--- title: "The Cloud Backup TCO Trap: When Costs Spiral Out of Control" date: 2026-01-08T13:20:00+01:00 author: FAST LTA canonical_url: "https://www.fast-lta.de//en/blog/tco-falle-cloud-backup" section: "Entries: Articles" --- ### The 7 Most Common TCO Traps in Cloud Backup [\#](#the-7-most-common-tco-traps-in-cloud-backup "The 7 Most Common TCO Traps in Cloud Backup") #### Trap 1: Egress Fees at Recovery Time [\#](#trap-1-egress-fees-at-recovery-time "Trap 1: Egress Fees at Recovery Time") Cloud providers charge for data leaving their infrastructure. Storage is priced to look affordable; egress is where margin is recovered. Example estimate: archive-tier storage at around EUR 0.004 per GB per month, internet egress from EU regions at around EUR 0.08 per GB. For a 100 TB dataset, monthly storage costs roughly EUR 400. A single full recovery costs roughly **EUR 8,000 in egress alone**, more than 20 months of storage fees in a single event. Many organisations discover this only during their first real recovery test. Some stop testing entirely to avoid the cost. An untested backup is not a backup, it is a liability. #### Trap 2: The Recovery Test Problem [\#](#trap-2-the-recovery-test-problem "Trap 2: The Recovery Test Problem") Regular restore tests are expected under common frameworks such as ISO 27001 and the risk-management measures of NIS2; in Germany, BSI IT-Grundschutz makes the same demand. They are expensive in cloud environments when data volumes are significant. A quarterly full-restore test of a 50 TB dataset at typical EU egress list rates costs roughly EUR 4,000 per test, around **EUR 16,000 per year just for testing**. Organisations under NIS2 or sector-specific regulation (healthcare, financial services, critical infrastructure) cannot waive these tests. They must budget for them, and most do not at contract signing time. #### Trap 3: The Pay-As-You-Grow Fallacy [\#](#trap-3-the-pay-as-you-grow-fallacy "Trap 3: The Pay-As-You-Grow Fallacy") “Pay only for what you use” is the central cloud sales proposition. It holds at small scale and short timeframes. It breaks at enterprise scale and multi-year retention horizons. Enterprise data growth of 20 to 30% annually is common. A backup dataset that starts at 50 TB reaches around 150 TB after five years at 25% annual growth. Cloud storage costs grow in direct proportion. Egress exposure grows faster, because the volume involved in any recovery event grows too. On-premises costs scale in discrete steps: buy capacity, run it for several years, expand as needed. The curve is staircase-shaped, not linear. Cloud costs grow continuously. The crossover point, where on-premises becomes cheaper on a cumulative basis, typically occurs between year 3 and year 5 for datasets above 50 TB. #### Trap 4: API Call Volumes at Scale [\#](#trap-4-api-call-volumes-at-scale "Trap 4: API Call Volumes at Scale") Every backup operation (incremental jobs, deduplication checks, lifecycle enforcement, integrity verification, monitoring) generates API calls, and providers charge for them. Individually the rates look negligible; per thousand requests, fractions of a cent. For a large incremental backup environment running daily jobs across hundreds of servers, monthly API costs can reach the **mid three to low four digits in EUR**, a figure rarely included in initial cost estimates. #### Trap 5: Support Tier Escalation [\#](#trap-5-support-tier-escalation "Trap 5: Support Tier Escalation") Base support plans do not provide the SLAs needed for production backup. Business-class support at hyperscalers typically costs around 10% of monthly spend with a fixed minimum. For a EUR 5,000 per month backup environment, that is roughly EUR 500 per month, EUR 6,000 per year, for support alone. Premium tiers for mission-critical SLAs cost significantly more. These costs are rarely modelled in the initial TCO calculation. #### Trap 6: Minimum Storage Durations on Archive Tiers [\#](#trap-6-minimum-storage-durations-on-archive-tiers "Trap 6: Minimum Storage Durations on Archive Tiers") Storage tiers optimised for backup impose minimum storage durations, commonly 90 days for standard archive tiers and 180 days for deep archive. Data deleted earlier is still charged for the full period. For backup environments with short retention windows or frequent policy changes (common during restructuring or M&A), early deletion charges erode the cost advantage of archive tiers. #### Trap 7: Compliance Archiving Requirements [\#](#trap-7-compliance-archiving-requirements "Trap 7: Compliance Archiving