David Gildea

Best Practices in Disaster Recovery and Business Continuity

Disaster Recovery and Business Continuity

Hope for the best, prepare for the worst, and expect to be surprised. While that bit of proverbial wisdom certainly isn’t new, it seems almost tailor made for anyone dealing with disaster recovery (DR) in the modern world of business IT.

Ensuring business continuity in the face of a natural or man-made disaster may seem like a daunting task. Luckily, today’s cloud-based computing platforms are particularly well suited to meet the DR needs of most businesses. However, the versatile, decentralized nature of the cloud is wasted in the absence of a proper, well tested DR plan and the ability to adapt to changing, often unforeseen circumstances. So in the following article, we'll take a look at some best practices for utilizing the cloud to develop your own DR plan in order to help maintain business continuity during a disaster.

1. Understand The Difference Between Backups And DR

When it comes to disaster recovery, having current backups of your company’s data is essential. But it’s important to understand that simply scheduling regular backups is not enough. It’s merely one component of a much larger process. After all, what good is backup data if you have no means to access it when it's urgently needed? It’s like having an empty fire extinguisher or a parachute with no ripcord.

Disaster Recovery

If and when a disaster strikes, you need a well-tested process in place to quickly retrieve and restore your company's backup data. Otherwise, you might as well not make backups at all.

2. Identify Critical Data And Utilize Cross-Regional Backups

As mentioned above, regular backups are a crucial component of any disaster recovery plan. But as with most things in the IT world, there are always trade-offs between time and money (more on this later). That’s why it is extremely important to identify mission-critical data and applications when crafting a backup strategy as part of your larger DR plan, and choosing how your data will be stored (snapshots, machine images, etc.). This option varies depending on what service you are using (AWS, Azure, etc.), so some research will be required to figure out the best fit for your business.

While choosing what data to prioritize and how it will be stored is critical, choosing where this data is to be stored is equally important. Storing your backups in close geographic proximity to your primary production environment defeats the entire purpose since there’s a chance a large-scale disaster would knock everything offline, leaving you with zero options. To better protect your data, it’s essential to utilize the global reach of cloud computing. Larger providers such as Amazon Web Services (AWS) and Microsoft Azure offer storage in various geographic regions around the world, so make sure your backups are being kept well out of harm's way.

3. Determine Your RTO & RPO

Speaking of time vs. money, it’s also of critical importance to determine your company’s recovery time objective (RTO) as well as its recovery point objective (RPO). Your RTO is the maximum length of time the disaster recovery process can take without inflicting unacceptable monetary losses on your bottom line. In other words, ask yourself how long your company can be offline before it starts hemorrhaging unacceptable amounts of cash.

On the other hand, your RPO is the maximum amount of data loss you are willing to accept as measured in time. The answer to this question determines how often you are willing to pay for backups. For example, if the idea of losing five hours of data due to a disaster gives you a panic attack, you need an RPO of less than five hours (perhaps much less). But if losing five hours worth of data isn’t the end of the world, an RPO of five hours or more might be a good fit. At the end of the day, it’s up to you to run the numbers and see what makes the most sense for your organization.

4. Choose A Specific Disaster Recovery Method And Test For Weaknesses

Now that you’ve determined the specific DR needs of your company, it’s time to decide which specific DR recovery method makes the most sense. While there are many options depending on your preference for saving time or money, here are some of the most common methods listed from slowest/cheapest to fastest/most expensive:

  • Backup and Restore: a simple, straightforward, cost-effective method that backs up and restores data as needed. Keep in mind that because none of your data is on standby, this method, while cheap, can be quite time consuming.
  • Pilot Light: This method keeps critical applications and data at the ready so that it can be quickly retrieved if needed.
  • Warm Standby: This method keeps a duplicate version of your business’ core elements running on standby at all times, which makes for little downtime and an almost seamless transition.
  • Multi-Site Solution: Also known as a Hot Standby, this method fully replicates your company’s data/applications between two or more active locations and splits your traffic/usage between them. If a disaster strikes, everything is simply rerouted to the unaffected area, which means you’ll suffer almost zero downtime. However, by running two separate environments simultaneously, you will obviously incur much higher costs.

In the end, even the best DR plans may run into trouble when faced with the unforeseen problems of the real-world. So once you’ve settled on a disaster recovery method and have everything up and running, it’s extremely important to test its effectiveness. Fortunately, the fact that cloud platforms allow users to create duplicate production environments means testing your DR plan against various scenarios has never been easier. The more you test and retest your DR plan, the better prepared you’ll be in the event of an actual crisis. Remember, an ounce of prevention is worth a pound of cure.

5. Consider The Potential Benefits Of Disaster Recovery As A Service

While disaster recovery is often handled in house, more and more businesses are turning to third parties to implement and maintain their DR plans. Just as insurance policies allow businesses to mitigate the risk of property damage and financial loss, treating disaster recovery as a service (DRaaS) allows companies to focus on core issues while at the same time having the peace of mind of knowing their data is safe. So it’s no surprise that surveys have shown IT professionals who utilize DRaaS are significantly more confident about their company's DR plans than those who do not. And while utilizing a third-party vendor for DRaaS might not make sense for all businesses, it’s certainly an option worth exploring.

By David Gildea

David Gildea

David Gildea is CEO and founder of CloudRanger, the simple backup solution for Amazon Web Services (AWS). CloudRanger’s Server Management Platform offers users scheduling and backup policies to save time and money, while an overall view of the entire server system gives users the most control over their cloud, ultimately providing enhanced disaster recovery management.

With more than 15 years of experience in computer science and software engineering, David is passionate about making the cloud accessible to everyone.

View Website

CONTRIBUTORS

Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) ...
Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...
Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...
Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...

NEWS

email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...
Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...