Link Search Menu Expand Document

Frequently Asked Questions (FAQs)

Table of Contents

Why do I need Elastio? Doesn’t AWS already have a backup?

There are a lot of backup and recovery features in AWS, but assembling these into a cyber recovery capability is your responsibility. It’s part of AWS’s “shared responsibility model”. You can read about it here.

Can I use Elastio to recover from a ransomware attack?

Yes! Elastio specializes in cyber recoveries and inspects all recovery points for ransomware and malware as they are created. You can use Elastio to recover to a known clean point in time before the ransomware attack began and furthermore, your forensics team has immediate access to quarantined recovery points with our file level analysis for granular recoveries and remediation.

What type of data can I protect with Elastio?

Elastio is designed for lift and shift and cloud native applications. Elastio supports protection and recoveries for streaming applications (Kafka, MSK), Databases and tables (AWS RDS, GoogleSQL, AzureSQL), Containers (EKS, ECS, GKE, AzureContainers), EC2, EBS, AWS Snapshots, Google Instances, Azure VMs, Files, Filesystems(EFS).

Will Elastio keep my data secure?

Elastio does not have access to your data. We architected security into our platform so your data never leaves your custody. Your backups are securely stored in an AWS account of your choosing. All data is encrypted in motion and at rest using your KMS keys.

Elastio is SOC2 Type 1 compliant and in our observation period for SOC2 type 2.

How will using Elastio impact my AWS bill?

Elastio protects, inspects and recovers applications and data in AWS accounts that you control, so you’ll be responsible for the cost of data storage, spot compute, and transfer. But we use the most cost-effective techniques available in AWS, and our customers often report that their Elastio costs are in the rage of 50%-80% less than AWS snapshot costs.

Are my production workloads impacted when using Elastio for backups and ransomware and malware scans?

No! The processing is performed by the Elastio service running in your AWS account and off host eliminating performance impact on the production servers.

Why should I use Elastio to protect ephemeral EC2 workloads and container environments?

In many environments, it’s difficult to enforce security agents on all workloads. Elastio has an Agentless option and automatically detects new EC2 and EBS workloads and protects, inspects and secures them and continues protection based on the policy settings. If a cyber threat is identified, alerts are sent with full details ofn the threat. At this point, the instance can be terminated. The recovery point is maintained for forensics purposes with a full audit of all activity. Our customers typically set a short retention window of 7 days if no threats are found.

How does Elastio help with my SOC2 compliance requirements?

Our customers use Elastio to satisfy their data security and availability controls. Elastio automation is used to assure 24×7 cyber protection coverage, active ransomware and malware detection, encryption, immutability and air gap assure data security and recovery testing assures availability. Elastio also collects evidence of your recovery point health, recovery point actuals (RPA), recovery time actuals (RTAs), and recovery testing results that were automated, making it easy to show your auditors that you’re compliant.

How can I automate Elastio in CI/CD?

Elastio is designed for integration into workflows for customization. Elastio supports all major pipeline platforms such as GitHub Actions, CodePipeline, Ansible, Jenkins to name a few. 

Can I protect databases in RDS or databases within a container?

Yes! Elastio supports many databases including PostGreSQL, MySQL, MongoDB, DynamoDB, Oracle running in both RDS and local database instances running on Windows or Linux. 

Can I import AWS snapshots into Elastio and inspect them for cyber threats?

Yes! This can be done in a policy or in mass from the Elastio CLI. Customers import snapshots to inspect them for cyber threats, to maintain recovery point history and to save up to 80% in costs over AWS snapshots.

Can I use Elastio for active ransomware and malware scanning inside of my containers?

Yes! Elastio can be embedded inside of a container to protect and scan file systems within the container. All results are reported to the console for analysis.  

What do I need for a deployment of Elastio?

To deploy Elastio, you need an AWS account with enough permissions to deploy a CloudFormation stack. It takes about 10 minutes. Please see the docs for more details in the required permissions.

What kinds of backups does Elastio offer?

Elastio offers file, block, stream, AWS EC2 instance and AWS EBS volume backups.

How does ransomware and malware scanning work?

Elastio iscan is an integrated part of the product designed specifically for scanning the recovery points for ransomware and malware. Elastio detects ransomware and malware and ransomware threats and provides the ability to respond to them. Our ransomware and malware databases are updated automatically as we release them and the latest database version is used on every scan. Additionally, you can setup notifications from your Elastio Tenant directly to email, Slack workspace or webhook to get notifications when a threat is discovered. A detailed report is provided pinpointing the exact files and threats detected.

