The constant stream of headlines devoted to cyber-crime attacks against organisations and businesses should be a cause of concern for many. Last year, the UK experienced its highest rate of cyber-crime to date with a wide range of DDoS attacks, data breaches and system failures. The ones that we know about, because they made headlines, are likely to be only the tip of the iceberg.
Given this state of affairs, it might come as a surprise to learn that a growing number of businesses do not have a disaster recovery (DR) strategy in place. That seems like a large risk to take in 2019 when growing numbers of cyber-criminals are only too keen to wreak havoc on organisations and disrupt their operations.
Especially so when, for nearly every organisation, the true value of its data and IT systems often only becomes apparent when a disaster occurs. In the face of these dangers, the pressure on IT teams to keep services online is becoming intense, especially as they also have to consider how to mitigate the potential downtime from failing infrastructure and natural disasters.
Why businesses need a DR strategy
The responsibility is on businesses to prepare for the unexpected and have a clear idea of how downtime would affect their business, customers and day-to-day operations. The best way to achieve that goal is to have DR plan or strategy in place so that the organisation can mitigate and combat the effects of any event (or disaster) that puts the business at risk and takes services offline. The purpose of DR is to minimise business risk and downtime by continuing operations in the event of a disaster.
A DR strategy defines a series of processes and procedures that ensure an organisation’s sites and applications are restored to normal in the shortest time possible – and with minimal disruption. This is crucial for many businesses, because any downtime can cause financial repercussions, reputation loss and missed SLAs.
The building blocks of a DR strategy
The first place that any business needs to start with a DR strategy is a risk assessment that identifies which systems, applications and types of data are most critical to business operations. Risk assessments and business impact analyses help to simplify the process and move the DR strategy in the right direction. For example, a business that follows ISO 27001 for Information Security Management would include it as part of Business Continuity planning.
Recovery objectives are also important to provide an estimate of how long it takes to get a business back up and running in the event of a disaster. A Recovery Point Objective (RPO) defines the point a business can return to in a server’s timeline after a disaster. With daily backups, for example, the maximum RPO would be 24 hours. A Recovery Time Objective (RTO) sets out how long it takes to recover from a situation such as a full data centre disaster.
Choosing the DR solutions to make it work
A DR strategy is of no value if it doesn’t have the solutions to make it work to the level that the business requires in the event of a disaster. For instance, having a backup of the data doesn’t achieve much if a business cannot afford any downtime at all. There is a big difference in what DR solutions can provide. A simple solution might enable failover within the same data centre to another server, whereas a much fuller solution could involve dual or multiple data centres with DNS failover between them (aka hot disaster recovery).
Cost may be a significant issue in determining the level of DR an organisation can afford to have in place but it’s also important to stress that the cost of downtime if a business does not have the right level of DR could be catastrophic.
Hot DR & DNS failover
One of the most sophisticated DR solutions is “hot DR” which replicates and synchronises an organisation’s entire system architecture, data storage and applications to a secondary data centre. If a disaster occurs, the failover system switches the company’s DNS to the DR Site, enabling the business to continue serving staff and customers. In the event of a catastrophic disaster at the production site, the DR site takes over as the production site.
Managed cloud and DR
One technology trend that has had a significant impact on DR is cloud. By increasing performance and reliability, while lowering running costs, cloud services have made DR more accessible and affordable to businesses. Managed cloud providers are enabling companies to focus on their business and not be distracted by complex IT, enabling in-house IT teams to focus on more strategic activities and providing the infrastructure, data centre and support engineers to run everything for a business.
Greater reliability and availability
The success of managed cloud hosting providers is dependent on ensuring system availability at all times, so they continuously invest in their cloud infrastructure. They work to a ‘no single point of failure’ platform design to ensure business continuity with load balancers and firewalls configured in high availability mode.
Managed cloud providers need to invest in the best hardware and technology to ensure super-fast performance for a customer’s infrastructure and they use high-end data centre facilities for the best connectivity. Reliable hosting solutions also need to build and maintain networks that are very secure and robust.
With so much focus on their own platforms, networks and performance, managed cloud providers are well-placed to deliver the right DR solutions for businesses to minimise risk and downtime. Cloud is helping to make DR more affordable and available for businesses of all shapes and sizes and managed cloud providers are playing a major role in helping to deliver on that proposition. DR is becoming a necessity rather than a luxury for many businesses and cloud is helping to make it more achievable.
Jon Lucas, Co-Director, Hyve Managed Hosting
Image Credit: Dotshock / Shutterstock