What to Know About DR in the Cloud
March 7, 2024
Cloud, Disaster Recovery, IT Security
It used to be that an organization’s IT disaster recovery (DR) plan entailed simple data backup (on disk or tape) or, budget-allowing, a secondary data center that it could failover to if a disaster occurred. The introduction of cloud DR has expanded the options.
Choosing what’s best for your company requires understanding how the different options work. It also entails evaluating the advantages and disadvantages associated with each. (No surprise: Cloud DR works differently than traditional DR, but both offer benefits that may appeal to various organizations.)
Traditional DR Overview
Traditional DR can be as simple as backing up data to disks or tapes and then manually taking them off-site, where they can be stored until needed. Sometimes, that’s all a company needs.
At the other end of the complexity spectrum, traditional DR can entail maintaining a remote data center (hot, warm, or cold) where data and applications are replicated on dedicated backup servers and storage and can be restored when needed.
The Downsides of Backup
Traditional DR offers numerous advantages — relatively low cost is one of them. It also has its downsides. With simple backup, for example, the backup software and/or backup media can fail. The person responsible for backing up data can make mistakes. The time between data backups can result in lost data.
Tapes or disks stored on-site can be lost if a disaster strikes. Storing backups at an off-site location solves that problem, but an off-site location costs money. It also requires being within a certain distance to mitigate the chance of a disaster taking out both the production and DR sites.
That, in turn, adds to the time required to physically transport media to an off-site location, as well as to retrieve it and pull the information off. In addition, simple data backup doesn’t do anything for apps and system configurations.
Remote Site Issues
The use of remote hot, warm, or cold facilities for traditional DR is often preferred over simple backup. Each type of facility has its own pros and cons.
- A hot site is a fully equipped data center with servers that can be brought online within hours of an adverse event. Choosing a hot site for DR is expensive, but it’s also a great way to minimize downtime and data loss and ensure business continuity.
- A cold site includes the basic, bare-bones infrastructure needed to run a data center but little else. Companies need to supply their own equipment and configure it, which may take weeks to bring online. It’s the least expensive of the options but the most work and may result in the most downtime.
- A warm site provides basic infrastructure but requires some lead time to prepare servers and go online. It costs less than a hot site, but the lead time required may negate the financial benefits.
There are also some overall disadvantages to maintaining secondary sites, and these are not just due to the costs for setup, management, and maintenance. For example, data may have to travel long distances because of the distance between the production and DR sites. That can result in high network latency, creating inefficiencies, low response times, and unhappy end users and customers.
If synchronous replication is needed to meet RPO or RTO, the DR site will need to be in closer proximity to the production site. That requires balancing latency issues with the risk of a disaster taking out both facilities. Staff will also be required to handle the implementation of the DR solution.
Cloud DR overcomes many of the issues associated with traditional DR — and offers additional benefits.
Free eBook: IT Disaster Recovery
How Cloud DR Works
Cloud DR (also referred to as cloud-based DR) is the process of replicating data and apps to a remote cloud location (a data center that provides the infrastructure to support cloud services), where they can be easily restored if your primary site experiences an outage.
With cloud DR, the entire server — including the operating system (OS), apps, patches, and data — is contained in a single virtual server. There’s no need to invest in and maintain on- or off-site hardware. Facility power and cooling costs are also eliminated because cloud DR leverages the cloud infrastructure of a third-party company. The cloud service provider (CSP) is responsible for the infrastructure and what’s needed to run it.
The server can be copied or backed up and then spun up on a virtual host in minutes. The virtual server is hardware-independent, so the OS, apps, patches, and data can be safely transferred without reloading each component. This speeds up backup between locations. Because the cloud is designed for remote management, recovery is faster as well.
Cloud DR also offers redundancy. Cloud DR providers back up data to geographically diverse locations, which helps ensure business continuity even in the event of a widespread disaster. Capacity and performance can be allocated on demand, so you only pay for the resources consumed. This also makes routine testing more practical, helping to ensure the DR solution works when and as needed.
In addition, the cloud makes warm site DR a more cost-effective option. Backups of critical servers can be spun up in minutes on a shared or dedicated host platform. With SAN replication between sites, hot site DR also becomes a less expensive option. SAN replication provides rapid failover to the DR site with very short recovery times, offering the capability to return to the production site when the DR test or disaster event is over.
The Cloud-based Backup Option
Cloud DR can take the form of cloud-based backup. This is an off-site backup to a third-party service provider or to your own cloud infrastructure using cloud enablement technologies or on-site appliances. Multi-site data redundancy is integral to this, as a local data copy can live in an on-site appliance while the enablement technology replicates data to your service provider or your own data center.
The appliances and enablement technologies run continuously in the background of IT operations, eliminating some of the issues associated with manual IT processes. There are no tapes or disks to buy or refresh, and no need to spend hours each week physically managing backups or transporting tapes. Replication is provided as a managed service, making it less labor-intensive than tape or disk backups.
Sufficient bandwidth is required to support off-site replication, which may mean investing in network optimization or replicating less data. While the time and effort needed to transition to the cloud needs to be considered, the flexibility of cloud-based backup makes it easy to move only some of your more critical data to the cloud.
There’s no need to worry that cloud-based backup could open your data streams to breaches from a third party or because of other customers residing in a given data center. Many CSPs build high-level security features into their clouds. Typically, those audited to meet the requirements of the Healthcare Information Portability and Accountability Act (HIPAA), Payment Card Institute Data Security Standard (PCI DSS), and other regulations or industry standards employ security best practices to help ensure data safety and integrity.
The DRaaS Option
Cloud DR can also be delivered “as a service” and is referred to as “Disaster Recovery as a Service” or DRaaS. DRaaS entails a CSP charging a recurring fee for replicating and hosting a company’s physical or virtual servers and providing failover to a cloud environment hosted by the provider if a manmade or natural disaster occurs.
As a managed service, DRaaS — at least as offered by the more reputable service providers — includes proactive monitoring and handling of threats, as well as DR best practices that many companies don’t have the time or expertise to handle. That includes coordinated data restoration testing and frequent alignment of RPO and RTO.
Among the reasons that DRaaS is often preferred over other cloud DR options, such as cloud-based backup, is time. With cloud backups, you can restore data, but it can take hours. You must download the app files from the cloud based on your most recent backup, rebuild, and then compile the data or app. If the app runs, you have restored a clean copy. If not, you must go back to the next recent backup and go through the process again.
With DRaaS, you can quickly stand up and failover in a DR environment. Then, with a few clicks, you can failback. Data can be restored in minutes.
Of course, some companies may be able to tolerate more downtime than others — at least for their less essential apps. With that in mind, more service providers are offering DRaaS “tiers,” which allow you to select the service level that works best for your budget and needs. You can provide the same data protection for mission-critical and non-mission-critical apps but pay based on recovery priority and the resources required.
DRaaS solutions offer several other benefits that make them an attractive option for DR. By employing true continuous data protection, a DRaaS solution can offer an RPO of a few seconds. Apps can be recovered instantly and automatically — in some cases, with a service level agreement (SLA) based on an RTO of minutes.
DRaaS solutions also make it quicker to ensure your backup doesn’t contain ransomware. With cloud-based backup, you must manually inspect the individual files and folders for each backup, find the date when file names started to get encrypted, and then restore the files from a clean backup. The more files that have been infected, the longer the process takes. It’s simpler with DRaaS. Just quickly browse a disk image to determine if the files it contains have been encrypted.
Another advantage of DRaaS is that a third-party provider manages it. That frees your internal IT team from the responsibility. If a disaster strikes, whether a ransomware attack or some other kind of disaster, the CSP immediately puts the DRaaS solution into action and restores your IT systems quickly and seamlessly.
Learn More
Of course, there’s much more to know about DR in the cloud, as well as traditional DR, than can be covered in a single blog. One of the best ways to gain additional insights into these DR options is to talk to a service provider like US Signal. Our solution architects can help you assess your DR needs, discuss options, and architect a solution that will best meet your needs. (They can also integrate DR into other IT solutions as well.) For more information, contact us. Call (866) 274-4625 or email [email protected].
You can also take of US Signal’s free DR resources here.