Deploying Clumio

After you have finished registering your organization with Clumio, follow these general guidelines to get started deploying Clumio. Each section contains links to documentation that provides details. You may need to log in to Clumio to access some of this content.

Establish access management

Control user access to Clumio.

User provisioning

Add users to the platform. Identify who needs access to Clumio, then invite them using Access Management Settings.

SSO / MFA

The Clumio platform provides users with the ability to set up Multi-factor Authentication (MFA) or Single Sign On (SSO) to provide an additional layer of security. Any SAML 2.0 compliant Identity Provider can be configured with Clumio. See Authentication for detailed instructions on how to configure an SSO provider or MFA.

Organizational units

Organizational units (OUs) allow you to create logical buckets of assets within your organization made up of groupings, such as departments, so that users can access and manage only the assets relevant to their work. Group data sources into OUs to reflect how users are permitted to access information, for example by AWS accounts. See Organizational Units for detailed instructions.

Roles

Roles provide different levels of access to different types of users within your organization. Roles range from a Super Admin who has full access to all operations within the Clumio UI, to a Reporting/Audit Admin who has view-only access to the UI and can generate reports. See Roles for more information.

Set up protection

These tasks get you started protecting your assets.

Onboarding and deployment

Before onboarding the Clumio SaaS in your environment, you must decide which deployment you want to use. Clumio supports two different deployment methods, Terraform and CloudFormation Template. 

Terraform

Clumio Terraform provider seamlessly integrates in your environment to onboard multiple AWS account / regions. For detailed instructions see Connecting an AWS account using Terraform.

CloudFormation

Clumio also supports onboarding of AWS accounts using CloudFormation. For detailed instructions see Connecting an AWS account using CloudFormation.

Limitations

There are limitations to Clumio operations including, but not limited to, the backup and restore services. For details, see Clumio Service Limits.

Policies and protection rules

Protection policies

A protection policy at Clumio represents a preconfigured schedule that defines how frequently the data from your cloud-based business applications are backed up to SecureVault Backup. A well-defined policy determines where the backup data should be stored, which data sources should be protected, how often the data should be backed up, and how long the data should be retained. For example:

  • Gold Policy - Backup:
    • 12hrs - retain for 2 days
    • Daily - retain for 30 days
    • Monthly - retain for 12 months
    • Yearly - retain for 7 years.
  • Silver Policy - Backup:
    • Daily - retain 30 Days
    • Monthly - retain 12 months
  • Bronze - Backup:
    • Weekly - retain for 35 days

For more information, see creating a policy.

Protection rules

Protection rules define the conditions to apply a selected backup policy to your assets. You can use protection rules to automate policy application for your EC2, EBS, RDS, and DynamoDB assets across multiple accounts and regions. Instead of applying policies to multiple tags or to assets per region, you can define a set of conditions such as asset types, accounts, regions, and tags and select a backup policy to apply to that set of conditions. Protection rules can also be prioritized, to be applied in a specified order. For more information, see creating a protection rule.

Tags

To efficiently apply Clumio protection rules, standardize your tag naming convention. Standardizing tags helps Clumio identify resources that need to be protected across all accounts and regions in your organization. For example, establish a Clumio Tag naming convention that correlates to Clumio Policies:

  • Tag Key: Clumio        Value: Gold = Gold Policy
  • Tag Key: Clumio        Value: Silver = Silver Policy
  • Tag Key: Clumio        Value: Bronze = Bronze Policy

Testing policies and rules

If you have onboarded AWS accounts and set policy successfully, you will start seeing resources being backed up with Clumio. When the backup process has started, test backups and restore to ensure service availability and validity.

If you do not see successful backups / restores, or your testing reveals problems, please contact Clumio support.

Backup testing

Test your backup policy by checking for expected backup points in time for the selected resources according to your protection rules and policies. See Clumio backup for details.

Restore testing

When backups are completed and validated successfully, try restoring data. Refer to the help for the relevant datasource restore topic.

Monitor Clumio functions

After you have successfully finished setting up, start monitoring Clumio to make sure that your assets continue to be backed up as expected.

Reports

Use Clumio reports to monitor Clumio daily. For consistent monitoring, set up the Compliance Report and Activity Report.

Compliance report

The Compliance Report displays the compliance status of an asset in a specified date range. An asset can be "In compliance" or "Out of compliance" with the applied protection policy.

An asset is out of compliance when it experiences one or more SecureVault Backup failures, or when the backup exceeds the backup window once in the specified date range.  See Compliance report for more information.

Operational tasks report

The Operation Tasks Report displays the SecureVault Backup, Clumio Snap, and restore activities of all assets protected by Clumio. By default, the report (named Default Report) is filtered to display data for the past seven (7) days. Specify a different interval to view the report details over another date range. See Operational tasks report for more information.

Audit reports

The Audit Report represents a chronological history of the system activities that users have performed through the Clumio UI or REST API. Use the Audit Report to find out who made what changes in the Clumio product, and to ensure that everything is in compliance with your business requirements. See Audit reports for more details.

Activity

The Alerts page, available in the Activity widget on the left pane menu, shows you when there are issues affecting the assets in your Clumio environment, for example if a backup or a restore fails. The Activity widget displays a number highlighted in red to indicate the number of alerts raised on your system that require attention. See Alerts for more information.

Tasks

The Tasks page, available in the Activity widget on the left pane menu, displays the status of all of the tasks that are queued, underway, completed, or aborted. The Activity widget displays a number highlighted in blue to indicate the number of tasks currently running on your system. See Tasks for more information.