Can I scan Containers and Filesystems with Elastio?

Yes, iscan can be used from the CLI to scan containers and file systems on demand, from CI/CD pipelines before deployments and automated using AWS ECS or AWS Lambdas.

What kinds of backups does Elastio offer?

Elastio offers EC2, EBS, EKS, RDS, File, Block and Stream backups.

Where can Elastio be deployed to?

Elastio can be deployed into any AWS account. Customers can also protect application and data on any host in any cloud using the Elastio CLI and the backups are scanned and stored in AWS. Furthermore, the Elastio service is installed in the customers AWS account meaning the data never leaves the customers’ control.

Is it possible to perform Elastio block mount from within any Linux-based environment?

As Elastio provides repositories for x86_64 editions of the RHEL/CentOS starting from version 7, Amazon Linux 2, Fedora 31 and newer, Debian 8 and newer, and Ubuntu LTS versions 16.04, 18.04, 20.04, it is possible to perform block mount from any of them. Though, be advised that the lack of the NBD kernel module on RHEL/CentOS 7, 8, Alma Linux/Rocky Linux 8 will lead to Elastio block mount failure.

Where can Elastio be deployed to?

Currently Elastio can be deployed only to AWS. Support for Azure and GCP deployments is on the roadmap, however customers can backup Azure or GCP workloads with Elastio today, with the backups being stored in AWS. Furthermore, the Elastio service is installed in your own AWS account, so your data never leaves your control.

Does Elastio have access to the contents of my backups?

Elastio does not have access to the data that you protect. It never leaves your AWS account. Elastio collects the following metadata on the items you backup:

  • A file name, its size and path to the file for a file backup if a file is backed up
  • A directory name, its size and path to the directory for a file backup of a directory
  • A block device name and its size for a block backup
  • A stream name and its size for a stream backup
  • An EBS volume ID, an account ID and a region for AWS EBS backup
  • An EC2 instance ID, its type, its OS, its source AMI, an account ID, a subnet ID, Security Group ID(s), a VPC, a region and Availability Zone(s) Elastio was deployed to for AWS EC2 backup
  • For stream, file and block backup some metadata on the machine they were performed on is also used, such as the machine’s name (and/or instance ID in case of EC2 instance)

What information in my AWS account does Elastio have access to?

  • Personal information (such as your name, email, profile picture, location and date/time of the last login)
  • AWS account related information (account ID, regions enabled, VPC(s), subnets, inventory (i.e. lists of AWS EC2 and AWS EBS), etc.)
  • All the resources Elastio creates and manages within your AWS account (the list of all resources can be found here)
  • All information and metadata related to the recovery points. The information includes:
    1. The backup types (i.e. file, block, stream, AWS EBS and AWS EC2 backup etc.);
    2. The metadata of the asset the operation was performed on (i.e. AWS EBS volume, AWS EC2 instance or a local machine);
    3. The information related to recovery points (i.e. a directory name/a file name, a block device name, their size, etc.).
  • The information related to iscan (where and when the iscan operation was performed, the types of the resources that were scanned (a folder or a recovery point), the results of operation, iscan reports, etc. To learn more about iscan, visit the Elastio Integrity Scan page)
  • Cost prediction model and billing analysis (opt-in: AWS billing and cost prediction model needs to be explicitly enabled by the customer through the Elastio Tenant, so that Elastio could enable its own statistics through the AWS built-in model and calculate the estimated cost)

Note: Elastio does not have access to the actual contents of your backups.

Where does Elastio store my data?

Elastio stores the data in a S3 bucket in your AWS account, encrypted with a KMS key that is under your complete control.

What is Elastio’s data retention policy?

Elastio’s data retention policy for the recovery points that Elastio creates is currently under development. In future it will be possible to modify the configurations defined in the default retention policy in case you would like to change the period your data is retained. For the time being, all the recovery points are retained as long as the vault exists. All the information about the vault worker is removed once the worker shuts down. Job-related information is retained for 3 days after its completion. The same retention period is applied to the job’s file attachments.

How to start using Elastio?

To start using Elastio, designate an existing AWS account or create a new one to install the Elastio service. Go to and sign-up for an Elastio Tenant. You will receive an email with access to your Elastio Tenant. Once you have access, follow the prompts in the Cloud Installer for easy, automated deployment in only about 10 minutes.

How to schedule backups?

To schedule Elastio backups for certain assets in your AWS account enabled with Elastio, navigate to Policies page. For now it is possible to create a Policy for AWS EC2 and AWS EBS. The data can be automatically scanned for malware and ransomware upon backup.

How to access recovery points?

In order to access the recovery points, go to the Assets page or to the Dashboard page. Alternatively, you can access the recovery points using the Elastio CLI.

What components does Elastio consist of?

The Elastio stack consists of five main components: Elastio Tenant, CloudFormation stack, Cloud Connector, ScaleZ and Elastio CLI. For more details, visit the Elastio Components page.

What interfaces does Elastio have?

Elastio provides a web interface as a part of each Elastio Tenant that allows to automate protection of AWS EC2 and AWS EBS with Policies, check integrity of backed up data, view assets and their backups, manage users, monitor jobs progress, etc.

We also provide the Elastio CLI which is supported on a wide range of Windows and Linux environments, and provides options for on-demand backups, restores and mounts along with most of the capabilities of the Elastio Tenant’s web interface.

Both interfaces are first-class citizens in the Elastio solution, so choose the one which makes the most sense for your particular needs, or use them both together.

Is Elastio serverless?

Yes, Elastio is serverless, as a result AWS EC2 compute capacity for backup, restore and mount operations are initialized on the as-used basis. When Elastio is idle, you are charged only for S3 storage of existing backup data, Amazon KMS keys and a small compute cost for Elastio Lambda functions which run periodically to maintain the Elastio system.

What is an Elastio Tenant?

An Elastio Tenant is a logically separated instance of Elastio dedicated to a specific Elastio customer. An Elastio Tenant has its own users, associated AWS accounts, roles, security keys, and a dedicated subdomain. Your Elastio Tenant can automatically deploy Elastio stack updates, communicate with the Elastio Cloud Connectors deployed in your AWS account(s), monitor job statuses and alert you when something is wrong.

What can I do with the Elastio CLI?

You can control almost every aspect of Elastio’s functionality from the CLI, including backing up, mounting and restoring all supported backup types, enumerating recovery points, user management, etc.

Where does Elastio store my data?

Elastio stores the data in a S3 bucket in your AWS account, encrypted with a KMS key that is under your complete control.

Elastio is provisioning multiple EC2 instances when performing backups. Won’t this be expensive?

When performing scheduled backups of EC2 or EBS, Elastio will automatically launch worker instances, always named elastio-background-job-worker, to perform the backup tasks and then immediately terminate when there’s no more work to do. These are always spot instances, of the following types:

  • m5.xlarge
  • m5a.xlarge
  • c5.2xlarge
  • c5a.2xlarge
  • r5.xlarge
  • r5a.xlarge
  • r5b.xlarge

The actual hourly cost of these instances depends on the instance type Spot allocates and the current spot price, but Spot is configured to optimize for cost so it should pick the instance type with the largest spot discount available. For example, a c5.2xlarge in us-east-2 as of 25 Mar 2022 had a three month average spot price of a bit under $0.09/hr. Assuming that this instance runs 24 hours (which it won’t unless you are continuously performing backups), this costs $2.16/day, or $64.80 for 30 days. Whenever any backup, mount, or restore is active, Elastio will also automatically provision a ScaleZ instance, called elastio-vault-$VAULT_NAME-worker. This will be a spot instance of one of the following instance types:

  • r5ad.xlarge
  • r5dn.xlarge
  • r5d.xlarge
  • m5dn.xlarge
  • m5d.xlarge
  • c5d.2xlarge

As with the worker instances, the exact price varies with Spot demand and availability, but a c5d.2xlarge in us-east-2 as of 25 Mar 2022 has a three month average spot price of a bit under $0.09/hr, or $2.16/day, or $64.80 for 30 days. Unlike worker instances, vault workers do not terminate immediately upon the completion of a backup; they continue to run for 20-30 minutes in case additional work will be performed.

What is a Source?

A Source is an AWS account where Elastio is deployed to, which contains all the backup data.

What is an Asset?

An asset is a resource that is eligible for a backup. AWS EC2 instances, AWS EBS volumes and local machines are examples of assets.