We’ve written before about how the rise of disaster recovery as a service (DRaaS) has fundamentally altered the disaster recovery (DR) landscape. Whether you view DR as a vital part of running a business or a complicated drain on resources, DRaaS has made the whole affair cheaper, easier to administer and accessible to a greater number of businesses.
But is there still a place for more traditional approaches to DR in an age of as-a-service IT? Here, we look at some of the advantages and disadvantages of DRaaS in comparison to its forebears.
Cost of DRaaS
First, a simple one: a common reason organisations struggle to implement (and test) effective DR plans is the cost and resource overhead involved. DRaaS allows them to implement DR without a significant capex spend, or even the opex spend of keeping a secondary environment live 24 hours a day (as their DRaaS environment won’t need to be available round the clock).
That’s not to say DRaaS is an opportunity to skimp on investment in DR - after all, it’s still important to build resilience and redundancy into your DR plan, no matter who owns the infrastructure or where your backups live - but it’s difficult to argue it’s not a more attractive proposition in terms of cost to benefit.
Ease of use
In the same way, DRaaS is easier to implement and easier to invoke than most traditional approaches to DR, which tend to be more demanding of an organisation’s personnel in terms of time and technical ability (with logistical hurdles to solve and a host of challenges to overcome when restoring backups to a live environment).
In turn, this makes a DR plan predicated on DRaaS much easier to test - and testing is a vital component of a DR plan that actually works.
Security of DRaaS
However, as with any cloud solution, some organisations may have objections to DRaaS on the basis they lose control of where their data lives (whereas a more traditional approach to DR would see them assume total responsibility for their backups and ownership of their DR environment).
Even today, it’s not uncommon for this to be interpreted as a security or compliance risk (as it becomes more difficult to ensure data sovereignty when your servers are in the hands of a third party) - so there’s value in getting assurances from your DRaaS provider over where your data will live, whether the security controls in their data centre (or data centres) are sufficient, and so on.
The issue of control also extends to vendor lock-in. If you implement DRaaS and wish to switch vendor or take your DR back in-house later down the line, this will be dependent on whether your DRaaS provider is willing and able to supply your backups or snapshots in a format you can use elsewhere.
As with the above, this is an objection that can apply to other cloud solutions, too - but in the world of DR, where supplier diversity can be key to an effective DR plan, it’s all the more relevant.