Technical Review by
Laura Iannini
Public cloud providers operate on a shared responsibility model that does not include comprehensive backup. Third-party public cloud backup solutions provide encryption, versioning, and disaster recovery that supplement the native backup capabilities built into each cloud provider. We reviewed the top solutions and found Datto BCDR, Acronis Cyber Protect, and Barracuda Cloud-to-Cloud Backup to be the strongest on encryption architecture and multi-region recovery handling.
Public cloud backup seems simple in theory: send your data to AWS or Azure and recover when disaster strikes. In practice, you’re juggling hybrid infrastructure, managing multiple cloud vendors, dealing with egress costs that surprise you, and hoping backup data actually recovers when you need it.
You need a platform that covers your entire environment without requiring separate tools for VMs, endpoints, databases, and SaaS. The challenge is that cloud backup solutions vary dramatically. Some platforms prioritize recovery speed but lock you into single vendors. Others support multiple clouds but require extensive configuration. A few claim immutable storage but leave ransomware attack vectors open. Getting it wrong means either discovering too late that your backups won’t restore, or realizing your backup vendor is charging premium rates for egress that wipes out your savings.
We evaluated 8 public cloud backup solutions across platform range, recovery speed, ransomware protection, pricing transparency, and ease of deployment. We evaluated each for how well they integrate with AWS and Azure, handle multi-cloud environments, support complex workloads from Kubernetes to SaaS applications, and manage costs at scale. We also reviewed customer feedback to understand where vendor promises diverge from field experience.
This guide gives you the testing insights and decision framework to select a cloud backup solution that protects your hybrid infrastructure without creating operational headaches or unexpected costs.
Public cloud backup is third-party protection for the data and workloads you run in public clouds like AWS, Azure, and Google Cloud, plus the SaaS apps and on-premises systems around them. Cloud providers operate a shared responsibility model: they keep the infrastructure running, but protecting your actual data against deletion, ransomware, and corruption is your job, and native tooling only goes so far. A public cloud backup platform takes independent, versioned copies of your VMs, databases, endpoints, and SaaS data, stores them securely, often immutably, and lets you recover quickly, ideally without surprise egress charges when you pull data back out.
Public cloud backup platforms protect cloud-native workloads (VMs, object storage, managed databases, Kubernetes) alongside endpoints, on-premises servers, and SaaS apps, typically through agentless, API-based integration with AWS, Azure, and Google Cloud. Policy- or SLA-driven automation enforces schedules, versioning, retention, and tiering, while encryption in transit and at rest, immutable or air-gapped copies, and ransomware detection protect data integrity. The differentiators that matter are recovery breadth and speed (granular object or file restore through instant VM virtualization for near-zero RTO), true multi-cloud support so you can restore across providers, and cost transparency, since egress and per-workload charges can erode the savings of a managed service. When evaluating, weigh workload range against your environment, whether immutability truly resists admin-credential compromise, deployment effort, and the all-in cost including egress and tiering at your data volume.
Here is how the 8 platforms compare on the capabilities that matter most for public cloud backup.
| Product | Best For | Workload Range | Immutable Backups | Near-Zero / Instant Recovery | Multi-Cloud Support |
|---|---|---|---|---|---|
|
Datto BCDR
|
MSP fast cloud-based recovery
|
Windows, Linux, VMs
|
Yes
|
Yes
|
No
|
|
Acronis Cyber Protect
|
Unified backup and endpoint security
|
Broad (backup + security)
|
Yes
|
Yes
|
Yes
|
|
Barracuda Cloud-to-Cloud Backup
|
Hands-off Microsoft 365 protection
|
Microsoft 365
|
Yes
|
No
|
No
|
|
Cohesity DataProtect
|
Hybrid multi-workload protection
|
VMs, SaaS, databases
|
Yes
|
Yes
|
Yes
|
|
Druva Data Security Cloud
|
Zero-infrastructure cloud backup
|
Endpoints, SaaS, cloud, VMs
|
Yes
|
No
|
Yes
|
|
NAKIVO Backup and Replication
|
Multi-platform value for SMBs and MSPs
|
Virtual, physical, cloud, SaaS
|
Yes
|
Yes
|
Yes
|
|
Rubrik Security Cloud
|
Ransomware defense and policy automation
|
Data center + cloud
|
Yes
|
No
|
Yes
|
|
Veeam Hybrid Cloud Backup
|
Established hybrid and Kubernetes coverage
|
Virtual, cloud, Kubernetes, SaaS
|
Yes
|
Yes
|
Yes
|
We evaluated 8 public cloud backup solutions across workload range, recovery speed, ransomware protection, multi-cloud support, and ease of deployment. We combined hands-on testing with market research and customer feedback to validate vendor claims against real-world performance. This guide was written by Joel Witts, Content Director at Expert Insights, with technical review by Laura Iannini, Cybersecurity Analyst, and is updated quarterly. Read our full methodology
Datto BCDR is a software-based business continuity and disaster recovery platform built for MSPs and internal IT teams managing Windows and Linux workloads. We think the 1-Click Disaster Recovery and AI-powered backup verification are the features that set it apart in this category. If keeping client systems running through outages and ransomware events is your priority, Datto sits squarely in that space.
Customers consistently describe backup reliability as strong, with systems running quietly in the background. Alerting integration with Autotask keeps MSP teams informed without constant manual checks, and recovery speed holds up under pressure. Something to be aware of is that customers flag the interface as cluttered when managing many devices and advanced settings. Reporting tools lack customization and require too many clicks to reach detail.
We think Datto BCDR deserves serious consideration if you run an MSP or manage backup across multiple client environments. The multi-tenant Partner Portal and flexible retention options are designed for that exact workflow. Pricing runs higher than some alternatives, so smaller single-site teams should weigh that carefully against the DR capabilities.
Best for MSPs reducing tool sprawl with bundled protection
Acronis Cyber Protect rolls backup, endpoint protection, and cybersecurity into a single agent and console. We think the consolidation play is the real selling point here. If your MSP strategy depends on reducing tool sprawl and selling bundled protection packages, Acronis fits that model well.
Customers consistently praise the unified platform for simplifying day-to-day management. Setup is straightforward, and the interface works well for teams without deep technical backgrounds. Support response times get positive marks across the board. Something to be aware of is that advanced modules like XDR and extended security packs add licensing complexity, and the dashboard can feel overwhelming when managing multiple tenants initially.
We think Acronis is well worth considering if you want backup and endpoint security under one roof without managing separate tools. Channel resellers highlight the straightforward commercial structure and strong vendor enablement. Extended detection capabilities trail dedicated XDR-focused tools, so factor that in if advanced threat hunting is a priority.
Best for teams wanting low-maintenance Microsoft 365 protection
Barracuda Cloud-to-Cloud Backup is a fully cloud-native backup solution built specifically for Microsoft 365, covering Exchange, SharePoint, OneDrive, Teams, and OneNote. We think the hands-off deployment and automatic discovery are the strongest selling points here. If you need low-maintenance M365 backup that stays out of your way, this is designed for exactly that.
Customers give the hands-off daily operation consistently high marks. Alerting and reporting provide enough visibility to satisfy audit and compliance checks without constant monitoring, and the ability to produce backup proof for governance reviews gets called out as a practical win. With that said, the restore experience is where friction shows up. Customers say finding individual files or emails requires drilling through multiple date ranges and unclear folder structures, and restore jobs sometimes fail silently with no error messages.
We think Barracuda Cloud-to-Cloud Backup is a strong fit if your primary need is reliable, low-touch M365 data protection. It removes the complexity of Microsoft’s native retention options and keeps your compliance posture clean. If granular restore speed matters to your team, factor in the navigation friction customers report.
Best for enterprises managing complex, multi-source hybrid environments
Cohesity DataProtect unifies backup and recovery across hybrid environments, covering virtual and physical servers, SaaS workloads, and databases. Cohesity completed its merger with Veritas in December 2024, making it the world’s largest data protection software provider serving over 12,000 customers. We think the Helios management console and near-instant recovery times are the strongest selling points for enterprise teams managing complex, multi-source environments.
Customers report fast implementation times, with some teams backing up within hours of deployment. The Helios interface earns praise for making complex environments manageable without deep training. Something to be aware of is that initial setup requires careful planning in larger environments. Customers also note that the platform does not automatically detect disabled user accounts, so stale protection groups need manual cleanup. Cost runs higher than alternatives, though the consolidation value offsets that for larger deployments.
We think Cohesity fits best when you need unified protection across a sprawling hybrid environment. If your infrastructure spans on-premises VMs, cloud workloads, and SaaS applications, the single-platform approach removes real operational complexity. The Veritas merger strengthens the product roadmap, with AI now embedded in DataProtect for anomaly detection, threat identification, and policy optimization.
Best for organizations going fully cloud-native with data protection
Druva Data Security Cloud is a fully cloud-native backup platform built on AWS that centralizes protection across endpoints, cloud apps, SaaS workloads, and virtual infrastructure with no on-premises hardware to manage. We think the zero-infrastructure model and built-in compliance tooling are the features that justify evaluation for organizations ready to go fully cloud-native with data protection.
Customers praise the deployment experience, with connector configuration and data flow starting without complex infrastructure planning. The single-pane management approach removes the need to juggle multiple portals. Something to be aware of is that initial backups and large dataset restores run slower than local or appliance-based alternatives, since everything travels over the network to AWS. Customers also note that ransomware detection can generate false alerts that require manual tuning.
