policy, so new virtual instances automatically get configured with protection.  HYCU detects new virtual instances within minutes and automatically protects them (figure 7).

Figure 3 – CloudFormation for IAM Access


Now the most obvious logical question to ask is why use HYCU and not, for example, just use scripted snapshots or AWS Backup?  It’s possible to use the snapshots option in AWS and automate via Lifecycle Manager.  However, this feature uses a cron-based scheduling scheme, so it doesn’t automatically protect new virtual instances until the timer is hit.  That means it’s possible for an instance to be created, used for a few hours, and destroyed without any backup taking place.  AWS doesn’t provide granular file-based restore, so recovery of individual files will incur more time and effort using basic snapshots.

Figure 4 – initial instance discovery

Of course, AWS offers a backup solution natively in the platform.  However, as highlighted earlier, protection is based on scheduling rather than instance discovery.  Additionally, AWS Backup takes time to learn and configure correctly, per account.  Whereas HYCU allows AWS multiple accounts to be mapped to a single HYCU account and also offers cross-region DR (instances and volumes can also be cloned or restored between accounts).

Figure 5 – assigning snapshot protection

For ongoing management, HYCU has daily notifications and proactive alerts.  Once configured, users get updates on the status or failure of the backup process.

Figure 6 – Snapshots in AWS

Probably most important, though, is the separate inventory implemented by HYCU.  This makes it easier to locate and find historical snapshots, especially for deleted instances.  Overall, the data protection process is just easier with a dedicated backup platform.

The Architect’s View®

Figure 7 – assigning a default policy

Data protection isn’t the first thing developers consider when working in the public cloud.  HYCU offers a “set and forget” methodology to ensure data is protected for any instance in the user’s AWS account.  What’s the rationale for HYCU?  Naturally, the free tier exposes developers to a solution that might not have been considered before.  The user experience has been constructed to make it simple to upgrade to a paid tier, with additional features (which can easily be done within the GUI).  Naturally, HYCU hopes AWS users will upgrade, but for anyone wanting free managed data protection, HYCU is one of the easiest solutions to adopt that we’ve seen.

Copyright (c) 2007-2022 – Post #1610 – Brookend Ltd, first published on https://www.architecting.it/blog, do not reproduce without permission. HYCU Inc, is a client of Brookend Ltd, however this is not sponsored content. HYCU has no editorial rights or prior access to this content. HYCU is a Tracked Vendor by Architecting IT in data protection.