Don’t Recover From A Disaster – Prevent One
Protect your cloud with the right disaster prevention plan
When it comes to the cloud, convenience and reliability have always been two of its most shining traits. According to a recent AT&T report, 62 percent of businesses use cloud services for business continuity – an unexpected but understandable number. Just as a well-performing cloud delivers speed and accessibility when it comes to critical data, its virtualized infrastructure makes it a natural solution for disaster preparedness.
Yet in a year of high-profile outages, many businesses have been taking a second look at their incident response plans. This year alone has seen outages from Amazon, Dropbox, Facebook, Twitter and Microsoft – brands that most of us associate with uptime and reliability. Watching the titans of cloud environments experience failure has left many businesses uneasy.
The cost of even a brief outage can be extreme. Some media outlets estimated that Amazon’s 49-minute outage cost the company upwards of $5 million in revenue. Dropbox’s reputation for reliable cloud storage took a hit when their customers were unable to access their documents for a full 16 hours – the first of two outages this year. The truth is that even minor downtime can impact consumer trust. And irate customers who find an error message in lieu of their social media profiles or shopping carts often vent their frustrations on forums and social networks, further defacing the brand.
The key to preventing this kind of catastrophe: a strong disaster prevention plan, whereby a cloud infrastructure is configured to ensure the continuity of IT services and business processes.
Cloud crisis protection – what level do you need?
Businesses understand the need to keep their cloud-based platforms running and available even in the event of a large-scale failure. Whether it’s an external attack or an internal datacenter or infrastructure issue, the right disaster prevention solution can mitigate downtime and provide critical services. But if you’re like many IT pros, you might not be sure of what level of protection you need.
Typically there are three disaster prevention levels. Choosing the right one depends on your business’s Recovery Time Objective (RTO) and its tolerance level of downtime. Take a look at the practices and benefits of each to identify on the optimal solution for your specific organization:.
Hot/Cold: This configuration covers the basic needs for continuity in the cloud, but also has the longest RTO. A typical Hot/Cold solution would be a single server located in a remote datacenter where file and database backups are shipped and stored on a regular basis. This plan is founded on the premise of having backups on hand with the recovery expectation being 24 or more hours. What this means on a practical level: in the event of a disaster, additional services would need to be brought online and updated, with the data from the backups imported to the new environment. Hosting a notification page during a downtime event is also advisable.
- Ideal business profile: This is generally a good starting point for small to medium business or startups working with a limited budget. If this sounds like you, consider your uptime needs. Can you accept 24 hours of downtime? If your environment isn’t web-facing, such as an internal app, or is a non-critical information website, a disaster prevention plan may be the right option. The primary criteria here is that an outage won’t have a large-scale financial impact on your business.
Hot/Warm: This disaster prevention solution provides a medium RTO, meaning that a full restoration of services can range from minutes to a few hours (depending on the configuration), during which time a baseline of limited services is available. Typically, a Hot/Warm environment consists of a replicated production environment in terms of server count, but with the resources scaled down to minimal levels. This mirror site would be hosted at a remote facility with a mechanism to provide active failover, such as with DNS active/failover products. If your cloud hosting provider has the ability to automatically scale resources on demand, this is even better as the server can grab additional resources as needed when the failover event happens.
- Ideal business profile: This solution can be used for businesses of all sizes, but is especially suited to companies that would like to keep some services available no matter what, while accepting downtime for others. Can your business get by with a backup site that offers a limited number of features while your issue is being resolved? If so, this might be the option for you. But if you require little-to-no downtime, there is a better approach.
Hot/Hot: This is the gold-standard of a disaster prevention posture as it provides maximum failure resiliency and allows for additional benefits such as higher capacity, Geo-Load balancing and fault tolerance. A typical infrastructure would include two or more production environments located in isolated datacenters, with full data replication from files to databases. DNS Traffic Management or Advanced Traffic management platforms can provide both the Geo-Load balancing capabilities and the ability to prevent a failed environment from actively serving traffic.
- Ideal business profile: Companies that can’t afford any impact to their user base. If you require maximum uptime and know that even a brief outage would damage your reputation and sales, then this is your safest option. Even in the event of an attack or internal crisis, your site will stay up with all of its features available and offer a seamless user experience.
While assessing your risk level and uptime needs are essential steps in choosing the right disaster prevention plan, don’t forget to take other basic steps to protect yourself. Making simple changes within your environment can minimize problems down the road, such as replicating files across production environments and avoiding data collision. If your site accepts user-generated content, consider making developmental changes to the application to ensure that no problems or conflicts arise. Even basic changes can mitigate some of the worst repercussions of a large-scale failure.
Finally, remember that the right plan for your business can be accessible from both a budget and implementation standpoint. Intelligent disaster prevention is about preparation – taking the right actions now to avoid costly measures later in the wake of a catastrophe. By acting on the criteria above, you can get started on an appropriate plan to safeguard your environment, your brand and your user experience.
By Dustin Larmier, Senior Solutions Architect, FireHost