Why you can’t let disaster recovery slide off your IT budget in 2017


As we welcome in the New Year, we are already seeing multiple blogs prognosticating 2017 trends, setting priorities and suggesting resolutions. We are also rapidly approaching the 2017 budget cycle. I am sure you will read many articles concerning new plans or resolutions for the coming year, but this one will be about an old resolution: IT disaster recovery (DR).

When disaster strikes, organisations need to be able to recover IT systems as quickly as possible. Not having a disaster recovery plan in place can put the business at risk of high financial costs, reputation loss and even greater risks for its clients, customers and employees. Despite this, each year business continuity gets cut from the budget and companies continue to fail to invest in DR.

Here are five common objections that continue to dominate the disaster recovery budget discussion and why IT leaders need to refute them:

"It's going to cost a fortune"

Business leaders often assume that disaster recovery is going to break the bank. When thinking about a robust disaster recovery plan, secondary data centres complete with HVAC, as well as second copies of all servers, storage and networks comes to mind. Furthermore, there is a general misconception that systems are sitting idle, just waiting for disaster to strike, and all this is before even considering the maintenance costs involved.

However, having a robust disaster recovery plan in place doesn’t have to mean investing in a secondary data centre. Technology has developed massively in the last few years and there are now a number of different options that enable organisations to minimise the cost of DR without sacrificing the recoverability of IT systems. Cloud-based disaster recovery, often termed Disaster-Recovery-as-a-Service (DRaaS) enables failover of virtual machines to secure cloud locations. Often billed by VM or by TB of storage, DRaaS provides the flexibility to only pay for what you need. Having an on-demand pricing model means the costs are therefore remarkably low. With DRaaS, organisations do not have to sacrifice the ability to fail over in a time of need and are also gaining the benefits of security and compliance within the cloud platform. In most cases, it has now become a lot more cost effective for organisations to invest in DRaaS rather than building and managing a secondary data centre.

"But I have backup down the hall"

Some businesses may argue they are covered in case of disaster because they have a robust backup system in the form of an on-site server. If you back up each day to this, then surely you do not need DRaaS?

However, backup ‘down the hall’ is not immune from a localised disaster and additionally, should disaster strike, restoring data from back up takes hours, if not days. DRaaS is about minimising downtime. With DRaaS organisations can restore operations quickly (often in minutes or even seconds) and in a highly automated fashion. It can also be tested in advance so that if and when an issue does arise the infrastructure can be recovered at the push of a button as the failover system has been fully tested and proven.

The difference between back up and DR is significant and both can co-exist happily in a secure and compliant business continuity strategy.

"We don't get bad weather!" 

With headlines focusing on big natural disasters, many believe that if they live in a region with generally good weather, they are exempt from the danger of an outage. This is a false sense of security, however, as the ‘disaster’ in disaster recovery doesn’t just refer to natural disasters caused by weather events.

Outages are increasingly more likely to be the result of human error or malicious attacks – just look at the increase in ransomware attacks we’ve seen on businesses over the past year. Organisations are also susceptible to power outages, upgrade problems or bad coding.

Incidents such as these are completely out of an IT team’s control. It is therefore vital that there is a robust disaster recovery plan in place to be able to recover when the inevitable happens.

"We don't have outages" 

This objection is for the most part unrealistic. Generally, people do not like talking about outages. Usually it is not a case of an organisation not experiencing outages, it is more likely that these outages do not get fed back to senior leadership.

Whilst some smaller outages may go unnoticed and leave a business moderately unscathed, over the course of a week, a month or a year downtime adds up and ultimately becomes expensive, having an unplanned effect on revenue. In addition to this, downtime can impact reputation, customer loyalty and employee productivity.

When it comes to outages organisations need to be more transparent in their approach; utilise the data on outages, attacks, maintenance windows, patch and upgrade problems that exist in your IT department to implement a reliable and effective DR strategy.

