Disaster recovery and backup - and all that is between them
Everyone should back up important or valuable data, whether that data is family photos for individuals or business documents for companies. Individuals may be happy to buy a local hard drive and put it in the attic but for companies where their business depends on their emails or file records it would make sense to have a more robust solution.
Many companies are now backing up their data with cloud vendors. Besides the relative simplicity of this solution, it makes commercial sense to store the backup in a remote location in case the “disaster” doesn’t only strike the main servers but perhaps the entire office or area.
An example of a ‘regional’ disaster occurred in May in Holborn when an underground fire left thousands of employees without power or access to their offices. Backing up from one drive to the other in the same vicinity would have been useless.
It is good practice to back up data, but does everyone also need disaster recovery (DR)? To put it simply, the difference between the two is that a backup ensures there are safe copies of the data, whereas DR typically refers to a solution whereby not only is the data backed up but the company can be up and running within a certain time frame. Backup is just the first component of DR, while a full DR solution will require considerable replication of equipment.
Hopefully, disasters are few and far between and if companies back up their data, to what extent should they worry about the speed of being fully operational if a disaster does happen? The answer would obviously depend on the nature of the company, its needs and budget; but the answer would also depend on the set-up of the company’s primary IT solution. The more complex that arrangement is, the more complex and expensive the DR solution will be.
I would like to explore these considerations in more depth. Firstly, there is the question of balancing between cost and need. No one wants to stop working for a few days, but if the company could survive with patchy IT for a short time while the primary IT solution is being restored, perhaps it is not worth maintaining an expensive DR solution for years in anticipation of the disaster which hopefully will never arrive. If on the other hand, the company cannot survive without continuous IT, then it probably cannot cut corners when preparing for a disaster.
If we were to compare this to bike riders, some will go out for a Sunday spin without even a spare inner tube, while if they are racing in the Tour de France they will have a support vehicle with spares for every part - plus mechanics who will get the cyclist back on the road in no time should anything happen to the bike.
Secondly, besides the balancing of cost and requirement, there is a question of the ease in putting the DR solution into place. When a company manages its own servers, DR becomes a stand-alone project which typically requires an additional vendor relationship, dedicated communication solutions and a complete reconfiguration of the IT infrastructure. However, when a company has 100% of its primary solution in the cloud, then backup and even a variety of DR solutions are simple add-ons.
DaaS and DRaaS
The hosted desktop solution, which provides a holistic cloud service for companies and removes the need for any internal IT management, is sometimes referred to with the acronym DaaS or Desktop as a Service. The idea is that all of a company’s IT needs can be bought on a per-user per-month fee. Similarly, companies using the Hosted desktop can have DRaaS or disaster recovery as a service. Here, too, the company need not worry about DR or the CAPEX outlay, because it is all provided as part of the service.
Let me try to explain using an analogy from another industry. Imagine that you own a brand new Mercedes, but rather than service it at the authorised garage, you decide to use the local mechanic; then you try to go to the Mercedes authorised dealer to rent an equivalent replacement vehicle while your car is in service with the mechanic. This is doable, but it would involve more paperwork, potentially more cost and certainly less peace of mind. If your car is precious, which it is, would you not prefer to outsource the maintenance to an authorised professional dealer which provides a warranty, peace of mind and a replacement car as standard?
Similarly, for your business’ precious IT, using a top hosted desktop provider offers not only peace of mind for all of your primary use, it offers backup and even disaster recovery as standard. Using your fleet of cars should be a pleasant, seamless experience. Why shouldn’t using your IT be the same, particularly if is being managed via a company holding the ISO 27001 accreditation?
If peace of mind can apply to how a vehicle is serviced and generally looked after by its supplier, the same can apply to IT and the cloud. ISO 27001 is the international gold standard for information security management. Accreditation – by, for example, a cloud services provider – ensures that that standard runs throughout the provider’s services - and is a guarantee that all the steps that should be taken to safeguard a client’s information are rigidly enforced. DR and backup, and all that is between them, are covered by the standard.
- » McAfee notes the gap between cloud-first and cloud-only – yet optimism reigns on success
- » How smart cybersecurity solutions are increasingly powered by AI and ML
- » Even if your cloud workloads are complex and data is privileged – it’s still on the customer to secure
- » Enterprises risking data disaster by not fully exploring cloud backup timeframes, research says
- » The importance of securing multi-cloud manufacturing systems in a Zero Trust world