Frequently Asked Questions (FAQs)

There are a lot of backup and recovery features in AWS, but assembling these into a cyber recovery capability is your responsibility. It’s part of AWS’s “shared responsibility model.” You can read about it here.

Yes! Elastio specializes in cyber recoveries and inspects all recovery points for ransomware and malware as they are created.  You can use Elastio to recover to a known clean point in time before the ransomware attack began and furthermore, your forensics team has immediate access to quarantined recovery points with our file level analysis for granular recoveries and remediation.

Elastio is designed for lift and shift and cloud native applications.  Elastio supports protection and recoveries for streaming applications (Kafka, MSK), Databases and tables (AWS RDS, GoogleSQL, AzureSQL), Containers (EKS, ECS, GKE, AzureContainers), EC2, EBS, AWS Snapshots, Google Instances, Azure VMs, Files, Filesystems(EFS).

Elastio does not have access to your data. We architected security into our platform so your data never leaves your custody. Your backups are securely stored in an AWS account of your choosing.  All data is encrypted in motion and at rest using your KMS keys.

Elastio is SOC2 Type 1 compliant and in our observation period for SOC2 type 2.

Elastio protects, inspects and recovers applications and data in AWS accounts that you control, so you’ll be responsible for the cost of data storage, spot compute, and transfer.  But we use the most cost-effective techniques available in AWS, and our customers often report that their Elastio costs are in the rage of 50%-80% less than AWS snapshot costs.

No! The processing is performed by the Elastio service running in your AWS account and off host eliminating performance impact on the production servers.

In many environments, it’s difficult to enforce security agents on all workloads.  Elastio has an Agentless option and automatically detects new EC2 and EBS workloads and protects, inspects and secures them and continues protection based on the policy settings. If a cyber threat is identified, alerts are sent with full details ofn the threat.  At this point, the instance can be terminated.  The recovery point is maintained for forensics purposes with a full audit of all activity.  Our customers typically set a short retention window of 7 days if no threats are found.

Our customers use Elastio to satisfy their data security and availability controls.  Elastio automation is used to assure 24×7 cyber protection coverage, active ransomware and malware detection, encryption, immutability and air gap assure data security and recovery testing assures availability.   Elastio also collects evidence of your recovery point health, recovery point actuals (RPA), recovery time actuals (RTAs), and recovery testing results that were automated, making it easy to show your auditors that you’re compliant.