How do I select a DRaaS solution for my business?
It has become crucial nowadays, besides having all necessary protections implemented within your system, to also have a disaster recovery plan ready in case an attack occurs. A Disaster-Recovery-as-a-Service (DRaaS) solution comes in handy since it’s handled by the service provider.
Having all the data assets safe and protected in a third party cloud computing environment allows organizations to avoid downtime which could negatively affect businesses and their reputation.
To select a suitable DRaaS solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
Markus Bauer, Senior Technology Evangelist, Acronis
Whether your organization is an SMB or it is a large global enterprise, losing critical data can cause massive damage. Every business is dependent on IT and data nowadays. Choosing the right disaster recovery software or service could mean the difference between success and failure should something happen.
There isn’t a one-size-fits-all disaster recovery solution. Disaster recovery solutions are all different and certain aspects should be considered to ensure it’s the right fit for your business and needs. This includes things like destination options:
- Local data center: With this, business-critical data is stored off-site in a physical location but recovering from a disaster can take days or weeks. This is also the most expensive option because you need also to consider the “environment” cost like power and cooling.
- Cloud: Cloud-based disaster recovery is the most cost-effective, flexible and scalable option. Cloud disaster recovery allows an organization to keep entire environments ready, reducing the recovery time from a business disruption or outage to minutes or even seconds.
- Hybrid: This option provides the greatest degree of flexibility, keeps costs down, and meets any regulatory and compliance needs.
There are pros and cons to each one, which is why it is so important to evaluate which is best suited for your business. Also, please keep in mind, backup is no Disaster Recovery.
Peter Groucutt, Managing Director, Databarracks
The main question to answer if you’re looking for a DRaaS solution is “what does ‘as a Service’ mean to me?”
It might mean consuming the resources on a pay-as-you-go basis. There are some DRaaS providers that provide access to the technology on a pay-as-you-go basis but leave the management and recovery up to you.
It could also mean a fully managed service where your provider monitors the service to make sure you’re always fulfilling your recovery service-level agreements (SLAs). In a disaster invocation, you call your provider and they recover everything for you.
Self-service DRaaS inevitably costs less, but we think there are times when it really pays to have an expert help you.
When your car breaks down, you want a mechanic, when there’s a medical emergency, you want a paramedic. When you have a major IT incident, you want Disaster Recovery experts who deals with recoveries every day.
If you have a ransomware attack for instance, there’s an enormous benefit in having someone handle it who has done multiple recoveries already.
Disaster Recovery is ideal for outsourcing. It’s repetitive, specialized and requires a pool of skilled experts to be called into action as needed. You don’t need to rely on it often but when you do, it has to go right.
Radhesh Menon, CPO, Datto
Given the role the cloud has taken with backup and recovery, DRaaS especially, the criteria for the cloud itself becomes front and centre. Public vs. private? With a public cloud you have to be the administrator which spans everything from initial definition to making sure the data is safe and secure. On top of the administrative overhead, there are the compute costs associated with the cloud which could vary greatly depending on storage and compute costs.
Purpose-built private clouds can offer the advantage of providing all-in-one features, meaning they can both serve as the backup repository and they can be used for DRaaS. Since the vendor builds and maintains the private cloud there is no administrative overhead, and when it comes to security, private clouds often include security features such as multi-factor authentication, immutable backup files that cannot be corrupted or deleted by malware and many other security layers that would be hard to duplicate in a “build-your-own” public cloud scenario.
Last but not least is cost, where a private cloud solution is generally included as part of an all-in-one BCDR solution and has a predictable cost model, public cloud costs can be unpredictable and variable in nature.
Rajiv Mirani, CTO, Nutanix
Selecting the right DRaaS solution can be a daunting task for IT teams, but when done right, frees up resources for other business priorities. It is crucial to select a solution that protects your data and applications while meeting compliance requirements, enabling infrastructure flexibility, reducing total cost of ownership, and performing non-disruptive DR testing.
Compliance should be top of mind for IT teams which is why meeting SLAs for RPO and RTO is critical to minimize downtime and data loss. It is also important to remember that needs might change as a company grows, so a solution should give organizations the flexibility to expand their DR and cloud footprint as their business needs grow.
Lastly, although not specific to DRaaS, it is also crucial to select a DR solution that allows IT teams to properly and easily test their failover system without disrupting business operations. The alternatively often leads to companies sporadically testing their systems, leaving them unprepared for disaster and feeling less confident. Simple and consistent testing is key to enabling business continuity and peace of mind.
W. Curtis Preston, Chief Technical Evangelist, Druva
With massive amounts of data generated each day, the impact of data loss from a ransomware attack, human error, or system failure, can be crippling. A reliable DRaaS solution will be the difference between your company surviving – or ceasing to exist the moment a failure happens. When beginning your search, start by assessing the following criteria:
Air-gapped by design: The only way to mitigate the risk of data loss is with a solution that can offer a digital air-gap. This will ensure that there is no way someone who gains access to your production environment can also remove or modify your backups. It will be critical for protecting against ransomware.
Instant one-click recovery: Enabling recovery when a disaster happens should be possible with a single mouse click. Ask your potential DR provider how long it will take from when you declare a disaster till the moment applications are up and running, and users are able to log in.
Automated testing: It’s important to know whether your solution is configured correctly before you have to use it. The only way to achieve that is through frequent testing. Go with a solution that offers automated testing – it won’t disrupt day to day operations, and you don’t need to rely on IT personnel to manually check system configurations.
Chris Rogers, Technology Evangelist, Zerto
Disaster Recovery (DR) is one of the most vital parts of any IT organization. Understanding the need for DR and being able to deliver an effective and robust strategy can feel miles apart. This is where DRaaS has revolutionized this industry.
DRaaS enables organizations to become DR specialists overnight with the help of a service provider, and enables OPEX spending rather than having large CAPEX investments.
SLAs and metrics
Ensure that your choice of DRaaS provider can meet critical SLA’s such as Recovery Point Object and Recovery Time Objective. These will be critical in defining success in a DR scenario and may be the difference between a minor disruption and irreparable damage to a company.
Choose an operating model that fits your requirements. This may be a fully managed service, a self-managed offering, or somewhere in-between. Understanding your organizational requirements and potential gaps will help you to evaluate different DRaaS offerings and find a perfect match for your DR strategy.
Don’t assume it is just for worst case scenarios. See if you can use the service for additional use cases such as patch testing, vulnerability scanning or even burst capacity. These additional ways of utilizing the service will enable organizations to get more out of the money they spend on DRaaS.
Ahsan Siddiqui, Director, Product Management, Arcserve
DRaaS is usually delivered based on a service-level agreement (SLA) that allows you to choose the specific structure you need to meet your disaster recovery (DR) plan thresholds and requirements. This needs to include your recovery time objective (RTO) and recovery point objective (RPO).
Your DRaaS solution should let you customize your cloud storage to fit your needs, whether your IT environment is small and simple – or big and complex. You should be able to easily control your cloud settings and count on predictable monthly pricing.
Also essential is ensuring your DRaaS provider can offer guaranteed uptime. Maximizing uptime to virtually 100% requires a highly distributed and fault-tolerant disaster recovery cloud. This means you can be certain that your data will be there when you need it and you can scale quickly and easily as your needs grow.
An important feature to check for when assessing DRaaS is the ability to recover quickly and seamlessly; so, check for a one-click failover feature that lets you configure the sequence, order, and recovery timing for each mission-critical system, and gives you the ability to start a site-wide failover process (or test) with the push of a button.