With so many natural disasters in the news this year, many enterprises have thought about their approach to disaster recovery — and whether their plan is foolproof.
The cloud provides many benefits for disaster recovery (DR), and enables an enterprise to safeguard its data across multiple regions. But that doesn’t mean the work stops there. We asked members of the SearchCloudComputing Advisory Board to share their top advice for disaster recovery in the cloud. Here are their responses:
There are many ways to leverage the cloud for DR, so I will focus on one use case: a modern mission-critical application running in the cloud. In this scenario, the most basic advice for DR is to embrace the cloud. Otherwise, you are doing it the hard way.
As you migrate workloads to the cloud, the more modern and cloud-native your workloads and infrastructure are, the easier the DR. Let’s consider both your application code and underlying databases. Whether leveraging infrastructure as a service, platform as a service or serverless infrastructure to run application logic, it is typically not challenging to configure an equivalent DR environment running those same code assets for web servers, microservices, etc. But what about DR for the database? While running your own databases in virtual machines is a very common cloud usage pattern, this makes disaster recovery in the cloud nearly as daunting as on premises; your team plays a big role in tackling DR complexity and operations, including needing access to folks with very specialized skills.
It is better to let your cloud do the heavy lifting for you by using native database services. Whether a relational model, like Azure SQL Database, or NoSQL document or graph-oriented, like Azure Cosmos DB, or equivalents on other cloud platforms, you can configure the database through the cloud platform to do the DR for you with a few mouse clicks — or with a DevOps template. These services offer sophisticated geo-replication capabilities with dozens of remote data center locations from which to choose for your DR sites. In my experience, when people first see this, they think it is too good to be true, but crazy thing is, it’s true. Stop resisting. Use the cloud.
Gaurav “GP” Pal
The recent spate of natural disasters has spurred a number of organizations to mature and think hard about disaster recovery in the cloud and Continuity of Operations (COOP). Cloud platforms are especially well suited to help organizations implement cost-effective DR and COOP systems, given the multi-region spread of cloud data centers. To begin a COOP plan, classify and categorize various information assets into critical, high, medium and low, with regard to their criticality in supporting business operations. Once the services have been classified, cloud-based services can readily help meet the availability requirements for the full stack as appropriate.
For example, if desktop services are needed, then Amazon WorkSpaces, amongst others, provide “desktops in the sky.” To avoid data loss, back up corporate data, including essential financial or customer data, to durable storage services like Amazon Simple Storage Service, Glacier or similar offerings. Cloud platforms also allow the creation of cost-effective DR environments using concepts like cold DR, pilot-light DR or hot DR. These variations allow organizations to find the right balance between money and level of continuity needed in the event of a disaster.
There are many approaches to disaster recovery in the cloud, including data backup, infrastructure/network recovery and security. The one piece of advice I give is to outsource DR functionally to a security operations center (SOC) a managed security services provider to protect data, infrastructure and communications integrity. Companies like Accenture, CyberHat’s Cyrebro, C&W Business and Deloitte provide extensive SOC services that enable both security and recovery services in the event of a disaster.
I am a fan of SOCs because their one job is to protect their customers from threats both outside and within the organization. SOCs understand the physical location of critical systems, where data resides and what safeguards need to be put in place to eliminate disaster proactively, and in many cases stop it before it occurs. Unlike most cloud service providers (CSPs), SOCs focus on mitigating risk and protecting data and systems in the event of an attack or disaster, whereas CSPs look at uptime and business continuity as their crucial measure of success.
From a cloud DR perspective, it is essential to understand what your risks are and identify the top considerations of DR within your business. These include, but are not limited to:
- preventing downtime and time to recovery;
- data integrity/mirroring to reduce data loss; and
- infrastructure and data security controls to ensure you have the right systems in place to withstand a disaster.
DR plans must be at the forefront of your cloud strategy and most organizations do not have the skills, budget or resources to be successful. That is why it is vital to choose the right SOC provider to protect what matters.