Thursday, November 5, 2015

Disaster Recovery Plan: Using Cloud


A disaster recovery plan helps an organization protect its data in the event of a natural disaster, unplanned downtime or other negative events. As cloud adoption grows, cloud computing is becoming one of the most popular enterprise options for disaster recovery. Cloud-based disaster recovery can involve a simple file back-up in the cloud, or a complete replication in standby mode ready to take over production duties.

When implementing a cloud disaster recovery (DR) plan, organizations must consider a range of factors, including providers, management and security.

These frequently asked questions will help you decide if cloud DR is right for your business, and how to set up a successful blueprint for your DR strategy.

How do I get started with a cloud disaster recovery plan?

A cloud DR plan is key to control costs during downtime and quickly and efficiently restore data. Not having a cloud DR plan is like being stranded without a map and not knowing where you are or how long it will take to get back home.

Before mapping out your plan, look at your DR budget to see what you can afford. Then identify and prioritize data, services and applications into three categories: critical, important and ancillary. Find out how long these services and applications can be down before it negatively impacts the business. When devising your plan, make sure it is possible to restore data in multiple situations, including a single system loss, a multiple node failure or a complete main data loss.

What makes cloud DR different from other DR options?

In a cloud DR model, organizations store copies of their data in the cloud. Cloud DR works well with small and large organizations because it reduces the need for additional data center space, infrastructure and other IT resources. When compared to other DR options, cloud DR is generally the most cost-effective. For instance, unlike traditional DR systems, there is no need to worry about power and cooling costs. Additionally, organizations only have to pay for the resources they consume. Because the cloud offers remote management capabilities, cloud DR can also reduce recovery time.

How should I choose a cloud DR provider?

Due to high demand, there are more than 170 disaster recovery as a service (DRaaS) providers. These providers manage the activation and recovery of virtual machines in the cloud. The most popular service providers are Amazon Web Services, Microsoft Azure and Google, but smaller vendors have also entered the race. Large DRaaS providers, however, often have a broader range of DR services than smaller vendors. For example, larger providers might allow you to choose the region in which your data is stored. The downside to choosing a large provider is the cost; users typically pay for the storage they consume, along with bandwidth and storage I/O. Smaller vendors are often cheaper and offer more flexibility in pricing, which might be a better fit for smaller organizations.

When choosing a provider, evaluate the services they offer and if they fit your needs. There are many DR services to choose from, ranging from simple data recovery to virtual machine mounting to full disaster recovery within the service provider's data center. In addition, ask potential providers critical questions about their DR services, such as the percentage of customers they can support during a regional disaster.

How do I make sure my cloud DR environment is secure?

Security is crucial in any DR plan. Companies often fail to address how their normal security controls will fare during downtime. The last thing a company wants to experience is a security breach alongside a recovery situation. Security and incident response are tied together in the sense that the more security controls a business implements, the more efficiently it can respond to data breaches, malware or even a natural disaster. To make sure your DR plan is secure, test your environment and use vulnerability scanning tools. Additionally, ensure your recovery site has updated antivirus and firewall protection. If using third-party recovery, keep in mind that it may be multi-tenancy, so make sure your access controls are protected.