Current version: GD UG CE 24.4.1 - November, 2024
Preface
About This Guide
Thank you for selecting CloudAlly for Google Shared Drives. Relax! All your Google Shared Drives data is now securely protected with easy recovery from data loss. CloudAlly comprehensively backs up your data on industry-leading AWS S3 storage. Our product’s ethos is to provide feature-rich backup and recovery with security, ease of use, and flexibility woven in.
CloudAlly is cloud-native, a full cloud-to-cloud solution. No installation is required, the setup is hassle-free, backup is easy, and there are flexible recovery and export options. Read on for instructions about how to activate and manage your backups, restore your data by keyword, from any point-in-time, and at any granular/hierarchical level, export your backups to your own storage, activate summary/exception reporting, and set up MFA and other helpful features.
Questions or comments? Please contact us at support@cloudally.com or search our Knowledge Base at https://support.cloudally.com/hc/en-us.
Audience
This guide is intended for individuals who administer CloudAlly for Google Shared Drives.
Creating and Accessing Your Backup Account
Sign Up/Sign In from the CloudAlly Home Page
- In your Internet browser, open cloudally.com and click Login.
- Click Customers. The Sign In page is displayed.
- If you don’t have an account yet, click Free Trial. The Sign Up page is displayed.
- Complete the form, and then click Sign up.
Note: CloudAlly gives you the choice of numerous AWS data centers available in the dropdown menu “Location.” These include data centers in:
- Australia
- Canada
- EU (France, Germany, and Ireland)
- India
- Japan
- South Africa
- UK
- US
The ability to choose from a wide range of data centers helps our customers comply with local data sovereignty laws that regulate the physical location and movement of data. In addition, we also offer a “Bring Your Own Storage” (BYOS) option on request. This allows you to backup sensitive data in your own AWS S3 buckets, S3 compatible storage service, Azure, or Google Cloud Platform. Please contact support@cloudally.com for more information.
- Your trial account is created, and an email containing your activation link is sent to your email address. Click on the activation link contained in the email you received to activate your account. If you sign up with Google, Azure, or Okta, the activation link will not be sent to you.
- Once your account is activated, you are redirected to the CloudAlly login page. Enter your email address/password and click Sign In to login and access your account.
Note: You can also enable Two-Factor authentication to provide additional security. For more information, see "Two-Factor Authentication".
- After you log in, you will see the following screen, enabling you to begin creating your backup tasks:
Resetting Your Password
If you do not remember your password, you can easily reset it using the Password Reset function.
- On the sign-in page, click Forgot your password? to start the process of resetting your password.
- The Password Reset page will appear.
- In the Email field, enter the email address that you used to sign up.
- Click Reset, and the Password Reset window will appear.
The email will look as follows:
- In the email, click ResetCloudAllyPassword to confirm the password reset, and the Change Your Password window will appear.
- Enter your new password in the New Password field and again in the Confirm New Password field, and click Save.
After resetting the password, you will be directed back to the Sign In to your Account.
Backing Up Your Google Shared Drives Data
Creating a New Backup Task
To create a new backup task:
- Sign in to your account, or if you are already signed in, click the Homepage option in the Navigation Panel.
- On the Homepage, click + Add Backup Task.
The following page is displayed:
- Click Google Shared Drives. The following screen appears.
- You will be redirected to the Backup Settings page, where you can adjust the settings of the backup.
On this page, you can adjust the backup settings and activate backups for the Google Shared Drives users. See the sections below for the detailed procedures.
Configuring Backup Settings
To access the configuration screen, click the gear-shaped settings icon.
- You can change the name of the backup task by clicking the pencil icon.
- The icon next to the Google Shared Drives logo displays whether the application was able to connect to the specified Google Shared Drives account. If the authentication token granted for the application becomes invalid (e.g., it expires due to inactivity because you put the backup task on pause for a long time), the Connected icon changes to Disconnected. To grant the application a new token, click on the icon to open the authentication dialog, and repeat the authentication process.
- By default, the “Index all data for Search” option is selected, which enables CloudAlly to provide you with its granular search and restore functionality. In the process, your data is temporarily decrypted for a brief period of time, and then re-encrypted once the index is built. If this goes against your company policy and you would like to disable automatic indexing, please contact support@cloudally.com.
- The Automatically activate new drives option instructs the system to detect new drives, and activate them automatically.
- Backups are automatically archived when an entire site is deleted. The Retain auto-archived backups option allows you to retain them for a specified number of days, after which they will be deleted. Otherwise, the backups will be retained indefinitely.
Note: The Backup Data Center and Retention Period fields are “display only,” and their values can’t be changed here.
- The Backup Data Center field displays the Data Center location you selected when you signed up with your registration.
The Retention Period field displays whether a retention period has been set up. By default, we provide unlimited retention of your daily backups for as long as you maintain your account subscription. You can override this default and specify a retention period in days, months, or years by contacting CloudAlly support. Backups older than the retention period specified will be automatically deleted.
Note: Your backup storage location cannot be changed once it's been set during the account setup process. Contact CloudAlly support if you need to move backups to a different geographic region, or if you'd like more information on our “Bring Your Own Storage” (BYOS) option.
-
Backup Frequency and Backup Hour
- Click the drop-down list adjacent to the Backup Frequency field and select how often you would like the backups to occur. The available options include:
- Daily
- Every 3 days
- Weekly
- 3 times a day
- Click the drop-down list adjacent to the Backup Hour (UTC) field and select the backup hour. Click Save.
- Click the drop-down list adjacent to the Backup Frequency field and select how often you would like the backups to occur. The available options include:
Note: 3x daily backups might be subject to additional charges. Please contact CloudAlly support or your sales representative if you have any questions before changing the backup frequency.
Activating Your Backups
Once you have configured your backup settings, you need to Activate them, in order for them to begin backing up your data.
- Scroll down to the list of drives.
- Select one or more drive(s).
- Click Action > Activate. The status of your backups will now be "Scheduled." This means that they will be backed up at the time that you selected on the Configuration screen.
- Alternatively, if you prefer to perform an immediate, on-demand backup, click Action > Backup Now.
