What you need to know about disaster recovery in the Cloud
- 09 July, 2012 13:32
While we all know how important it is to have a good disaster recovery (DR) plan in place, many of us still need to get our heads around this. Traditional disaster recovery planning can generally be expensive to implement and this has been a key inhibitor to many CIOs putting DR planning on their organisation’s must-do list.
In most organisations, 80 per cent of DR IT budgets are spent on protecting only 20 per cent of the systems. The result is that 80 per cent of the systems are either sub-optimally or not protected at all.
The advent of Cloud computing technologies, however, is fast changing the way organisations look at disaster recovery. Disaster recovery in the Cloud (a more common term for this is Recovery-as-a-Service or RaaS) can offer organisations an efficient and more cost-effective option while enabling them to have not just their data, but also the entire workload (operating system, middleware and applications) associated with that data backed up in the Cloud and restored quickly in the event of a disaster.
Gartner anticipates that by 2014, 30 per cent of midsize companies will have adopted RaaS to support IT operations recovery, up from a little more than 1 per cent today. Gartner adds that RaaS addresses well-recognised ‘pain points’ in IT disaster recovery management, including the need for frequent recovery-readiness testing and the cost of dedicated recovery floor space and facilities.
What you should know about RaaS
Before delving into RaaS, you should familiarise yourself with two important DR concepts which are:
- Recovery Point Objective (RPO) which is a measure of maximum acceptable data loss in terms of time (minutes, hours, days) and ;
- Recovery Time Objective (RTO) which refers to the target maximum allowable time to recover from an outage.
RPO and RTO relate to downtime and availability in the event of a disaster. For example, an RPO of four hours means that the most recent backup has to be no more than four hours old at the time of an outage; while an RTO of four hours means systems have to be backed up and operational no more than four hours after an outage.
There are typically three types of RaaS models:
- Do-It-Yourself (DIY): Where organisations configure and manage their own DR solution using public Cloud resources
- DR-as-a-Service (DRaaS): Pre-packaged pay-as-you-go recovery services to the Cloud with specified recovery point objectives (RPO)& recovery time objectives (RTO) SLAs
- Cloud-to-Cloud DR: Failover from one Cloud environment to another.
The more common models adopted by most organisations are the DIY or DRaaS models.
One of the fundamentals of RaaS is workload protection. This includes backing up entire server workloads (the contents of a server, including the operating system, applications and data), recovering workloads during an outage, and restoring workloads to their original production locations after the outage. When sourcing for a RaaS provider, always ensure that workload protection is an area that you address. It’s also important that the RaaS provider supports both physical and virtual workloads.
Advantages of RaaS
There are numerous benefits to implementing your DR plan in the Cloud. Fixed per-gigabyte cost and off-site Cloud based storage are just some of the advantages. You can also scale up or down your demand based on your needs. Best of all, the service provider handles the hardware maintenance and backups allowing you to channel your resources to other areas of the organisation. There are cost benefits. With more and more pressure for IT to stretch budgets to accommodate the organisation’s business needs, a RaaS solution could help alleviate the cost issue compared to a traditional DR plan.
Having a RaaS solution means that you will be running your whole DR plan in the Cloud, from replication right through to recovery. In the event of a disaster, you’ll also be able to have a ‘live’ restore back to the repaired data centre.
What you should look out for in a RaaS solution
There are five key things that you should consider before engaging your RaaS provider:
- Reliability: Ensure that your solution is backed by a contractual service level agreement with your service provider. This agreement should include a guarantee on the recovery time and needs to have clear financial clauses.
- Availability of the Cloud: What steps need to be taken if the cloud goes down?
- Security in the Cloud: How secure is your RaaS solution?
- Service assurance: Ensure that areas such as Quality of Service are clearly defined.
- Management: How responsive and efficient is your service provider in managing your RaaS solution?
Australia’s RaaS market is still in its infancy, but this will change with the rollout of the National Broadband Network (NBN). With recent earthquake disasters such as those in Christchurch and Japan, and the bushfires in Australia and the US, knowing that your organisation is able to continue operating with as little downtime as possible in the event of a disaster is key for any organisation.
Steve Stavridis is NetIQ’s disaster recovery expert for Asia-Pacific
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Six Reasons to Empower Your SharePoint Citizen Developers
More and more business applications are being created by “citizen developers” - end users who are not IT developers but who create solutions for themselves and their groups. This white paper explores six reasons to embrace citizen development in an intelligent way that minimises risks and maximises the return on your SharePoint investment. Read now.
Endpoint Security and Virtualisation
Besides form factor, virtual systems are not really that different than physical systems. They both use the same operating systems and applications. They both present users with computing resources such as RAM and hard drives. Consequently, the ability to exploit vulnerabilities in a physical environment will present a significant threat to virtualised environments as well. This paper examines the different endpoint security methods for virtualised environments and presents how Endpoint Protection security provides optimal performance, protection and manageability.
Unleashing the Power of Information
If business-relevant information is not well managed, secured and analysed, it can become an underutilized asset or—worst case—a legal and competitive liability. Nearly all of the IT and business executives who responded to a recent survey recognise this risk, and say they understand the importance of having an enterprise information management (EIM) strategy. Find out more on how to reduce costs, improve competitiveness and avoid risk by making information management an enterprisewide strategic priority.