Disaster Recovery is a set of processes, policies and procedures that resume or maintain critical IT infrastructure in case of errors. Until recently, only the largest players on the market could afford such solutions. Currently, thanks to the increasing access to the cloud DR solutions (Disaster Recovery as a Service), the situation has improved significantly and more and more providers offer stable and optimized platforms. Therefore, even medium and small organizations can afford such implementation and use of it on a daily basis.
DRaaS - an opportunity to secure your data
DRaaS has a lot to offer, both to companies that are looking for a complete DR environment, as well as those with a low tolerance of the environment recovery time. In case of a cloud solution, the average downtime from the failure occurrence to the start of the backup center (RTO) is significantly reduced.
When choosing Disaster Recovery solutions, pay attention to two parameters: RTO (Recovery Time Object) and RPO (Recovery Point Object).
The first one determines the time from the moment of failure to the full system launch in the Disaster Recovery Center. The RPO parameter determines the maximum acceptable time between the failure occurrence and the full completion of copying data to the Disaster Recovery Center.
The offer of DR solutions in the cloud is extremely rich, but most of them are similar to each other in terms of cost structure and RTO parameter. The offer of each supplier is mainly differentiated by the RPO parameter and it should be the key factor in the search for a customized solution.
Undoubtedly, the cloud gave small and medium-sized enterprises (which so far have not invested in protecting their business mainly for financial reasons) a chance for access to solutions recently reserved only for large companies. In smaller enterprises the problems of data loss or lack of business continuity may be much more noticeable than in large corporations.
Big players are less likely to damage or lose data due to guarantees and contracts they have with hardware suppliers, better solutions for access protection, firewalls, redundant systems, HA, etc. Therefore, small companies that have not had sufficient funds to implement the professional solutions will undoubtedly be interested in equalizing opportunities by using DRaaS services. DRC solutions, as well as those localized in the cloud and in data centers, are intended primarily for those organizations that cannot afford reputational or financial losses due to inadequate data security or, in worst case scenario, loss of confidential information.
Does DRC in the cloud have the benefits only?
The biggest advantage is, as always in the case of cloud solutions, money. DRaaS is a non-investment and low-cost solution that has the potential to revolutionize the cloud services market. When you decide to adapt a cloud solution, your fixed fee will include the machine/server and the storage space used. Additional costs are added only in the event of a failure when the system has to recreate our data. You are charged for the maintenance of operating virtual machines, and you pay for the time they have actually been used, nothing more.
Additionally, DRaaS means no commitment to either the provider or the period of time when the service is running. By using DRC services in the cloud, only the service provider is responsible for ensuring the availability of the application and our data. In case of any doubts about the quality of the services offered, it takes only a few minutes for one supplier to be replaced by another. We are not limited here by any long-term contract.
Remember that this is not a flawless solution: due to limitations resulting from legal regulations (eg KNF or GIODO regulations), the use of DRC services in the cloud may be impossible or limited. Additional restrictions may arise from the fact that the DRaaS service must be standardized to a certain extent, which means that the client may have slightly less freedom in choosing the equipment and its configuration. Furthermore a backup data center is not very different from the DRC services offered in the cloud. Both solutions use the same technology and similar hardware solutions.
DRaaS and a comprehensive data protection strategy
As modern technologies spread, the security issues should be the priority for every CEO. Every company, from the smallest to global corporations, experiences errors once in a while. There is no company with equipment, platforms or security that are 100% effective and up and running 24/7. It’s okay if there are short breaks, for example during upgrades or repairs, but what if everything goes down, making it impossible to work not for two or three hours, but for a few days or even weeks? When can you really be sure that your systems are safe?
Still the most widely used data protection in the companies are regular backups. Note that the backup itself does not solve the problem of downtime. During the backup of our data, we focus primarily on moving it to a designated place and downloading it when needed. At the moment of failure of your critical systems, every minute counts, there is no time to think about where to get an additional server to place a backup database on.
One of the most important principles of a good DRC and business continuity plan is a process including appropriate policies and procedures in the company that are regularly tested. It is a guarantee that in the event of a failure everything will work flawlessly, and every employee will know what they are responsible for and whom they must immediately notify.
Diversify the risk, even if you are already in the cloud!
There are no perfect solutions that never break down, there is only a well-diversified risk. If you are already in the cloud, it does not mean that your data is comprehensively secured. The risk can be lowered by choosing to use two independent geographic locations where the security will be placed: one for your production environment, the other for DRC solutions. You can choose one center in Europe and the other in the United States.
A very common solution is to build DRC in clouds delivered by different service providers or at a local Data Center. Remember that even the best solution will not work if you do not regularly test the system against failures, make security audits which can guarantee that your company will return to full functionality without any interruptions.
Małgorzata Zabieglińska-Lupa is a product manager at Comarch, a provider of advanced IT services and software
For more insights from Comarch, download a free white paper here