If you forget to activate any of your backups, there will be an indicator on the Homepage that reminds you:
Securing Your Backups
By default, all primary and secondary users can preview, browse, and recover any backed up data. This could be a security risk if sensitive information is contained in the backup snapshots.
Primary users can limit access to one or more sites, drives, accounts, or users so that only they will be able to see, restore and export this data.
- Primary user: From the Homepage, click the name of the service whose data you would like to restrict.
- Click one or more drives.
- Click Tags, and check the Limited Access tag.
- Click Apply. You will be asked to confirm:
- The tag will now appear in the Tags column as follows.
This will prevent secondary users from browsing and recovering the data.
To remove the tag, the primary user should simply reverse the process - un-check the Limited Access tag, and re-apply.
Deleting a Backup
You can delete individual user backups or the entire backup service from your account if you do not want to use them further. The following sections guide you through the process of removing backup services and individual user backups.
Deleting a Backup Task
To remove a backup task for a service, on the Homepage, click Menu > Delete Backup adjacent to the backup task you want to remove.
The Confirm Delete pop-up window is displayed with a warning message.
Click Delete. The selected backup service is removed from your account.
To prevent mistaken deletions, there is a grace period of 7 days after your backup is deleted.
Deleting an Individual drive
To delete an individual drive:
- Click the backup task from which you want to delete the drive. The backup task settings page is displayed.
- Add a check next to the drive that you want to delete. Click Delete in the Actions menu.
- A pop-up window is displayed with a list of drives selected for removal. Click Delete. The selected drives are removed from your account.
To prevent mistaken deletions, there is a grace period of 7 days after your backup is deleted.
Usage Reports
In order to provide greater clarity to you about which drives CloudAlly is backing up, you can export a CSV file that lists all of the entities that were backed up, including the status of each entity (active, inactive, or archived).
To export a usage report, click the Export button, next to Add Backup Task. The report will be sent to you via email.
Modifying the Settings of an Existing Backup
To modify an existing backup task:
- Click the Homepage option from the Navigation Panel. The Homepage screen appears.
- Click the Google Shared Drives icon from the list or enter a keyword in the Search field to find a specific task. The Google Shared Drives Backup page is displayed.
- Click Settings on the top-right section of the screen to see the backup settings.
From here, it is possible to modify the fields described in Configuring Backup Settings.
Recovering Your Backed Up Data
Using the Recovery Menu
The Recovery Menu provides you with options at a fine granularity for selecting which drive to restore or export.
To recover your backed up data:
- Click Recovery from the Navigation Panel. The Restore & Download page is displayed with all your active-backup account details.
- Click the Google Shared Drives backup task from which you wish to recover the data.
- The Restore or Download Google Shared Drives page is displayed.
- Select the radio button for your preferred restore method:
- Via Snapshot (see Via Snapshot)
- Via Item Search (see Via Item Search)
Restore or Download Via Snapshot
- Enter the date range that you would like to restore using the Data changed from and To fields, and press Continue.
- The list of backup snapshots within that date range is displayed. Select the snapshot you want to recover.
- Alternatively, you can click the magnifying glass in the Action column to drill down into the snapshot and view the structure of the backed up data. There you can select one or more items for recovery.
- Once you select a snapshot (if you wish to recover all the data in the backup), or one or more items (if you wish to recover only selected items), the Restore and Download buttons become available.
Restore
If you click Restore, the restore confirmation window appears, asking you about the following:
- You can add an optional 50-character Job Label to differentiate it from other Exports and Restores on the Jobs page.
- Do you want to restore to another folder or account? If so, provide the new location information.
- Do you want to restore the data with the original sharing settings, or without them?
The backup data that you selected will be restored to the location that you specified. When the recovery process is complete, a summary will be sent to your email.
You can also check the Jobs page to see the progress of your task. See "Tracking Recovery Tasks on the Jobs Page."
Export/Download
- If you click Download, the following confirmation window appears.
- Click the drop-down list and select one of the following storage locations:
- If you select options other than “for download,” you may be asked for additional credentials and/or access tokens for the selected storage locations.
- Click OK. The download instructions are sent to your registered email address. The download link is only valid for 72 hours.
- Or, you can check the Jobs page. (See "Tracking Recovery Tasks on the Jobs Page.") When the task is completed, the Download Results button will be active.
- Click Download Results, and a page will open, where you can access your backup file.
Restore or Download Via Item Search
- Select Via Item Search, and enter a word or phrase to search on.
- Click Continue. The Restore or download page is displayed, showing the search results with details such as . The details columns are different for different types of restored items.
- Select items you would like to restore or download. When at least one item is selected, Restore and Download become available.
- Follow the instructions in the Restore or Export/Download sections to complete the recovery process.
Tracking Recovery Tasks on the Jobs Page
The Jobs page provides you with both high-level and drill-down views of your restore and export jobs over the last seven days.
Note: To see the status of your Backups, click the name of the backup from the Homepage.
From the Navigation pane, click Jobs.
High-Level Summary
- The top portion of the Jobs dashboard summarizes how many of your jobs are in progress, how many have successfully completed, and how many have partially succeeded or failed over the past 7 days.
To see a list of jobs that have any of these 3 statuses, click on the status, and your results will be filtered accordingly
Filtering
The next section allows you to filter by numerous criteria:
- Initiator: Who initiated the backup / restore?
- Activity: Filter by restores or exports.
-
Service: Filter by one of the following services, such as:
- Google Workspace
- Google Shared Drives
- Salesforce
- Box
- Dropbox
- Google Account
-
Status: Filter by one of the following:
- In progress
- Succeeded
- Partially succeeded
- Failed
- Pending
- Canceled
-
Search by Task: Filter by a task, such as:
- Box
- Dropbox
- Google Workspace
- Salesforce
If you choose to filter using a particular service, then you can focus on a specific item in the search bar. You can also order by:
- Latest First
- Oldest First
Description of Each Job
- The rest of the screen provides a detailed description of each individual job that you ran.
- Type of Job: Export, or Restore – this appears as a large title within each job description.
- Name, Service, and Account of the job.
- Start date, backup date, initiator, destination, total items backed up or restored, and the size of the file(s).
- Cancel enables you to stop a job that is in progress.
- Download Results enables you to download a zip file with your recovery data.
- View Log redirects you to the System Activity page, which displays your account activity with details such as Activity, Date and Time, Service, Sub-Service, Status, Task Name, and Item.
This page enables you to filter and search the list of backup tasks, export the list as a CSV file, and view more details on any backup task.
The latter can be achieved by clicking the information icon in the Activity column. The Info pop-up displays the backup execution time, the size of the stored data, and the number of entities, and the summary of the backup execution.
Compliance
Delete Backed Up Data: GDPR's "Right to Be Forgotten" Option
The way to delete data items - - from a CloudAlly backup is to enable the GDPR (General Data Protection Regulation) "right to be forgotten" option.
To enable the ability to delete backed up items:
- Request from CloudAlly support that they enable the GDPR delete button for you. They will ask you for the name of your account, and the service for which you would like to enable this.
- From the Homepage, click Recovery.
- Click the service that contains the item you would like to delete.
- Click "Via Item Search" and enter the desired search criteria.
Note: It is not possible to perform a GDPR delete using "Via Snapshot."
- Select the item(s) you would like to delete, and click Delete.
Note: Ensure that the item you wish to remove is already removed from the source. If it is not, CloudAlly will continue backing it up, even if you deleted it using the "Delete" button.
- The system will ask you to confirm the delete request. Once you have confirmed, the item will be removed from our system within a few days.
Filtering and Viewing Drill-Down Details
This section explains the process of finding the exact backup data you are looking for using filtering.
Filtering by drive
- Click the Homepage option from the Navigation Panel. The Homepage screen appears.
- Click the Google Shared Drives icon from the list or enter a keyword in the Search field to find a specific task. The Google Shared Drives Backup page is displayed.
- The Google Shared Drives Backup page displays all the Google Shared Drivesdrives available for the administrator account you are using. The page displays the details such as Drive, Status, Backup Size and Last Backup date. It also provides the means to filter the drives and control the associated backup tasks.
Filtering Using Names or Statuses
You can filter using the following options:
- Enter a search phrase in the Search by field to view all the drives with the entered keyword.
- Filter by statuses such as Not Active, Scheduled, Success, In Process, Failed, Paused, Archived, or Partial.
Filtering Using Tags
CloudAlly provides you with the means to add extra metadata to your backed up data in the form of "tags." For example, you might want to denote all drives that belong to Managers, or all those that belong to the Sales Team.
You can use tags to quickly filter your list of drives.
The Tags option is used to search for existing tags. By default, it is not active. To activate Tags:
- Select at least one drive.
- Click Tags, and the following screen appears.
- To search your existing tags, enter a tag name in the Search tags field.
Creating a New Tag
To create a new tag:
- Click Create New Tag. A pop-up appears where you can enter a new tag name.
2. Enter a new tag name and click Create.
To apply tags to your drives:
- Select at least one drive.
- Click Tag.
- Choose the desired tag for your drive s.
- Click Apply.
Filtering by Tag
In the Filter by tag field, enter a tag name. The accounts, teams or sites with those tags will appear.
Actions
To perform actions on a drive, select at least one of them on the list, and the Action button will be enabled. Click Action to see the following drop-down menu:
- Activate enables backup in all the selected drives.
- Pause halts the backup procedures on the selected drives.
- Backup now starts the backup immediately. The backup in this case starts as soon as a backup processing machine is available, which may take several minutes.
- Delete removes the backup task and backup data for the selected drives.
Viewing Backup Statistics with the Drill-down Feature
Select the desired drive, and click the downward-facing arrow at the end of the row. This option enables you to drill down to the backup history dashboard.
When you drill down, you can find a diagram describing past backups, and a brief summary of the backup outcomes.
The diagram depicts the number of items backed up each day. By hovering your mouse over a column in the diagram, you can see the number of items backed up in each service. This number includes all new and changed items, so it may be greater than the total number of items in the backup. You can select the date range of the chart with the sliders underneath it. The maximum range displayed is 30 days.
The summary tiles below the chart provide at-a-glance information about the backup: for each sub-service, they display the total number of items in the backup, the date of the last backup, and the outcome.
Comparing, Replicating, and Setting Smart Alerts
The CloudAlly Compare, Replicate and Smart Alert tools allow you to compare your data or metadata across backups or your production Salesforce database, and to alert you when something significant has changed. You can compare any backup snapshot or Salesforce Production/Sandbox and, in the case of metadata, even to other organizations.
Compare
You can access the Compare tool by clicking the Salesforce backup task from the Homepage.
Initializing the Data Comparison
To initiate the comparison procedure, follow these steps:
- Click Compare.
- The Comparison screen is displayed. The Data comparison option is selected by default:
- You can select which objects you want to compare. By default, all objects are compared during the operation.
Note: The following system fields are automatically excluded from comparison: CreatedById, CreatedDate, LastModifiedById, LastModifiedDate, LastViewedDate, LastReferencedDate, SystemModstamp.
- You can select an object from the drop-down menu:
- In the next step you are prompted to select the date of the sources of the data for the comparison:
- Select the date of the backup task for which you initiated the comparison. If more than one backup was performed on the selected date, choose the time of the backup.
- In the right panel, you can either select the backup task that will be used for comparison, or the Salesforce production database.
- Once you have set the data sources, click Start Compare. The comparison task is started in the background, and the results will be available as soon as it is finished.
- You can cancel the task with the Cancel button before it is finished.
Viewing the Data Comparison Results
Once the comparison task is finished, the View Result button becomes available.
Clicking on the View Result button takes you to the Compare page:
The results in this page are organized in a table displaying the Total number of records, the number of Unique records in each of the data sources, and the number of changed records in each of the objects found in the Salesforce database at the point of backups (or in the production database respectively).
To find more details on the Unique or Changed elements, click the corresponding numbers in the table – they contain links to the “comma-separated values” (.csv) files containing detailed information on the unique or changed items in the corresponding object.
The CSV files created for the Unique and the Changed records are essentially different and describe different aspects of the records. Below is an example of a CSV file created for Unique records in an item:
The results page can be filtered via the Search bar at the top of the page. The search is case insensitive and requires just a partial match of the name of the objects.
At the bottom of the page, you can find the summary of the objects that had no changes and the objects that only exist in either of the data sources. These numbers can also be clicked, displaying the detailed lists of respective objects:
Comparing Metadata
Initializing the Metadata Comparison
To initiate the metadata comparison procedure, follow these steps:
- Click Compare.
- The compare dialog screen is displayed. The data comparison option is selected by default. Select the Metadata option:
- You can select which objects you want to compare. By default, all objects are compared during the operation. You can select an object from the drop-down menu:
- In the next step, you are prompted to select the date of the sources of the data for the comparison:
- In the left panel of the page, select the date of the backup task for which you initiated the comparison. Below you can select the date of the backup, and, if more than one backup had been performed on the selected date, choose the time of the backup.
- In the right panel, you can either select the backup task that will be used for comparison, the Salesforce production database, or metadata from another organization. In the latter case you can choose whether to use the production database or the sandbox:
- Once you have set the data sources click Start Compare. The comparison task is started in the background, and the results will be available as soon as it is finished.
- You can cancel the task by clicking Cancel before it is finished.
Viewing the Metadata Comparison Results
Once the comparison task is finished, the View Results button becomes available.
Clicking on View Results takes you to the Compare page:
The comparison results are organized on the page in a table displaying the Total number of records, the number of Unique records in both the data sources, and the number of changed records for Objects and Profiles.
You can filter the page using the search bar situated in the top portion of the page:
At the bottom of the page, you can find the summary of the number of objects that have no changes and the objects found only in one of the data sources. Clicking the numbers of such objects displays the list of corresponding objects:
To find more details on the Unique or Changed elements you can click the corresponding numbers in the table. This leads you to the comparison GUI.
You can expand any row of the table by clicking the downward-arrow button to view the comparison results, or you can download an archive with the corresponding objects via the download button. The records can be displayed side-by-side, or over-under. You can switch the orientation by clicking on the orientation button.
Replicating your Database
The CloudAllyReplicate feature enables you to copy your data or metadata from your backup to a Salesforce sandbox database. The tool has a wide range of options and you can choose whether to copy all of the data or just selected objects, to apply various functions on the data, and to copy data to other Salesforce organizations.
You can access the Replicate tool by clicking the Salesforce backup task from the Homepage.
When you click Replicate, you will see the following screen:
Replicating Data
- By default, Data is selected.
- Choose the Snapshot date. If more than one backup was performed on the selected date, choose a backup time. Click Next.
You can choose whether you want to restore all data objects or select the objects to replicate.
- Select Full Organization if you want to restore all data objects. See Full Organization Replication below.
- Select the Multiple Parent Objects options to select the objects you want to be replicated and, if needed, apply selection filters on them. See Multiple Parent Objects below.
The Need to Anonymize Data
When you replicate part or all of your Production Salesforce data in your Sandbox, you may be exposing PII - Personally Identifiable Data. PII is information that can be used to identify, contact, or locate a person, such as their name, social security number, birthdate, or contact details. PII is extremely lucrative to hackers and is the main target of ransomware and malware attacks. Data security best practices and global regulatory laws including the GDPR , CCPA, HIPAA, and PIPEDA, mandate stringent protection and anonymization of PII by organizations.
Data Anonymization in CloudAlly Salesforce Data Replication
CloudAlly supports your efforts to anonymize your Salesforce data by providing a toggle switch that turns data anonymization on and off.
Anonymization Using the Default Template
By default, CloudAlly will anonymize your data using a template, that defines which data will be replaced by which type of values:
- Some of your data will be replaced with pre-set typical values, such as Last Name = Smith, or Address = 123 Main Street. The data will keep its original format, to ensure that it can be safely used for integration.
- Other data will be replaced with meaningless characters, such as notes or comments.
To learn the details of how each data field will be anonymized using the template, click Download the Full Anonymization Template to view the full list in an Excel format. As you will see, CloudAlly sets the most frequently-used fields, with the appropriate information (pre-set values or random data). The template is an excellent solution for most System Administrators.
Customization of Anonymized Data
For some advanced users who want to delve into the details, instead of accepting the default template, you can change how each object is handled.
- To see how to customize anonymized data for a Full Organization Replication, click here.
- Click here to see how to customize anonymized data for a Multiple Parent Objects Replication, click here.
Full Organization Replication
After selecting the snapshot date, click Full Organization and then click Next.
Anonymizing Data
Click the toggle to turn Anonymize data on. By default, CloudAlly will use the Anonymization Template, which sets either fake or random values for the most commonly-used objects and fields. If you would like to delve into the details to customize your anonymized fields, you can do so on the screen after you click Next.
You will see the following screen:
- The left side of the screen contains all of the objects in your data set.
- The right side of the screen lists all of the fields in the highlighted object. Here, for each field, you can determine whether you want to:
- Skip this field (it won't be anonymized)
- Replace it with random characters
- Or, replace it with one of the pre-defined fields in the template.
When you are done customizing your fields, click Next.
Select the destination of the replicated data. You can replicate the data to a sandbox of the original organization or you can send it to a sandbox of a different organization. In the latter case, you will be asked to authorize the operation with the credentials of the destination organization.
You can unmark the checkbox Automatically disable all Validation Rules, Triggers, and Processes if you want these elements to be enabled in the replicated data. By default, the checkbox is marked, thus disabling the validation of rules, workflows triggers, and processes. This is done as a precaution because the said elements may not work well with replicated data. After the restoration process concludes, all Validation Rules, Workflows, Triggers, and Processes are automatically reactivated.
Click Replicate to create the replication task. The task will be assigned to the next available processing machine, which may take several minutes. You can view the progress of the task in the Replicates tab of the backup page.
Multiple Parent Objects
After selecting the snapshot date, select Multiple Parent Objects and click Next.
