There are a number of reasons why organisations consider Disaster Recovery as a Service (DRaaS). We take a look at the top five:
As businesses have grown through either acquisition or organically, the requirement to deliver discreet or industry specific applications that enable market leadership in their chosen field has also grown. In nearly all cases these applications require the data to be protected for the purposes of recovery and compliance, with specific technologies being deployed to ensure all these needs are met. Over time this creates a complex environment that becomes challenging to manage just to ensure data is protected across the entire environment, let alone recovering this data when an incident occurs. This can lead to all number of issues, multiple technologies requiring multiple skills sets to recover, the greater the complexity the greater the cost of managing the solution and the higher the risk that you will not be able to meet the businesses expectations around recovery and compliance. Over time, multiple solution are implemented to meet specific data protection needs. DRaaS should remove multiple layers of technology and the complexity associated around this, in two ways. Firstly, working with a service provider that has the capability to provide data protection for multiple endpoints whilst using a single platform. Secondly, through the capability to integrate a number of technology platforms that may be required in order to deliver against your specific business needs.
Improving recovery point and recovery time objectives
As businesses change and move towards a 24x7x365 operation, every application needs to be ‘always on’ and users and the business become less tolerant of downtime. The commoditization of IT for personal use has created a misconception that high availability of applications like email are very easy for IT to deliver to the business. This misconception has led to the expectation that it is simple for key applications to also be available day or night. In reality minimizing data loss and improving uptime are very challenging to deliver if you also need to ensure you have a compliant environment. DRaaS providers should be able to define and implement a solution that delivers the improvements that the business wants and expects for these key applications by blending technology and more importantly, experience. You should expect DRaaS to be able to integrate multiple solutions that meet your specific RPOs and RTOs, delivered to you as a fully integrated service with defined SLAs around recovery.
Traditional approaches to data protection and recovery lend themselves towards a manual process which on a day to day basis is time consuming. In most organisations this traditional approach also exposes the business to the risk of both data inconsistency and worst of all, data loss. Data inconsistency can be caused through poor integration between the software and hardware layer of a data protection solution and data loss can be associated with the transportation of physical tape media between your primary site and either a second location or off-site to a third party tape storage provider. There have been many cases over the years, of tapes just ‘going missing’ which, whist inconvenient to some organisations can be extremely costly to those that have to adhere to any regulatory compliance. In using tape to protect data you also run the risk that specific data could be overwritten if you employ a very aggressive tape rotation policy. It’s almost a given that any DRaaS provider will be employing disk technology to facilitate the ingestion of data, whether that be backup or replication. Taking this approach removes the manual intervention of the old tape-based approach and can employ intelligent software that can conduct data consistency checking, to ensure that your data is recoverable. In most cases, data will be transmitted over internet or dedicated comms links to remove the need and the risk of transporting data in a physical form off-site. DRaaS should also deliver deduplication, compression and encryption to ensure data is moved off-site quickly, efficiently and securely.
If your organisation has to adhere to any form of regulatory compliance, whether that be FCA, SOX, HIPAA, Basel II etc., this requires a significant investment in people and process. One of the biggest challenges of any organisation is to ensure that specific data types are kept for the right amount of time and disposed of at the end of their lifecycle with a full audit trail. In most cases due to the limitations of technology, businesses just keep everything forever for the avoidance of doubt. This approach is not only inefficient but as the business grows and data grows, it becomes unmanageable for IT to provide both data protection and compliance. Data security is also a top priority for regulated businesses so off-siting backup data on tape media needs to be secured through high levels of encryption which adds another layer of complexity to the day to day data protection solution. There are many DRaaS technologies that can automate much of the processes and requirements detailed above. As an example, many cloud backup platforms offer the ability to set specific data retention policies for different data types within the same backup job, ensuring that you only store relevant data for as long as is needed. Many also have the ability to ‘park’ data required for long-term retention in a separate data store based on policies you set. A key feature to look for with any solution where compliance is a core requirement, is the automation of encryption whilst the data still resides within your network and remains encrypted in flight and at rest.
One of the biggest challenges with data protection is being able to recover. In many instances, the only time we ever check that our data is recoverable is when we test our DR solution or worse still, when we have a disaster. For every organisation that has a DR solution in place, only about 50% ever test which begs the question how do the 50% that never test or have a disaster, know they can recover? In many cases it’s a ‘fingers crossed’ approach where it is more hope than expectation that recovery is possible. The focus has always been protection, rather than recovery and ironically, DRaaS is seen as the answer to our recovery prayers. If DRaaS is the answer to our prayers, then surely the first question to ask your prospective DRaaS provider is to demonstrate how they ensure they can recover your data. This demonstration of data recovery capability should take a two-pronged approach. Firstly, an automated data consistency checking tool that ensures that only recoverable data is stored offsite. Secondly, regular annual or bi-annual testing of the entire DRaaS solution to confirm that your current needs are met and that any changes required can be made to keep your recovery plan in line with your business objectives.
Take a look at Daisy’s DRaaS portfolio here. [ctaBanner]To speak to someone about Disaster Recovery as a Service call: 0344 863 3000[/ctaBanner]