"We can handle a little downtime" 

The final objection is ‘we don’t need a robust DR plan because we can deal with a few minutes of downtime’. Businesses may question how much downtime will really impact the business and argue that since all their systems are not customer facing, it isn’t the end of the world.

However, downtime can actually have a very significant impact on revenue. In the last decade, our expectations as consumers and IT end users have changed. We expect everything instantly and business is increasingly conducted online. As a result, people are more sensitive to an interruption in service and having even a few minutes downtime could have a massive impact on customer loyalty, not to mention bottom line revenue.  

The impact of downtime is tremendous. A 2016 survey conducted by Opinion Matters on behalf of iland showed that, for 69% of respondents, downtime of only minutes would have highly disruptive or catastrophic business impact. Additionally, Gartner has reported that 72% of firms had to use their IT disaster recovery plans, in its 2015 Business Continuity Management survey, and estimates in their 2016 Magic Quadrant for Disaster Recovery as a Service that the DRaaS market will nearly triple in the next three years to a revenue point of $3.4 billion by 2019.

A robust disaster recovery strategy is vital to running a successful and secure business. If any of these five objections have influenced your decision to invest in a business continuity plan, it may be time to reconsider. Without an IT disaster recovery plan, you run the risk of incurring serious business losses through outages, hours of downtime, lost data, and negative impact on reputation. Make 2017 the year that DR is put firmly back in the IT budget. 

Related Stories

Leave a comment


This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.

Diptim Jones
5 Jan 2017, 6:08 a.m.

The DRaaS provider will be responsible for providing business continuity in the event of a disaster to ensure critical business functions continue uninterrupted. Businesses rely on the DRaaS provider to implement the plan correctly and meet the RTO and RPO objectives. So choose carefully!
Here is the recommended whitepaper on Disaster recovery Services:


14 Jan 2017, 10:32 p.m.

Great article. In midsize and larger organizations, you find quite often that the backup is handled by a system, server, or network administrator and that DRaaS and continuity and availability are the responsibility of the CIO or IT manager. Backup is funded at a lower level; DRaaS often gets pushed out. But backup is like a wheel on a car - important but only one component of an overall continuity plan. I work for a company (Unitrends) that offers all-in-one backup and continuity - and sadly what we see quite often is that CIO's have their job threatened by not having continuity plans - when in fact next generation vendors exist who offer both backup and DRaaS with "one throat to choke." For more, http://www.unitrends.com/products/cloud-services/unitrends-disaster-recovery-services


7 Apr 2017, 11:04 a.m.

Nice article Monica. You seem to have covered the typical opinions of few organizations that usually do not take backups and DR seriously, than they should.
As almost all the organizations are sensitive towards outages, there are two aspects that every organization should consider -
Backup and Recovery
This helps recovering the critical servers/data from a fault at local data center (Could be as simple as server crash or applying incorrect destructive command etc).
Backups can be restored to facilitate point in time recovery as per the scenarios and requirements.
There are number of enterprise backup tools available that can facilitate backups like - VM Level (Complete VM snapshot), File Level (Specific file, folders), System state (OS backup), DB backups (Complete DB + Transaction Logs).
Organizations can decide the backup tool, backup type, retention period etc depending on the nature of applications being hosted.
Business Continuity
This helps to ensure that the business critical applications are not impacted because of a disaster situation at production data center.
DR tools help to keep the production data replicated to the DR site and the DR environment can be brought online in order for business critical applications to continue.
The DR tools can be decided based on the MTO (Maximum Tolerable Outage) or in other words RTO (Recovery Time Objective) that the organization is looking at.
Despite of the importance of having a DR solution in place, many organizations tend to skip this arrangement due to the amount of investment involved.
A simple solution to this could be subscribing for DRaaS (DR as a Service). There are many service providers like Velocity who offer DR solution as a service - meaning that such providers host DR site, manage replication and fail-over of the business critical systems in case of a Disaster scenario.
As they say - DR provisioning / Business continuity planning is like an insurance. One gets to know its importance in disaster scenarios.
Here;s a quick link to check