CHALLENGES
EōS Fitness CIO Aaron Gette knows what’s at stake when a business runs on uptime. As the leader responsible for leveraging IT to fuel growth for the rapidly expanding U.S. fitness franchise, he oversees an ambitious plan to dramatically scale the company's location footprint from over 175 clubs to more than 500. This rapid expansion through acquisitions introduced complexity that outpaced existing protections.
Aaron and his team faced three interconnected challenges across cloud, SaaS, and identity environments:
1
Existing backups fell short as its Azure footprint scaled–missing the immutability and local air-gapping needed for compliance and ransomware resilience.
2
M365 Protection Gap solely dependent upon native retention policies with no visibility into sensitive data.
3
Identity protection had not kept pace with growth, leaving Entra ID without a dedicated recovery solution.
OUTCOMES
With Rubrik in place, EōS Fitness now has the cyber resilience foundation it needs to grow with confidence:
Sub-2 Hour Recovery Objectives:
Slashed cloud RTO to hours from undefined state; M365 recovery reduced from 71 days to on-demand granular item-level restore; and Entra ID recovery compressed from weeks to hours to a clean state.
Accelerated Cloud Migration:
Streamlined the acquisition of new clubs by enabling the rapid, secure ingestion of legacy data into the governed Azure tenant with automated protection policies.
Preserved $120M+ in risk avoidance:
Gained potential cost savings with the possibility of meaningfully lower cyber insurance premiums.
Single-pane-of-glass management:
Simplified operations for a lean IT team managing a high-growth business.
Backed by Rubrik’s 24/7 Global Ransomware Response Team:
Gives the board and investors the confidence that cyber risk is actively managed.
Securing the Foundation: Identity and On-Premise Resilience
Aaron partnered with Rubrik to deploy a unified data security platform across cloud, M365, and identity to replace fragmented point solutions with a single pane of glass and a consistent recovery strategy. And as the business scales toward 500 clubs and beyond, the platform is architected to grow with it, with future-ready support for on-premises and multi-cloud environments already built in.
Cloud: Rubrik replaced Azure’s native backups with natively immutable, air-gapped backups via Rubrik Cloud Vault, ensuring clean recovery from known-good copies that live entirely outside production. Deep integration with Azure Resource Manager (ARM) allows Rubrik to protect Azure VMs, Managed Disks, and SQL databases with app-consistent snapshots. This allows EōS to leverage Azure’s global scale while maintaining a 'Security Cloud' architecture that keeps recovery data logically isolated.
M365: With 5,000+ users depending on the platform daily, the stakes of relying solely on native retention policies were unacceptable, as data was at permanent risk of loss after just 14-90 days, and a full recovery would have taken up to 71 days. Rubrik eliminates that exposure with full and incremental backups across Exchange, SharePoint, OneDrive, and Teams–with granular item-level recovery and automated policy enforcement. By leveraging Rubrik’s Data Discovery, Aaron’s team can automatically identify sensitive PII within OneDrive and SharePoint, mapping directly to Microsoft Purview Information Protection labels to ensure a holistic security posture.
Identity: With Entra ID relying on nothing more than the recycle bin, a compromised identity environment would have meant weeks of manual work to reconnect 25 mission-critical applications–effectively locking every club out of the tools they need to operate. Rubrik Identity Resilience provides the critical 'safety net' for Microsoft Entra ID, protecting the 25+ mission-critical Enterprise Applications and complex Conditional Access policies that power the EōS member experience. What previously took weeks of manual rebuilding now happens via automated, point-in-time restoration.