We think Druva fits best for organizations that want to eliminate on-premises backup infrastructure entirely. The simplified scaling and zero-infrastructure model make it particularly strong for distributed workforces and multi-cloud environments. Druva reports a TCO up to 40% lower than traditional on-premises alternatives through built-in global deduplication and storage tiering.
Best for SMBs and MSPs needing multi-platform backup at a competitive price
NAKIVO Backup and Replication is a multi-platform data protection solution covering virtual, physical, cloud, and SaaS workloads from a single interface. We think the cost-to-capability ratio is the clearest reason to shortlist NAKIVO. If you need reliable multi-platform backup without enterprise-tier pricing, this delivers strong value for SMBs and MSPs.
Customers give the interface high marks for initial setup and day-to-day management. Documentation is extensive, and most teams get backup jobs running quickly. Support is responsive and technically competent. With that said, advanced features require a steeper learning curve and are often locked behind higher-tier editions. Customers also note that real-time replication does not restart automatically after a target system failure, which adds manual overhead for teams relying on tight RPOs.
We think NAKIVO is a strong pick for SMBs and MSPs that need multi-platform backup coverage at a competitive price point. The nine recovery options and flexible deployment give you range without forcing you into enterprise-tier licensing. If you need advanced features out of the box, verify which edition includes them before committing.
Best for security-conscious enterprises prioritizing ransomware defense
Rubrik Security Cloud unifies backup, recovery, archival, and ransomware protection across data centers and cloud environments. We think the immutable architecture and SLA-based policy automation are the features that set Rubrik apart. If ransomware resilience and hands-off protection are your top priorities, the security-first design addresses those requirements directly.
Customers praise the setup and deployment experience, with the interface earning positive marks for core backup and restore tasks. Support quality is consistently rated as responsive and knowledgeable. Something to be aware of is that cost is a real consideration; Rubrik is positioned at the enterprise tier. Customers also note that M365 granular recovery trails some competitors in capability, and teams without prior backup management experience face a steeper learning curve.
We think Rubrik is a strong fit for security-conscious enterprises where ransomware defense and policy-driven automation are non-negotiable. The immutable architecture and zero-trust design solve real operational pain. Budget accordingly; this is enterprise-grade protection at enterprise-grade pricing.
Best for established hybrid environments spanning VMs to Kubernetes
Veeam delivers a hybrid cloud data protection platform covering on-premises virtual servers, public cloud workloads, Kubernetes environments, and SaaS applications including Microsoft 365 and Salesforce. We think the platform coverage and market maturity make Veeam the default shortlist candidate for any hybrid cloud backup evaluation. If you need a single backup platform that spans your entire hybrid footprint, Veeam is the established market leader for good reason.
Customers describe consistent performance and minimal daily intervention once the platform is running. Restorations work well, and the tool integrates cleanly into existing infrastructure. The sales team gets credit for presenting capabilities honestly, which sets realistic expectations before deployment. With that said, initial setup is where friction lives. Customers flag object selection as confusing and unintuitive, and reporting lacks the granularity needed for detailed compliance needs.
We think Veeam is the safe bet for hybrid environments spanning on-premises VMs to Kubernetes. The combination of platform coverage, vendor transparency, and market maturity makes it a low-risk choice. Kasten v8 strengthens the Kubernetes story with unified VM and container protection from a single platform.
Public cloud backup is metered in several ways, per workload, per user, or by capacity, and egress charges are a recurring concern when pulling data back out. None of these vendors publishes a clear list price in the live material, so model the all-in cost including egress and tiering at your data volume. Contact each vendor for a quote scoped to your environment.
| Product | Starting Price | Billing | Link |
|---|---|---|---|
|
Datto BCDR
|
Contact for quote
|
Via MSP partners
|
|
|
Acronis Cyber Protect
|
Contact for quote
|
Per workload + add-on packs
|
|
|
Barracuda Cloud-to-Cloud Backup
|
Contact for quote
|
Per user, subscription
|
|
|
Cohesity DataProtect
|
Contact for quote
|
Subscription / capacity
|
|
|
Druva Data Security Cloud
|
Contact for quote
|
Consumption-based
|
|
|
NAKIVO Backup and Replication
|
Contact for quote
|
Per workload / perpetual
|
|
|
Rubrik Security Cloud
|
Contact for quote
|
Subscription
|
|
|
Veeam Hybrid Cloud Backup
|
Contact for quote
|
Per workload / subscription
|
|
Once you've shortlisted a public cloud backup platform, these are the steps we recommend to protect your hybrid infrastructure without surprise costs.
VMs, endpoints, databases, containers, Kubernetes, and SaaS should be protected from one console, or you end up running separate tools.
Spinning a failed system up directly in the cloud for near-zero RTO is what keeps the business running during an outage.
Ask specifically whether admin-level access can delete backups, since real ransomware resilience depends on the answer.
If you back up to AWS, confirm you can restore to Azure, and understand the egress cost of moving data between clouds.
Surprise egress charges can wipe out the savings of a managed service, so get the all-in cost before you compare headline prices.
Confirm you can keep backups in specific regions and, where required, in air-gapped deployments with the audit logs to prove it.
Some platforms protect data within days; others need weeks of planning, so confirm whether you will need external help.
Confirm equal support for AWS, Azure, and Google Cloud plus the SaaS apps in your estate, rather than assuming parity.
Detecting an attack and verifying a recovery point is clean before you restore prevents reinfecting your environment.
A backup that completes is not the same as one that restores, so rehearse recovery regularly to confirm RTOs and RPOs hold.
No single cloud backup solution works for every organization.
If you’re an MSP needing 1-Click disaster recovery and immutable backup, Datto BCDR delivers cloud virtualization with near-zero RTOs and screenshot verification that proves backups are bootable.
If consolidating backup, endpoint security, and patch management matters, Acronis Cyber Protect bundles all three in one agent, with straightforward deployment that appeals to less technical teams. If you only need M365 protection, Barracuda Cloud-to-Cloud Backup simplifies deployment with automatic discovery, though you accept tedious restore workflows for that simple setup.
If you need unified protection across on-prem, cloud, and SaaS from one console, Cohesity DataProtect unifies them all, though it runs higher than alternatives and demands careful initial setup. If you want to eliminate on-premises backup infrastructure entirely, Druva Data Security Cloud runs everything as SaaS with fast setup and a centralized dashboard.
If you need multi-platform backup at competitive costs, NAKIVO Backup and Replication delivers strong value for SMBs and MSPs, with advanced features locked behind higher tiers. If ransomware defense and policy-driven automation are your top priorities, Rubrik Security Cloud puts immutability at the center.
For established hybrid infrastructure spanning on-prem VMs to Kubernetes, Veeam Hybrid Cloud Backup is the market leader. Read the individual reviews above to dig into workload coverage, recovery speed, ransomware protection, pricing, and the trade-offs that matter for your hybrid infrastructure.
Public cloud backup solutions are cloud-based data backup services operated by cloud service providers in a public cloud infrastructure. These solutions allow organizations and individuals to securely store copies of their data, applications, and systems in remote cloud data centers.
Typically delivered on a SaaS model basis (with monthly or annual per user billing), public cloud backup solutions provide a secure and reliable way to protect data from various threats, including hardware failures, data corruption, accidental deletion, and cyberattacks.
Popular public cloud backup services are offered by companies like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and numerous third-party providers that specialize in backup and disaster recovery services.
Using a public cloud backup is typically more scalable and cost effective than using a private backup solution or a solution hosted on premises. Some of the key advantages of public cloud backup include:
When implementing a public cloud backup solution, it’s important to carefully plan your backup strategy, choose the appropriate storage class, and consider data retention policies to ensure that your data is adequately protected and recoverable when needed. Key features to consider when choosing a solution include:
Further reading on backup and recovery from Expert Insights — buyers' guides, comparison articles, and platform-specific shortlists.
Joel is the Director of Content and a co-founder at Expert Insights; a rapidly growing media company focussed on covering cybersecurity solutions.
He’s an experienced journalist and editor with 8 years’ experience covering the cybersecurity space. He’s reviewed hundreds of cybersecurity solutions, interviewed hundreds of industry experts and produced dozens of industry reports read by thousands of CISOs and security professionals in topics like IAM, MFA, zero trust, email security, DevSecOps and more.
He also hosts the Expert Insights Podcast and co-writes the weekly newsletter, Decrypted. Joel is driven to share his team’s expertise with cybersecurity leaders to help them create more secure business foundations.
Laura Iannini is a Cybersecurity Analyst at Expert Insights. With deep cybersecurity knowledge and strong research skills, she leads Expert Insights’ product testing team, conducting thorough tests of product features and in-depth industry analysis to ensure that Expert Insights’ product reviews are definitive and insightful.
Laura also carries out wider analysis of vendor landscapes and industry trends to inform Expert Insights’ enterprise cybersecurity buyers’ guides, covering topics such as security awareness training, cloud backup and recovery, email security, and network monitoring. Prior to working at Expert Insights, Laura worked as a Senior Information Security Engineer at Constant Edge, where she tested cybersecurity solutions, carried out product demos, and provided high-quality ongoing technical support.
Laura holds a Bachelor’s degree in Cybersecurity from the University of West Florida.