Building a Cloud-Based Disaster Recovery Plan

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail,” and research by FEMA suggests that many businesses may be falling into this trap. In fact, nearly half of small to medium-sized businesses will never reopen after a disaster and that number rises to 90% if they don’t reopen quickly.  However, 70% of these same companies know that any loss of data will impact their business. So where’s the disconnect? 

For many businesses, the disconnect comes from a failure to prepare. Some statistics suggest that more than half of small businesses have no disaster recovery plan, yet 96% of businesses have experienced some kind of data loss or outage in a 3-year period. In short, some kind of data loss or disaster is pretty likely in the business world, prevention and incident response teams can mitigate this risk, yet many businesses fail to consider a cloud-based disaster recovery plan.

Quick Links

What is Disaster Recovery?

Disaster Recovery is a collection of tools, processes, and resources, used to identify, mitigate, and recover from interruptions of key IT services due to a disaster, either natural or man-made.

Natural disasters include things like hurricanes, earthquakes, or floods that may damage a data center. However, other types of disasters can disrupt services such as large-scale DDoS attacks, ransomware or other viruses infecting databases, network failures, cyber-attacks, employee negligence or malfeasance, and so on.

In short, disaster recovery implies there is a plan in place that prepares your organization to restore or recover critical IT data or services should any of these incidents occur. Research suggests that 93% of businesses without a disaster recovery plan are out of business within a year of experiencing a disaster that impacts their data.

Read Also: Colocation Data Centers and the Remote Work Transition

What is Cloud Storage?

Cloud storage is a data storage method where the data is stored on, typically, a hosted server or servers, in a location separate from the business storing the data. Data centers take the responsibility for securing and maintaining the server environment, both logical and physical, to ensure the stored data is accessible by its owner or users.

Why Are Backups and Redundancies Necessary

Why Are Backups and Redundancies Necessary in Cloud Computing?

To start, often backup and redundancy are used interchangeably. While they are connected, they are not the same thing.

When data exists within the cloud structure, it means there may not be immediate access to said data or removable storage. As a result, backups are required. More specifically, backups refer to copies of the data, so that should something happen to the data or the physical location where it is stored, it can be recovered.

Redundancy, on the other hand, has two meanings. There are logical redundancies, which refer to data backups being stored in a safe location (typically separate or multiple data centers), and physical redundancies which refer to the backups for power, cooling, and other hardware. Your disaster recovery plan should include both mitigating and enhancing recovery/restoration.

In short, backups provide copies of data in case it is compromised, stolen, lost, or corrupted. Redundancies ensure that if there is some kind of hardware failure or another disaster that impacts the physical components that store your data, you can continue to access the data you need.

How Can Cloud Storage Facilitate Disaster Recovery?

One of the biggest benefits of utilizing cloud storage is that when it comes to disaster recovery, returning to business functions is faster and less costly.

Let’s talk about savings first. It’s been discussed elsewhere that data centers and cloud services have the capacity to save your organization money as your business doesn’t have to spend on hardware and other IT expenses. One of the ways this pays off is in disaster recovery. More specifically, by utilizing the cloud, you can pay for backups, in multiple locations, and pay only for the space you use rather than investing in everything it would take for you to establish your own multi-site backups.

In the same vein, typically your data center services include their investment in redundancies and security that can protect your data, and that cost is spread out among their clients rather than the investment falling solely on your business.

And, when you need to store more data and add more backup, cloud storage facilities are scalable. In other words, your data center is prepared to grow with your needs in a way that might be cost-prohibitive elsewhere.

Finally, the redundancies above mean you’re also getting superior reliability. When disaster does strike, your data and the resources it requires are protected and your data center partner is prepared to shift services to a backup location. The time you save in being able to restore your services and your data means you’re also preventing further revenue loss, which, in the face of downtime, can be extensive.

Cloud Disaster Recovery Strategy

How to Plan A Cloud Disaster Recovery Strategy

Despite the significant risk and documented costs associated with ignoring disaster recovery, still, 20% of all companies have no disaster recovery strategy. Further, 43% of companies with no plan go out of business while 96% with a plan are able to recover fully. For that reason, it’s in a company’s best interest to develop a disaster recovery strategy, particularly one that leverages the benefits of the cloud.

1. Map and Know Your Infrastructure

Your IT team and/or data center provider should be able to assist you in cataloging all your assets, logical and physical. Not only does this help your plan and prepare, but it also helps you understand the value of what you’re protecting. Finally, this allows you to create a complete picture of potential risks to these assets.

2. Conduct a Business Impact Analysis

Once you’ve mapped your assets, it’s important to understand how losing any one of them (or all of them) will impact your business. In other words, how will business-critical functions be hampered or down if a disaster disables your network?

Specifically, you want to assess your recovery point objective (RPO) and your recovery time objective (RTO). The RPO looks at how long your business can suffer data access disruptions due to a crisis. The RTO looks at how long your network, application, or data access can be impacted before it impacts operations.

These two assessments allow you to determine how heavily you need to invest in disaster recovery solutions. For example, if your business relies heavily upon data for operations and any data loss will significantly impact the ability to perform, investing in both backups and disaster recovery becomes vital. Knowing your RTO enables you to determine how much of your disaster recovery investment needs to be spent on redundancies and multi-site storage rather than focusing on data backups.

3. Create Your Plan

Based on your RTO and RPO, you can now create a plan. There are a few options for you based on the information you’ve gathered:

  • Backup and Restore – The simplest approach that backs up all your data and applications and transfers the data and applications back to your system when needed.
  • Pilot Light Approach – This involves incremental backups and replications of your system within the cloud. This system essentially stays on “standby” like a pilot light in a furnace and, when there’s a failure, the cloud server which has a cached version of your system is activated and users can be rerouted to the cloud until full restoration is possible.
  • Warm Standby – This is similar to the pilot light approach and can significantly reduce recovery time. Rather than backing up incrementally, the cloud servers are always activated and capable of handling your business-critical operations. In the case of a failure, they are scaled up to transfer and handle your full operational load while users are rerouted to the cloud server.
  • Full Replication in the Cloud – This setup means your entire setup is fully replicated on an additional server located off-site. In addition to sometimes handling some of your normal load, should there be a disaster, all users are then rerouted to the mirrored system.
  • Multi-Cloud or Multi-Site Option – This is the platinum-level cloud disaster recovery plan. Much like the full replication, your network will already be utilizing some of the cloud services, possibly in multiple locations already. In case of a disaster, again, all users are rerouted to the servers located in multiple sites where they can immediately scale to meet capacity and with little impact on responsiveness and speed.

4. Find Your Cloud Partner and Build Your Infrastructure

Regardless of the approach you take, you need to find the right data center partner who can help you implement it. In addition to assisting with the implementation, you want to make sure you choose a data center that offers:

  • Exceptional uptime reliability
  • Strict security and regulatory compliances
  • Scalability and capacity
  • N+1 redundancies
  • A variety of connectivity options

Once you’ve identified your partner, work with them on building out the infrastructure you will need to support your plan. While some data centers offer disaster recovery as a service (DRaaS), others work with companies that focus solely on DRaaS and may be able to assist with implementation.

5. Build Your Disaster Recovery Team

Your disaster recovery plan is, or at least should be, a living document. Threats and risks change as do your business assets and operations. Therefore, you need a disaster recovery team to be stewards of the plan and, on a regular basis, need to evaluate and reassess your needs and whether the plan meets them.

Your disaster recovery team should also be ensuring that your team is fully trained and that the plan is tested regularly to ensure it is comprehensive and to eliminate any weaknesses or friction points.

Ruben Harutyunyan

Back to top