Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.

Monday, 01 December 2014 10:25

Ten things to consider when looking at DRaaS

Posted By  Mike Osborne

We look at the top ten issues to consider when purchasing Disaster Recovery as a Service (DRaaS) with Mike Osborne, MD of UK business continuity company Phoenix

Every organisation has data protection challenges, whether it’s cost, complexity, risk, compliance, data growth or all of these.  Many backup solutions are made up of multiple applications that focus primarily on data protection and not speed or practicality of recovery.   This approach requires multiple skill-sets to recover, and is reliant on all those skill sets being available at the time of a disaster.  It’s also not just servers, but desktops, or laptops, or mobile devices – and not just local infrastructure but also reaching into the cloud - a data protection strategy has to deal with all of those end points and IT strategies, firms really need to implement a consolidated approach.

Traditional large-scale data recovery is time-consuming, usually manually intensive and potentially error-ridden when it comes to recovery. There is commonly a mismatch between the recovery timescale the business believes IT can deliver in a recovery situation and what is actually achievable – often IT have not tested and so are themselves oblivious to the recovery timescale.  Not only that, but businesses are pushing IT departments to improve their recovery time and recovery point objectives (RTOs and RPOs) - without offering investment to support a new data protection infrastructure and strategy. 

Why choose cloud for your data recovery?

DRaaS has the ability to leverage investments made by the service provider to the benefit of many customers through secure shared infrastructure and shared full system recovery expertise, to deliver defined restore SLAs that the IT department can in turn deliver back to the business. 

First and foremost, engaging with a DRaaS provider should de-risk any proposed change to the existing data protection infrastructure through leveraging the service provider’s expertise.  This needs to include firstly, established credentials across the full spectrum of vendor technologies, and secondly, proven specialist recovery capabilities.

Recover faster and more reliably with DraaS

One company who came to Phoenix to see how DRaaS could help, had previously been working with six different data protection solutions.  They explained that in all the tests they had ever done, they had never been able to successfully recover all their data, they had also never met the timescales expected of them.

By choosing cloud delivery RTO times can improve substantially – in one case, recovery time was reduced from 72 hours to just 9 hours.  Others benefit more from the ability of DRaaS to scale from protecting single servers, to thousands of mobile devices – and to scale as their business changes.  For some, the ability to achieve and evidence regulatory compliance and strict data protection criteria is a significant benefit that not only fulfills an obligation, but drives business growth.

Like any Cloud service, DRaaS has both risks and opportunities.  There is a clue in the name, Disaster Recovery as a Service, not Data Backup as a Service. It’s therefore important to select the right supplier and conduct due-diligence to ensure you don’t end up paying a premium for something that when disaster strikes, simply won’t deliver the recovery time and point objectives that your business needs. This isn’t about individual file restores, it’s about full system and ultimately total datacentre recoverability.


Your 10 Point Data Protection Checklist

Before you start you need - at the very least – to get the following points addressed and questions answered by your IT teams and potential suppliers;

  1. How much data do I have? - Weed out duplicate, aged and non-critical data so you’re not protecting the same thing multiple times.
  2. What’s really important? - What applications do you need back first to continue to generate revenue?
  3. What can wait? - What applications and/or data have no impact on initial revenue generation but will be needed at some point for compliance?
  4. Where in my infrastructure is it? - Do you have data in the cloud such as Salesforce.com, Google apps, Office 365 or is it on a corporate or mobile device?
  5. How do I access and secure my data? - When your data is recovered in the cloud, how do you access it securely and how is your data secured in a shared infrastructure?
  6. How quickly do I need to recover? - Do you know the RTO for your most important applications?
  7. Can I recover at all? - How do you ensure that the data protected and stored by your DRaaS provider is consistent and recoverable?
  8. Who will be around to recover my data? - Who’s responsible for recovery and do they have the necessary skill sets required to ensure recovery and resumption of business operations?
  9. How much will downtime cost? - Have you calculated the cost of downtime with your current solution, versus the improvements in recovery time DRaaS would deliver?
  10. When is data loss unacceptable? - How much data can you afford to lose in terms of time (RPO) and from a regulatory compliance perspective, not being able to retrieve old data?


Finally it’s important to understand what you can expect to achieve – be clear about what you require and make sure that the service provider you engage with can deliver on and regularly test those requirements so there is no mismatch between your expectations and what will actually be delivered in a disaster scenario.  If not, you may find that you’ve invested in DRaaS but realise that in a full blown disaster, what you have is a part solution that may also take longer than you expected.  With many firms seeking to adopt DRaaS as a test case for cloud, the consequences could be your business being hesitant to adopt other Cloud based services such as platform (PaaS) or infrastructure as a service (IaaS) in the future, and miss out on the significant benefits such services can deliver.

This article first appeared in the print issue of Cloud Computing Intelligence magazine – Subscribe now to get the latest cloud computing information delivered to your desk .

About  the author

UK Managing Director of Phoenix Mike Osborne began his career in IT in 1986 by 1992 Mike became Operations Manager of the disaster recovery and business continuity unit of ICM. In 1998 he formed part of the management team that took the enlarged ICM Computer Group to a full London stock market listing and became MD in 2007 and in 2008 was voted Business Continuity Industry Personality of the Year.


Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

IBM skyscraper2

datazen side

Most Read Articles