Steps to Implement DRaaS (Disaster Recovery as a Service)

This blog was contributed by James Demetrius, Tech Guru at TBI. James is an accomplished Solution Architect with over 30 years of experience working with Fortune 100 companies on complex IT solutions, focusing on cloud, colocation, managed hosting and hybrid computing.  

For those that don’t really understand the importance of DRaaS and business continuity, oftentimes the reason is something along the lines of, “We take backups every day.” Although that is a solid practice, backups are not the same as disaster recovery. While taking backups is essential to safeguarding data, those backups need to be moved offsite, away from the place where the compute is occurring, whether that is onsite in a corporate building or a co-location facility. The reason for moving the data offsite is fairly simply: if a disaster compromises the facility—be it fire, flood, electrical or other natural disaster—companies would not want the backups destroyed along with the originals.

For businesses that understand the true meaning and importance of data recovery and business continuity plans, the conversation about DRaaS is a bit different. Companies with a business continuity plan and disaster recovery as a component understand the seriousness of disaster recovery and the essential need for critical business applications to be backed up in order to maintain regular business operations.

The need for organizations to back their data up and have a recovery plan in place is more vital now than ever before. This is evidenced in the news every day with the ever-growing number of data breaches and systems held for ransom by bad actors. The problem faced by most companies is that they lack the resources and skills to perform the needed backups and disaster recovery plans. The value of DRaaS becomes apparent when faced with limited IT resources; it provides a solution that can be implemented easily via the cloud and/or co-location options that are readily available. With DRaaS, firm can opt to take only partial or even no involvement in a disaster recovery solution. Meaning, businesses can assume responsibility of invoking a disaster recovery solution in the event of a service disruption, or they can set it on automatic, enabling the target site to start automatically when an event occurs, allowing for minimal down time.

Once the initial problematic event at the primary site has been resolved, the applications and systems can be returned to their original location on the network and the disaster recovery site will return to standing at the ready if another event occurs that would require it to be live again.

When considering a DRaaS solution, some questions that should to be answered include:

• What impact will it have on my business? What is the potential impact of not having it?
• Why would I need it?
• What problem does it solve?
• What happens if I don’t have a DRaaS plan?
• What does it cost?
• Financial impact
• Reputation impact
• Can my company survive a breach or attack without a DRaaS solution? What is the alternative?

In addition to the above, the two metrics that must be considered include the amount of time it takes to recover and how often a checkpoint for data is taken, known as RTO/RPO (recovery time objective and recovery point objective). Once the RTO/RPO are determined, a business can then develop a business continuity plan which should be invoked in the event of a datacenter outage or malicious attack.

A shorter RTO will have a higher associated cost. With the increased use of cloud computing and the availability of datacenters throughout the world, there are now an abundance of affordable options for DRaaS solutions; in past years, though, businesses were forced to create a second footprint of their datacenter to be used in the event of a disaster or attack. This physical copy of a datacenter is quite costly—from the cost and maintenance of equipment to the duplication of licensing costs needed for two or more sites. Needless to say, DRaaS provides a more cost-effective option for business of all sizes to safely backup their mission-critical applications and data.

Once the need for a DRaaS solution has been established, there are several factors that should be  considered when setting up a disaster recovery site.

1. Where do you want the site to be located geographically? The optimal choice is at least 100 miles away from the primary site and preferably away from known natural disaster areas.
2. Decide what systems need to be restored and the priority of the restoration in the event of an outage or attack. I advise customers to do a thorough assessment and determine which systems are critical to running the business rather than moving all of the datacenter’s systems since each duplicated system will add to the cost of your backup.
3. Determine how to access the systems at the disaster recovery site. How will users access the systems? Some options to access the systems could be:

• Point-to-point connection
• Internet
• MPLS

As part of TBI’s Tech Guru team, I offer my expertise in evaluating business’ current systems as well as their future needs and provide recommendations on the best solutions. The team and I help identify opportunities and offer technical support however we can.

Need help with DRaaS or other emerging tech? Connect with a TBI Solutions Engineer for free through Tech Guidance. Submit a Request a Consultation form.