Requirements") Backup and archiving are different functions with different requirements. Backup protects against data loss. Archiving satisfies statutory retention obligations: across the EU, tax, commercial and sector rules mandate multi-year, often immutable retention (in Germany, for example, 10 years for financial records under commercial and tax law). Cloud backup solutions are generally not designed for audit-proof archiving. Building an archiving layer on top of a cloud backup environment requires additional services, licensing and management overhead. Organisations that conflate the two and try to satisfy both with one cloud solution pay for the complexity of bridging the use cases. --- ### Scenario: Ransomware Attack, Full Recovery from Cloud Backup [\#](#scenario-ransomware-attack-full-recovery-from-cloud-backup "Scenario: Ransomware Attack, Full Recovery from Cloud Backup") A model scenario: a mid-sized enterprise with 120 TB of backup data in an EU-region cloud archive tier. All figures are estimates for illustration. #### The Attack [\#](#the-attack "The Attack") Friday, 18:30: ransomware encrypts file servers, primary storage and backup servers. The cloud backup, stored in a separate account with immutable object lock enabled, is unaffected. Recovery begins. #### The Recovery Process [\#](#the-recovery-process "The Recovery Process") **Step 1: Assess scope and initiate recovery (Friday evening)** Decision: full restore required. Estimated transfer time for 120 TB over a dedicated 1 Gbps line at realistic throughput (60 to 80% of line rate): roughly **34 to 45 hours** of pure transfer time. **Step 2: Egress costs (immediate)** 120 TB at around EUR 0.08 per GB = roughly **EUR 9,600 in egress fees**, incurred at the moment of crisis, with no room to negotiate. **Step 3: Retrieval fees (archive tier)** Archive-tier retrieval at around EUR 0.03 per GB adds roughly **EUR 3,600**. **Step 4: Systems return online (Sunday afternoon)** Total downtime: roughly 42 to 48 hours. For a manufacturer or logistics company with operational costs of, say, EUR 50,000 per hour of downtime, that is **millions in operational losses**, caused not by the backup fees but by the recovery duration the architecture dictates. **Step 5: GDPR notification timeline** GDPR Article 33 requires notification to the supervisory authority within 72 hours of becoming aware of a personal data breach. At hour 42 of a cloud recovery, systems are not yet operational; compliance, legal and communications teams manage the notification in parallel, under time pressure, without complete information. Late or deficient handling risks fines under GDPR Article 83. #### The Same Scenario with On-Premises Backup [\#](#the-same-scenario-with-on-premises-backup "The Same Scenario with On-Premises Backup") On-premises backup on a Silent Brick System with local network connectivity: a 120 TB full restore over 10 Gbps LAN at realistic throughput (800 to 900 MB/​s) completes in roughly **3.5 to 4 hours**. Systems are operational before the Sunday shift begins. The GDPR notification is filed with complete information, well inside the 72-hour window. No egress fees. No retrieval fees. No dependency on internet bandwidth during a crisis. --- ### The Pay-As-You-Grow Fallacy in Numbers [\#](#the-pay-as-you-grow-fallacy-in-numbers "The Pay-As-You-Grow Fallacy in Numbers") A model calculation for a company with 80 TB initial backup data and 25% annual growth, including storage, egress for annual recovery tests, quarterly partial restores, API overhead and business support (all values rounded estimates): - Year 1: 80 TB, roughly EUR 11,500 annual cloud cost - Year 2: 100 TB, roughly EUR 14,400 (cumulative roughly EUR 25,900) - Year 3: 125 TB, roughly EUR 18,000 (cumulative roughly EUR 43,900) - Year 4: 156 TB, roughly EUR 22,500 (cumulative roughly EUR 66,400) - Year 5: 195 TB, roughly EUR 28,100 (cumulative roughly EUR 94,500) By year 5, the annual cloud backup cost approaches what equivalent on-premises infrastructure would have cost to purchase and operate over the entire five-year period. ​“Predictable monthly cost” fails as an argument when the monthly cost is predictable but growing, tied to a data growth rate IT cannot stop. --- ### Recovery Cost and Duration: Cloud vs. On-Premises (Model Values) [\#](#recovery-cost-and-duration-cloud-vs-on-premises-model-values "Recovery Cost and Duration: Cloud vs. On-Premises (Model Values)") - Full restore, 50 TB: cloud roughly EUR 4,000 to 4,500 in egress and retrieval, 18 to 24 hours; on-premises EUR 0, roughly 1.5 