section title 1
I’ve been the Infrastructure Administrator at Mount St. Mary’s University for over 13 years, and in that time I’ve seen a lot of backup tools promise simplicity and then turn into a part‑time job to manage.
Before Rubrik, we were on a Dell backup solution that was fine on paper, but too convoluted for a small higher ed team with no dedicated FTE just for backup. It did the job, but it constantly needed care and feeding.
When we evaluated Rubrik back in 2017, what immediately clicked for me was how appliance‑like it felt. My joke at the time was: “It’s like a toaster – once it works, it works.” That sounded like a throwaway line back then. It stopped being a joke during the LA fires.
Our infrastructure is split across two campuses, each running a different hypervisor platform. For data protection, we use two Rubrik appliances, covering both our on-premises Virtual Machines (VMs) and critical Microsoft 365 workloads.
Nothing exotic, but enough complexity that DR can’t just be “we’ll figure it out on the day.” Cross‑site replication and clear runbooks became table stakes for us once we moved to this dual‑campus model.
Practitioner Tip:
Dual‑site higher ed environments tend to accumulate complexity over time – mixed hypervisors, different storage, and a growing M365 footprint. A consistent protection layer across those pieces is usually the first step toward practical DR
Introduction & The Challenge
When we began the journey to migrate our data protection infrastructure, our core goal was shifting from a reactive backup mentality to a proactive cyber resilience posture. This required consolidating 5PB of data across 12 global data centers and building an automated disaster recovery environment in the cloud.
This article covers the technical architecture we chose, focusing specifically on how the Rubrik Security Cloud (RSC) enables automated recovery and validation steps that helped reduce our Financial Database Recovery Time Objective (RTO) from 16 hours to just 2 hours.
1. Hybrid Architecture Overview: On-Prem to AWS
Our environment relies on a hybrid architecture, securing core business systems like VMware and Microsoft 365. The critical design decision was utilizing Rubrik appliances on-premises for fast local recovery, while integrating them tightly with the Rubrik Security Cloud (RSC) in AWS for cloud-based disaster recovery.
By leveraging RSC's cloud capabilities, we achieved two key technical wins:
- Eliminating Third-Party DR Sites: We no longer require a separate, costly third-party DR data center for VMware workloads. The cloud acts as our DR target.
- Unified Management: The 5PB of data across 12 global data centers is managed from a single control plane, consolidating three legacy backup tools into one.
Practitioner Tip Placeholder
This section is reserved for a short, impactful tip related to optimizing hybrid architecture, such as network latency considerations or best practices for cloud-based replication policies.
Orchestrating Cloud DR (OAR) for Sub-Hour RTOs
The biggest time saving came directly from the deployment of Orchestrated Application Recovery (OAR). OAR is essential for any high-risk application because it validates that a group of interdependent services (e.g., Application, Web, and Database servers) can fail over together in a verifiable, automated sequence. This move transformed our ability to guarantee business continuity.
The shift in mindset, as Zatarain noted, was profound: "We've gone from a backup restore solution to a complete cyber-resilient solution!"
Zero-Trust Security: Threat Hunting & Validation
In a true cyber-resilience model, restoration speed is useless if you reintroduce malware. The Enterprise Edition features we use are focused on ensuring the recovery point is clean:
- Anomaly Detection: This continuously scans for indicators of compromise (IOCs) like mass deletions or encryption patterns. If triggered, it immediately flags the clean recovery points.
- Threat Monitoring & Hunting: We use the built-in Mandiant feed intelligence to scan recovery snapshots for known malware signatures. This is the non-negotiable step that ensures we restore clean data and eliminate malware recurrence.
- Sensitive Data Monitoring: For compliance purposes (GDPR, PII, Internal IP), the platform helps us monitor where regulated data resides and determine the precise magnitude of a breach for regulatory reporting.
Deep Dive Example: Ansible Code or OAR Diagram
This section is a placeholder for a technical asset (e.g., an Ansible code snippet, a detailed API call workflow, or a flowchart of the OAR process) to further illustrate the complexity of the deployment.
Automating Cyber Resilience and Next Steps
By integrating immutable backups with orchestrated recovery and automated validation, we moved our focus from simply hoping we had a backup to guaranteeing a clean, fast recovery. The resulting 87.5% reduction in RTO for our financial databases is the most visible outcome of adopting a genuine Zero Trust Data Security posture.
Key Technical Results:
By integrating immutable backups with orchestrated recovery and automated validation, we moved our focus from simply hoping we had a backup to guaranteeing a clean, fast recovery. The resulting 87.5% reduction in RTO for our financial databases is the most visible outcome of adopting a genuine Zero Trust Data Security posture.
| METRIC | BEFORE RUBRIK | AFTER OAR IMPLEMENTATION |
|---|---|---|
| Financial DB Recovery Time (RTO) | 16 Hours | 2 Hours |
| Protected Data Footprint | Disparate, Not Unified | 5 PB across 12 global data centers |
| Testtable | BEFORE RUBRIK | AFTER OAR IMPLEMENTATION |
|---|---|---|
| Financial DB Recovery Time (RTO) | 16 Hours | 2 Hours |
| Protected Data Footprint | Disparate, Not Unified | 5 PB across 12 global data centers |
Contributed by
Test Ravi2
CIO, Microsoft
Test Ravi
CIO, Microsoft
Test Yew2
CTO, PLUS Malaysia
Ranjit Nair
Chief Director, Information Technology, Rubrik
Nikita Bhuma
Chief Strategy Officer, Operational Services
Frederic Lhoest
CIO, Health Systems, CrowdStrike
