After you have finished registering your organization with Clumio, follow these general guidelines to get started deploying Clumio. Each section contains links to documentation that provides details. You may need to log in to Clumio to access some of this content.

1. Establish Access Management
2. Set Up Protection
3. Monitor Clumio Functions 

Establish Access Management

Control user access to Clumio.

• User Provisioning
• SSO / MFA
• Organizational Units
• Roles

User Provisioning

Users can be added to the platform using Access Management Settings. Identify who needs access to Clumio, then invite them using these instructions:

https://west.portal.clumio.com/userguide/Content/Access%20Management.html

SSO / MFA

Any SAML 2.0 compliant Identity Provider can be configured with Clumio. For detailed instructions on configure your SSO Provider:

https://support.clumio.com/hc/en-us/sections/13440186425364

Organizational Units

Organizational units (OUs) allow you to create logical buckets of assets within your organization made up of groupings, such as departments, so that users can access and manage only the assets relevant to their work. Group data sources into OUs to reflect how users are permitted to access information, for example by AWS accounts. For detailed instructions:

https://west.portal.clumio.com/userguide/Content/Organizational%20units.html

Roles

Roles provide different levels of access to different types of users within your organization. Roles range from a Super Admin who has full access to all operations within the Clumio UI, to a Reporting/Audit Admin who has view-only access to the UI and can generate reports. For details, see:

https://west.portal.clumio.com/userguide/Content/Roles.html

 

Set Up Protection

These tasks get you started protecting your assets.

1. Onboarding & Deployment
2. Policies & Protection Rules
3. Testing Policies and Rules

Onboarding & Deployment

Before onboarding the Clumio SaaS in your environment, you must decide which deployment you want to use. Clumio supports two different deployment methods, Terraform and CloudFormation Template. 

Terraform

Clumio Terraform provider seamlessly integrates in your environment to onboard multiple AWS account / regions. For detailed instructions:

https://support.clumio.com/hc/en-us/articles/360059570572 

CloudFormation

Clumio also supports onboarding of AWS accounts using CloudFormation. For detailed instructions:

https://support.clumio.com/hc/en-us/articles/360059570572

Limitations

There are limitations to Clumio operations including, but not limited to, the backup and restore services. For details, see Clumio Service Limits.

 

Policies & Protection Rules

Tags

To efficiently apply Clumio protection rules, standardize your tag naming convention. Standardizing tags helps Clumio identify resources that need to be protected across all accounts and regions in your organization. For example, establish a Clumio Tag naming convention that correlates to Clumio Policies:

• Tag Key: Clumio        Value: Gold = Gold Policy
• Tag Key: Clumio        Value: Silver = Silver Policy
• Tag Key: Clumio        Value: Bronze = Bronze Policy

Protection Policies

A protection policy at Clumio represents a preconfigured schedule that defines how frequently the data from your cloud-based business applications are backed up to SecureVault Backup. A well-defined policy determines where the backup data should be stored, which data sources should be protected, how often the data should be backed up, and how long the data should be retained. For example:

• Gold Policy - Backup:
  • 12hrs - retain for 2 days
  • Daily - retain for 30 days
  • Monthly - retain for 12 months
  • Yearly - retain for 7 years.
• Silver Policy - Backup:
  • Daily - retain 30 Days
  • Monthly - retain 12 months
• Bronze - Backup:
  • Weekly - retain for 35 days

For more information, see https://support.clumio.com/hc/en-us/articles/360059988791 

Protection Rules

Protection rules define the conditions to apply a selected backup policy to your assets. You can use protection rules to automate policy application for your EC2, EBS, RDS, and DynamoDB assets across multiple accounts and regions. Instead of applying policies to multiple tags or to assets per region, you can define a set of conditions such as asset types, accounts, regions, and tags and select a backup policy to apply to that set of conditions. Protection rules can also be prioritized, to be applied in a specified order. For more information, see:

https://support.clumio.com/hc/en-us/articles/6790495781652 

 

Testing Policies and Rules

If you have onboarded AWS accounts and set policy successfully, you will start seeing resources being backed up with Clumio. When the backup process has started, test backups and restore to ensure service availability and validity.

If you do not see successful backups / restores, or your testing reveals problems, please contact Clumio Support. Email support@clumio.com.

Backup Testing

Test your backup policy by checking for expected backup points in time for the selected resources according to your protection rules and policies. For detailed instructions, log into Clumio, and open the online help:

https://west.portal.clumio.com/userguide/Content/Amazon%20Web%20Services%20AWS.html

Restore Testing

When backups are completed and validated successfully, try restoring data. For detailed instructions, log into Clumio, and open the online help:

For EC2: https://west.portal.clumio.com/userguide/Content/EC2%20restores.html

For RDS: https://west.portal.clumio.com/userguide/Content/RDS%20Restores.html

For S3: https://west.portal.clumio.com/userguide/Content/S3%20Restores.html

For DynamoDB:

https://west.portal.clumio.com/userguide/Content/DynamoDB%20Restores.html

 

Monitor Clumio Functions

After you have successfully finished setting up, start monitoring Clumio to make sure that your assets continue to be backed up as expected.

• Reports
• Alerts

Reports

Use Clumio Reports to monitor Clumio daily. For consistent monitoring, set up the Compliance Report and Activity Report.

Compliance Report

The compliance report displays the compliance status of an asset in a specified date range. An asset can be "In compliance" or "Out of compliance" with the applied protection policy.

An asset is out of compliance when it experiences one or more SecureVault Backup (or Snap) failures, or when the backup (or Snap) exceeds the backup window once in the specified date range. 

For details, see:

https://west.portal.clumio.com/userguide/Content/Compliance%20report.html

Activity Report

The Activity Report displays the SecureVault Backup, Clumio Snap, and restore activities of all assets protected by Clumio. By default, the report (named Default Report) is filtered to display data for the past seven (7) days. Specify a different interval to view the report details over another date range.

For details, see:

https://west.portal.clumio.com/userguide/Content/Activity%20report.html

Audit Reports

The Audit Report represents a chronological history of the system activities that users have performed through the Clumio UI or REST API. Use the Audit Report to find out who made what changes in the Clumio product, and to ensure that everything is in compliance with your business requirements.

For details, see:

https://west.portal.clumio.com/userguide/Content/Audit%20Report.html

 

Alerts

The Alerts page shows you when there are issues affecting the assets in your Clumio environment, for example if a backup or a restore fails. The Alerts icon in the upper right corner indicates the number of alerts in red. Click the Alerts icon from any screen to view alerts.

On the All Alerts page, click the arrow next to an alert to expand it. This shows a list of all occurrences for the associated alert.

For more information on alerts, see:

https://support.clumio.com/hc/en-us/sections/13441058230932