to 2 hours - Full restore, 200 TB: cloud roughly EUR 16,000 to 18,000, 72 to 96 hours; on-premises EUR 0, roughly 5 to 7 hours - Partial restore, 50 TB out of 100 TB: cloud roughly EUR 4,000 to 4,500, 36 to 48 hours; on-premises EUR 0, roughly 2.5 to 3.5 hours - Single file, 500 GB: cloud roughly EUR 40 to 45 plus tier-dependent waiting time; on-premises EUR 0, minutes Archive tiers add waiting time before transfer even starts: flexible-retrieval tiers typically need hours, deep-archive tiers up to half a day. On-premises backup removes both the cost and the duration variable from the recovery equation. --- ### Checklist: Questions to Ask Your Cloud Provider Before Signing [\#](#checklist-questions-to-ask-your-cloud-provider-before-signing "Checklist: Questions to Ask Your Cloud Provider Before Signing") If the provider cannot answer any of these with specific numbers in writing, treat the gap as a risk. **Egress and retrieval** - What is the exact egress cost per GB for data leaving your EU regions? - Are there retrieval fees in addition to egress fees, per tier? - What is the realistic throughput for a full restore of our dataset size? **Retention and deletion** - What are the minimum storage durations per tier? - What are the early deletion charges? - How are retention locks priced, and can they be modified once set? **Support and SLAs** - Which support tier guarantees a 4‑hour response for a recovery incident, and what does it cost? - Is there a dedicated incident response process for ransomware recovery? **Compliance and sovereignty** - Are storage, processing and management functions performed exclusively within the EU? - Is your organisation subject to US CLOUD Act jurisdiction? How do you handle disclosure requests? - Can you provide a GDPR Art. 28 Data Processing Agreement covering backup data? **Cost modelling** - Provide a written cost estimate for a full restore at year 1 and year 3 volumes - Model our annual costs at 25% data growth over 5 years, including all fees - Under the EU Data Act, what are your switching support terms and charges today, ahead of the full ban from January 2027? **Architecture** - Does the solution use object lock to protect against deletion, and in which mode? - How is backup data isolated from production credentials? - Can restoration be initiated without access to the primary production environment? --- ### Conclusion [\#](#conclusion "Conclusion") Cloud backup is not inherently wrong. It is a tool with specific cost characteristics that work in specific scenarios and break in others. The organisations most exposed to the TCO traps share a profile: they evaluated at small initial volumes, signed multi-year contracts, and discovered the structural problems as data grew and recovery events occurred. The traps documented here (egress at recovery, test costs, growth acceleration, API overhead, support escalation, minimum retention charges, archiving gaps) are not edge cases. They are predictable consequences of the cloud pricing model applied to backup at enterprise scale. Model them explicitly before signing, and keep your primary backup and restore path on-premises. --- ### Further Resources [\#](#further-resources "Further Resources") → Cloud vs. On-Premises Backup: 5‑Year Cost Comparison (/en/blog/cloud-vs-on-premises-cost-comparison/) → Data Egress Fees: The Hidden Costs of Your Cloud Backup (/en/blog/egress-kosten-cloud/) → EU Data Act: What Changes for Cloud Users (/en/blog/eu-data-act-cloud-nutzer/) → Silent Brick System: On-Premises Backup and Secondary Storage (/en/produkte/silent-brick-system/) → Silent Cubes: Hardware WORM for Audit-Proof Archiving (/en/produkte/silent-cubes/) ### BSI IT-Grundschutz The BSI IT-Grundschutz is a framework developed by the German Federal Office for Information Security (BSI) with standardized security requirements for IT systems — for KRITIS operators, NIS2-affected organizations and public authorities, it is the central reference for demonstrable IT security measures. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/bsi-it-grundschutz) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### Audit-Proof Archiving Audit-proof archiving describes the legally required property of an archiving system that preserves documents completely, immutably, traceably and accessibly at all times — and that this can be demonstrated without gaps to tax authorities, auditors and data protection supervisory bodies. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/audit-proof-archiving) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr)