What Do You Need in a Cloud-based DR Plan?
For a long time, many of the blogs discussing disaster recovery (DR) focused on the “why” of DR plans. The intent was to equip IT professionals with information to win C-suite support for developing and implementing a DR plan.
Next came blogs that discussed the “which” — traditional or cloud-based DR? What’s been missing, however, is the “what.” We know DR plans are essential. We know the advantages and disadvantages of traditional and cloud-based DR and the various use cases for both. But what are the key components a DR solution should have?
The answer to that will vary from company to company. Every business has unique needs, and the choice of traditional or cloud-based DR will make a difference.
In this blog, we’ll focus on some of the considerations for evaluating cloud-based DR solutions.
Vendor lock-in and reliance on proprietary hardware are seldom good things. When you’re at the mercy of a single vendor to provide service, it can be difficult to add new computing resources or move your data. Unexpected costs can quickly add up.
With a flexible, hardware-agnostic cloud-based DR solution, you can freely replicate production environments to almost any DR target site if the underlying hypervisors are compatible. In addition to saving money, a hardware-agnostic solution can help simplify the management of your DR solution.
SLA-backed RTO and RPO
What your company needs in terms of a recovery time objective (RTO) and recovery point objective (RPO) is critical to any cloud-based DR solution you implement. But don’t just take a vendor’s word that it can meet your RTO and RPO.
Insist on a service level agreement (SLA) that addresses how long it will take to restore normal operations in the event of a disaster (your RTO) and how frequently data will be backed up (your RPO.)
Minimal Performance Impact
The more frequent your data is replicated, the less will be lost in an event. But will frequent data replication affect the performance of the production environment? Computing resources are finite, and adding extra load can impact performance and stability. Depending on your situation, a cloud-based solution that only replicates the entire production environment once and then tracks the incremental changes made to it at regular intervals may be the way to go.
Network connectivity and bandwidth come into play as well. Moving large amounts of data back and worth takes up available bandwidth. This can create problems for any services relying on the connection outside of replication, making applications slow or inaccessible if the bandwidth is used up.
Your company’s data is always at risk, even when it’s in the replication environment. That’s why your cloud-based DR solution should include high-level security that covers the replication environment.
In addition to inquiring about the overall security of a cloud-based DR solution, ask prospective solution providers what security best practices they will use to keep your replication environment safe.
It seems like few organizations these days are exempt from compliance requirements, many of which involve DR. Partnering with the right solution provider can help satisfy some of these compliance needs — particularly in the case of those that are PCI DSS or HIPAA compliant. Always insist on proof of compliance or certification, and understand the full scope of what compliance and certification (or validation) mean.
For example, if your data storage and DR needs to comply with Federal Information Processing Standard 40-2 (FIPS 140-2), make sure any cloud DR provider you choose to work with can meet those needs. There’s a difference between being FIPS 140-2 compliant and FIPS 140-2 certified or validated.
FIPS 140-2 certification or validation requires all software and hardware to be independently validated by one of 13 U.S. National Institute of Standards and Technologies NIST specified laboratories. Compliant means some, but not all, of the product has been FIPS validated.
On paper, a cloud-based solution plan might look great. But will it perform in real life? Failover testing is critical for verifying its effectiveness. Any prospective solution should include testing support tools or include failover testing by the provider.
Testing should include various real-life scenarios to help ensure that you have a viable, working solution should you need to use it. This could include testing an isolated fail over of certain workloads or failing your entire production environment over. A good solution provider should be able to understand your business and recommend testing objectives that address your needs.
Testing isn’t the only are where DR support comes in handy. Seek out solution providers that will help with installation, initial data seeding, replication, monitoring, and more. You never know when an issue will arise, so 24/7 troubleshooting assistance from experienced technicians is valuable as well.
Your DR Must-have List
Of course, there are many other considerations in evaluating a cloud-based DR solution. A good way to help determine what you really need is to undergo a DR assessment. US Signal can help with that. For details or to learn about US Signal’s various DR solutions, call 866.2. SIGNAL or email us at: [email protected].