Anonymizing Data
Click the toggle to turn Anonymize data on. By default, CloudAlly will use the Anonymization Template, which sets either fake or random values for the most commonly-used objects and fields. If you would like to delve into the details to customize your anonymized fields, you can do so after you click Next.
You are taken to the step: Select Data Object:
Select the objects you want to replicate. You can search by typing at least 3 symbols matching part of the name of the object.
Click the checkbox Include attachments if you want the restored data objects to contain all original attachments.
The Hierarchy depth field refers to the objects that are dependent on the selected objects. By default, the Hierarchy depth is set to 0, meaning only the selected objects will be replicated.
You can set the Hierarchy depth to the desired depth, up to 7 levels: all objects dependent on the selected objects up to the selected depth will be marked for the next step.
By default, all records are selected for replication in the selected Objects. You can set up selection rules manually for any number of objects. To select multiple objects, click the corresponding lines in the list. You can define different rules for the objects – deselect the objects for which you have already set up the selection and select the other ones.
To define the number of records that need to be replicated, click the option Pick <number> records. You can fill in the number of records to be replicated and choose one of the options: Newest, Oldest, or Random:
You can define the SOQL WHERE query that will be applied to select the records for replication. To do that click the SOQL WHERE clause option, fill in the query and click Enter to validate it.
Note: The replication system only validates the query syntax and doesn’t check that the query can be applied to the selected objects. An inapplicable SOQL clause may lead to a failure in the replication procedure.
Click Next.
Customizing Data Anonymization Fields
You will see the following screen:
- The left side of the screen contains all of the objects in your data set.
- The right side of the screen lists all of the fields in the highlighted object. Here, for each field, you can determine whether you want to:
- Skip this field (it won't be anonymized)
- Replace it with random characters
- Or, replace it with one of the pre-defined fields in the template.
When you are done customizing your fields, click Next.
You are taken to the Select Destination step.
Select the destination of the replicated data. You can replicate the data to a sandbox of the original organization or you can send it to a sandbox of a different organization. In the latter case, you will be asked to authorize the operation with the credentials of the destination organization.
You can unmark the checkbox Automatically disable all Validation Rules, Triggers, and Processes if you want these elements to be enabled in the replicated data. By default, the checkbox is marked, thus disabling the validation rules, workflows triggers, and processes. This is done as a precaution because the said elements may not work well with replicated data. After the restoration process concludes, all Validation Rules, Workflows, Triggers, and Processes are automatically reactivated.
Click Replicate to create the replication task. The task will be assigned to the next available processing machine - this may take several minutes. You can view the progress of the task in the Replicates tab of the backup page.
Replicating Metadata
To initiate the metadata comparison procedure, follow these steps:
- Click Replicate. The Replicate screen is displayed.
- The Data option is selected by default. Select the Metadata option, choose a snapshot date, and click Next.
Choose either Full Organization, to migrate all metadata from the source organization snapshot to the destination organization, or Granular Selection, to select which metadata types to include in the replication data set.
Full Organization
Select the destination of the replicated data. You can replicate the data to a sandbox of the original organization or you can send it to a sandbox of a different organization. In the latter case, you will be asked to authorize the operation with the credentials of the destination organization.
Click Replicate to create the replication task. The task will be assigned to the next available processing machine - this may take several minutes. You can view the progress of the task in the Replicates tab of the backup page.
Granular Selection
Choose Granular Selection. You are taken to a screen where you can select which metadata objects you would like to duplicate:
Make your selection(s), and click Next. You are taken to the Select Destination step.
Select the destination of the replicated data. You can replicate the data to a sandbox of the original organization or you can send it to a sandbox of a different organization. In the latter case, you will be asked to authorize the operation with the credentials of the destination organization.
Click Replicate to create the replication task. The task will be assigned to the next available processing machine - this may take several minutes. You can view the progress of the task in the Replicates tab of the backup page.
Smart Alerts
Anomaly Detection
How can you minimize the damage of a mistaken Sandbox refresh, unwanted database update, buggy code insert, bad data imports, or a mistaken deletion or updating records? By reducing the time it takes you to detect the red flag – your Recovery Time Objective (RTO) – and restoring your Salesforce data ASAP.
CloudAlly’s Salesforce Backup comes with Anomaly detection that alerts you of suspicious activity – updates or deletes – to your Salesforce data.
- Customize Smart Alerts to detect irregular objects changes such as addition, deletion, or updates between backup snapshots, based on your predefined threshold.
- Get email notifications with a snapshot report of Salesforce objects changes that triggered the Smart alert.
- Use historical backup snapshots to quickly restore your data to any point-in-time or keyword/metadata search for granular recovery.
Setting a Smart Alert
Smart Alerts enable you to compare changes between the previous and latest backups, and to alert you when significant changes are detected. You can determine which changes are "significant."
Note: Before you can set a smart alert, you must have at least one successful Salesforce backup that CloudAlly can use as the baseline for future comparisons. See Creating a New Backup Task.
- From the Homepage, click the Salesforce backup task. Click Smart Alerts.
- By default, All Objects are selected. If this is your preference, click Next.
- If you prefer to choose which objects will trigger an alert, click Specific Object.
- Choose the object from the drop-down list that you would like to trigger the alert. You can only choose one object per smart alert. When you have made your selection, click Next.
- You will be directed to the configuration screen, which enables you to set the criteria for when you will receive an alert:
- Alert when more than:
- Number of items
- Either % or number of records
- Is added, updated, or deleted
Note: If you choose a low Amount value, CloudAlly will display a warning: "You have created an alert with very wide criteria. This means you will probably receive an alert after each backup cycle. Are you sure you want to proceed?"
- You can choose whether you'd like your alert to be triggered by a single user's changes or when ALL users have made this change, as defined in the "Alert when more than..." panel.
Note: Which option is preferable, changes made by a single user or all users? It depends on the volume of records in your organization's Salesforce database, the record volatility, and the data sensitivity.
- When you are done, confirm your configuration, and click Add New Alert.
Smart Alert List
After you click Add New Alert,CloudAlly adds the new alert to the Smart Alert list.
From this page, you can change the values in a Smart Alert - the Amount, the % or Number of Records, or the type of change - by clicking the pencil icon. However, it is not possible to switch from Single User to All Users - you'll need to create a new Smart Alert to do so.
You can also delete an alert by clicking Action > Delete.
Finally, you can disable or enable an alert, by clicking the bell icon.
Smart Alert Notifications
By default, Smart Alert notifications are sent to the primary account user, but additional recipients can be added.
To add additional recipients:
- From the Navigation Panel click Settings > Notifications.
- Click +Add New Recipient, add a user's email address and name, and then click Save.
When changes trigger a Smart Alert, all of the users on the list will receive an email that summarizes what has changed. With this information, Admins can investigate the changes, and take appropriate the appropriate action.
Managing Your Account
This section guides you through the processes of managing your Account activity, account settings, password, setting up two-factor authentication, and managing users.
Viewing Account Activity
The Activity menu enables you to view your account activity, including System Activity and Security Audit. Click Activity on the navigation pane.
System Activity
Click System Activity.
The System Activity page displays your account activity, with details such as Activity, Date and Time, Service, Sub-Service, Status, Task Name, and Item.
This page enables you to:
- Filter and search the list of backup tasks
- View more details on any backup task. This can be achieved by clicking the "i" (Info) icon. The Info pop-up displays the backup execution time, the size of the stored data, and the number of entities, and the summary of the backup execution.
- Export the Activity Log as a CSV file. Any filters selected on the page will also apply to the exported log file. For example, you could choose to only see Restore tasks that have failed.
Note: Administrators can grant users permission to see the System Activity page by clicking Settings > User Management, and checking "View Account Activity."
Security Audit
The Security Audit page provides information about all the security-related actions that have happened in your account. The user activity that is displayed includes:
- Backup deleted
- User deactivated
- Settings changed
- Sign-in success or failure
- Permissions changed
- Notifications.
The page includes the date of the event, the type of activity, the service involved, the status of the activity, the account performing the activity, and the description.
The Security audit table can be exported as a CSV file by clicking Export.
Note: Administrators can grant users permission to see the Security Audit page by clicking Settings > User Management, and checking "View Security Audit Page."
Managing Your Account Settings
The Settings page provides you with tools to control both your account and the accounts of users whose external credentials are linked to your account. The Settings section consists of the following sub-sections:
- Account
- User Management
- Security
- Notifications
- Integrations
You can find more details on each of the Settings pages below.
Account Settings
This page allows you to change the name of your account and the email address. You can only change the Data Center Location by contacting CloudAlly support. Finally, this page also allows you to terminate your account.
To update or change your account details:
- From the Navigation Panel, click Settings and then click Account . The Settings > Account page is displayed.
You can update the Account Name and/or Email.
Note: If you change your email address, you will receive an email sent to your new address for confirmation. The new address will not become active until it is confirmed.
Click SAVE. The following screen will appear. If you did not receive the confirmation email, click Resend Email Confirmation
Canceling Your Subscription
To cancel your subscription:
- Check the box for "I approve the removal of my data from CloudAlly" field and click REMOVE ACCOUNT.
- The Are you sure? pop-up window is displayed with a confirmation request.
- Click YES to confirm the cancellation.
Note: To prevent mistaken deletions, there is a grace period of 7 days after your account is terminated. After the grace period, if your account is not reactivated, all data from all your backups will be deleted.
Adding a New User
System Administrators, both those who logged in to CloudAlly with a username and password, or with Microsoft credentials, can add new users.
Click + Add new user to create a new user and start the configuration procedure for that user, or the pencil icon to edit an existing user’s settings.
- Enter the new user's email address.
- Select the Authentication Type: Azure, Email, Google+, or Okta.
- Select the permissions role for the user. Selecting the role “Administrator” enables permissions to all services and operations. Or, you can selectively choose which permissions to grant from the list of services:
To save changes, scroll to the bottom of the page and click SAVE.
You will be returned to the Settings page. To complete the process, the user must confirm their email address using the link sent via email. This is a security measure, which ensures that the user's email address is valid.
The link is valid for 24 hours. If they did not confirm within this time period, or did not receive the confirmation email, click Resend Email Confirmation.
- Update your password
- Set up two-factor authentication
You can also enforce certain security policies for your users’ accounts.
- With the Enforce Two-Factor Authentication option, you can make two-factor authentication mandatory for all the users in your account.
- By setting the Password Expiration, you can enable the password expiration option for all your users – you will be also be asked for the number of days before the users’ passwords expire.
Changing Your Password for Credential-Based Authorization
You can change your existing account password by performing the following procedure:
- From the Settings >Security page, in the Personal Password Policies panel, click Change Password.
- The Change password pop-up is displayed.
- Enter the current password in the Current Password field.
- Enter the new password in the New Password field.
- Re-enter the new password in the Confirm New Password field.
- Click SAVE. You can now use this password to access your account.
Two-Factor Authentication
Two-factor authentication provides additional security to your account and your backup data.
To enable two-factor authentication:
- Click Activate 2FA. The Two-Factor Authentication page is displayed.
- Download an Authenticator app, depending on your platform.
- Open the Authenticator app and add your account by scanning the QR code provided in the web application.
- If you cannot use a QR code, then enter the text code provided in the web application.
- A six-digit code is generated.
- Click NEXT.
- Enter the 6-digit code that the application generated.
- Click ENABLE to complete the process of activating the Two-factor authentication.
From now on, every time you sign in to your Account, you are asked to enter a 6-digit code from your authentication app, after you click SIGN IN. Click VERIFY to verify the code and access the application.
SAML
The Security Assertion Markup Language (SAML) is an open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP).
CloudAlly supports Okta as its SAML provider.
There are two steps to setting up Okta so that you can use it to log in to CloudAlly:
- Setting up CloudAlly in the Okta Application
- Setting up Okta in the CloudAlly application
Setting up CloudAlly in the Okta Application
- In the Okta application, click Applications > Applications > Browse App Catalog.
- In the search bar, enter CloudAlly.
- Click the arrow next to CloudAlly SAML 2.0, and Assign to Users or Assign to Groups.
- Click CloudAlly SAML 2.0, and on the next page, click the General tab.
- Scroll down until you see the App Embed Link section. Copy the URL that is displayed - you will need this to set up Okta in the CloudAlly app.
Setting Up Okta in the CloudAlly Application
- From the Homepage, click Settings in the Navigation panel.
- On the Settings page, click Security.
- Click the SAML tab.
- Paste the URL that you copied from the Okta site.
- Click Activate.
- Read the "Are you sure you want to activate SAML Authentication with Okta" message in the next window, and click Confirm.
After clicking Confirm, the Activate state changes from Email & Password: Active to SAML: Active.
IP Restrictions
Need fine-grained access control of your endpoints? You can restrict access to the Portal based on the users' IP addresses. This is especially helpful to enforce security policies and prevent unauthorized access by limiting backup/restore requests to company-approved IP addresses, such as an office IP, or a particular VPN.
Setting Up IP Restrictions
To enable IP restrictions in your account, first create the list of trusted IP addresses.
It is strongly recommended to use this feature only if you have a static IP address, to prevent users from being locked out.
- In the Settings panel, click Security, and then IP Restrictions.
- Click + Add IP Address.
- Enter one or more IP addresses:
- Enter individual addresses separated by commas, and an optional description.
- Or, enter a one or more ranges of contiguous addresses, and an optional description. Multiple ranges could be used to accommodate VPN and internal networks.
- Once you enter at least one address, the Trusted IP Addresses toggle will be turned on. You can always return to disable IP restrictions later on.
You can edit your list of addresses by clicking the pencil icon, or delete ones that you no longer want on your trusted list by clicking the trash icon.
Note: If you forget to include your own IP address on the trusted list, IP restrictions cannot be enabled.
Your CloudAlly account is now protected from access by users who are not on your list.
Blocking Access
If a user tries to access your CloudAlly account from an untrusted IP address, the following "access denied" error message will appear:
Email Notifications
Whenever you enable or disable IP restrictions, or modify the addresses, CloudAlly will send you an email notification, letting you know what has changed.
Notifications Settings
This menu option enables you to manage your system notifications.
From the Navigation Panel, click Settings > Notifications.
The following screen will appear:
The top of the screen enables you to configure the following options:
- Report Format: Backup tasks overview vs. backup failure details
- CSV Attachment vs. Download Link
- Report Frequency: daily, weekly or monthly
- Send the report only in case of backup failure
To set up a new recipient:
- Click + Add new recipient.
- Enter the Email of the recipient and the Display name. The Display name is used in the report email to address the recipient.
- Select the desired notification types:
- Summary Report
- Recovery Notification
- Exceptions Notification - This notification is sent both when there are backup errors and integration errors. (For integration information, see Preface.)
Note: If no one is configured to receive Exception Notifications, then they will be sent to the Primary account user.
- Auto Discovery Notification
- Smart Alerts
- Click SAVE to create the new recipient.
Integrations
The Integrations page displays all of the available integrations to external services and systems, with an option to connect either as a self-service, or by calling Support and providing additional details. The page also includes details about the REST API integration with an option to generate API tokens.
The following types of integrations may be configured on this screen:
- SIEM (Security Information and Event Management)
- RMM (Remote Monitoring and Management /PSA (Professional Services Automation)
- API - enables integrating with the CloudAlly REST API.
Splunk
The first available SIEM integration is with Splunk, using the Splunk HTTP Event Collector (HEC).
Versions Supported:
Which Events are Sent to Splunk?
You can choose to send one or more of the following to Splunk:
Note: CloudAlly sends events to Splunk periodically, approximately every 10 minutes.
• Customers’ activity events, such as backups and restores
• Customers’ Security Audit logs (see Security Audit)
Pre-requisite: Setting Up Your Splunk Account
Before you can connect your backup account to Splunk, you first need to establish an account with Splunk and configure the Splunk HTTP Event Collector.
Perform the following steps in the Splunk Admin Console.
- Navigate to Settings>Data Inputs>HTTP Event Collector.
- Under the Global Settings option:
- Enable the HTTP Event Collector by setting All Tokens to Enabled.
- Choose json as default source type.
- Check Enable SSL.
- Under the New Token option, create a new token and copy the value - it will be used in the CloudAlly Portal.
IMPORTANT NOTE: Do NOT check "Enable indexer Acknowledgment".
- Find Your HEC URL.
The standard form for the HEC URL varies, depending on the Splunk software type you have. Find the standard form on this page: Set up and use HTTP Event Collector in Splunk Web.
- Verify that you have set up an SSL certificate issued by a commonly accepted certificate authority (CA) on the Splunk HEC endpoint.
Setting Up Splunk in the Portal
- From the navigation pane, click Settings > SIEM.
- Click Splunk > Connect. Complete the fields on the following screen:
- Enter the Splunk HTTP Event Collector URL.
- Paste the token value that you copied into the Splunk Token field.
- Optional: Add the Event Source, which is the override value to assign to the event data.
- By default, there are 2 options at the bottom that are selected. You can de-select any that are not relevant for you:
- Send customer activity events
- Send customer audit log
- Click Save. The Splunk tile will now be Active.
- To delete the integration, click Edit > Delete.
RMM/PSA
The RMM (Remote Monitoring and Management) and PSA (Professional Services Automation) page enables you to connect to Autotask.
Autotask is a PSA platform that provides complete visibility over your business with features like dashboards, sales, CRM, assets, inventory, and billing.
Once you have set up your account with Autotask, open a support ticket. Send us:
- Your Autotask ID
- Your Autotask Password
- The email address you'd like your reports to be sent to.
Once the support representative has enabled Autotask, we will send any backup task failure reports to the email address provided, starting from the next backup cycle.
API
The third option on the Integrations page enables you to connect to the CloudAlly API.
CloudAlly has a robust API, that enables you to perform billing management, backup, restore, and download management, Partner Portal management, and user management functions. It enables you to automate processes and integrate with the CloudAlly solution. The API can be used for many common business scenarios, such as exporting the data of customers who leave your company as part of the off-boarding process.
The REST API screen will be blank if you have never created an API key. If you have created one in the past, you will see it on the screen.
Note: The Created On Date is not available for client IDs created prior to CloudAlly release 24.4.1.
The first step towards integrating with our API is generating your own Client ID and Client Secret for authentication. Click +Create key. The Client ID and Client Secret will be generated, so that you can copy them for use in the headers of your API calls.
Ensure that you copy the “Client Secret” before you click Close. If you do not copy it, you will not be able to see it again and will have to create a new one.
If you need to delete your API key, click the trash icon.
Next Steps
Once you have generated an API key, the next step is to call the Authentication API using the Client ID and the Client Secret.
For each user, you need to create a unique access token and refresh token.
The complete list of CloudAlly API calls can be found here.
Managing Subscriptions and Payments
Subscribing to CloudAlly
Once the trial period has ended, you need to subscribe to CloudAlly to access and manage your backups, otherwise your backed up data will be deleted.
To subscribe to a plan:
- Click the Subscribe link displayed in your account. Alternatively, you can click the Billing option of the Navigation Panel.
The Review Billing page is displayed with the option to select either MONTHLY or ANNUAL billing options.
Note: You can subscribe before the end of the trial period, and the payment period will start after the trial period is over.
- Click MONTHLY or ANNUAL, depending on your preference.
You are redirected to the Payment Details page. Fill in the billing and credit card details to finish the subscription process. Refer to Payment Details for more information.
Monthly Subscriptions
When you subscribe to a monthly plan, the credit card that you registered in the Billing > Payment Details page will be charged the amount that you owe.
CloudAlly's billing is handled by a PCI-compliant payment processor.
To finalize your subscription, enter your credit card details and general billing information, and then click Subscribe.
The initial payment will be charged at the end of your 2-week trial period.
A receipt will be emailed to you each month after you are charged.
If CloudAlly is unable to charge your credit card (e.g., because it has expired), you will be notified by email. Additionally, a message will appear in the application that you need to go to the Billing Status page so you can review your billing details, and then update your credit card information if necessary.
Note: The billing status is usually updated within a few minutes after the payment is complete. If the status has not updated after 24 hours, please contact support@cloudally.com.
Note: The monthly payments are processed automatically once you provide the required information in the Payment Details section, and it has been verified that your credit card is valid. To disable automatic payment processing, please contact CloudAlly support. Instead, you will start receiving monthly invoices for the payments.
Annual Subscriptions
When you subscribe to an annual plan, you will receive a confirmation message that your request has been submitted, and then CloudAlly support will send you an email, asking that you confirm your annual subscription request.
Once you have confirmed, CloudAlly will email an invoice to you, payable in 30 days by credit card, PayPal, or bank transfer.
After the initial payment, CloudAlly will send you an invoice 30 days before your payment is due, in 11 months. You will also be reminded that your annual subscription is due online:
Note: The billing status is usually updated within a few minutes after the payment is complete. If the status has not updated after 24 hours, please contact support@cloudally.com.
Should you fail to make your annual payment, you will be reminded with a message like this:
After you finalize your subscription, the Billing > Payment Details page displays additional billing management options and provides a brief summary of the payment information for the current period and the next payment date.
Payment Details
The Payment Details page contains the information used for billing.
Monthly Subscriptions
If you have chosen a monthly payment plan, you can update your credit card and billing details here:
Add New Card
The ADD NEW CARD option enables you to define your card information for a monthly subscription payment.
To create a new payment method:
- Click ADD NEW CARD.
- Enter the card details such as Card Number, CVV, Card holder’s name, and card expiry date.
- Click ADD NEW CARD.
The new card information is saved and activated, and you can use this card.
Change Payment Method
To change your existing payment method:
- Click the drop-down list and select the payment method from the Cards Number drop-down list.
- Click the payment method from the list (the screen shot below depicts choosing a different credit card).
- Click ACTIVATE CARD to set the selected card as the preferred payment method.
The details section displays billing information such as Currency, Title, Name, and Billing email.
- Below, there are more fields in the Billing details section. The Company Tax ID field indicates your company tax ID. (This is mandatory for Israeli companies.)
Note: Due to Value-added tax (VAT), Israeli companies must include their Tax ID. Therefore, the Company Tax ID field is mandatory for Israel, and if this field is not completed, our company will not be able to provide you with backup services.
- Update the required fields. The fields marked with the * symbol are mandatory.
- Click UPDATE BILLING DETAILS.
- The updates are saved.
You can choose whether you want to receive the Invoices or Receipts as a link or as an attachment to the email.
Note: You can change the billing currency by contacting CloudAlly support.
Annual Subscriptions
If you have chosen an annual payment plan, you can update your billing details here. When you are done, click SAVE.
Billing Status
Annual Subscription
When you have paid your annual subscription, this page displays the next payment forecast for the upcoming payment date. The details include Service type and backup name, Quantity, Unit Price, and the Total Amount.
When your subscription amount becomes due, the Billing Status page displays the following information:
- Issue date - the date the invoice was issued
- Status - Paid, Due or Overdue
- Due Date - the date by which the invoice must be paid.
- Effective Date - the date the subscription period begins.
- Total Amount - amount owed.
- Download Invoice - Click this to download a PDF copy of your invoice.
- Email Invoice - Click this to send an invoice to your email address.
- Pay Invoice - Click this to directly pay the amount owed online.
You can click Pay Invoice, and you will be directed to the following screen, where you can pay your invoice via PayPal or by credit card:
Monthly
Similarly, if there was a problem with your monthly subscription payment, the status will look as follows:
From here, click Update credit card details and provide the new information.
History
This page displays the history of payments.
By clicking on the reference number, you can download the receipt, which provides details about the number of backed-up accounts or the amount of stored data, and the total amount paid. It also displays the payment method used.
An example of a receipt is displayed below.
Billing Notification Messages
Administrators can define whether individual users will see the Billing Notification Messages on their screens (e.g., Payment Due, Payment Overdue, Payment Failed).
To turn notifications on or off:
- From the Navigation Panel, click Settings > User Management.
- For an existing user, click the pencil icon next to the user's name.
For a new user, the notification options will appear when you define the new user's details. - Click View billing notification messages on or off.