In IT circles, the term disaster recovery (DR) refers to the complete set of policies, processes and technologies used to ensure an organisation’s critical IT infrastructure can be restored or continue to function following a disruptive event, such as a fire or flood.
This is a complex proposition, so it’s no surprise DR has a reputation as a costly and resource-intensive enterprise. Some of the activities commonly described in a DR plan include the creation of backups, the transport of those backups off-site, incident response procedures, and a regular testing and review schedule to ensure the plan as a whole works as intended.
It’s also no surprise that DR is often put on the back burner, because it can be difficult for organisations to justify a large DR budget for an eventuality that - in the ideal world - will never come about. According to one report, as many as two in five firms (40%) have no DR plans, and the same number (40%) only test their plans once a year.
However, things are now starting to change in the DR world, and this is in part thanks to the emergence of DR-as-a-service (DRaaS).
DRaaS is a DR outsourcing model where an organisation’s servers are backed up or replicated in a third-party environment built on flexible cloud-based infrastructure. The organisation then has the option to switch to this environment if their own IT is knocked offline - so the cost and resource requirement of backing up and then restoring servers is dramatically reduced.
In this guide, we take an in-depth look at DRaaS and how it compares to traditional DR - as well as how it differs from backup-as-a-service (BaaS) offerings - in order to help you understand whether it may be a suitable option for your business. We also describe some of the factors buyers should consider when choosing a DRaaS supplier.
In order to know whether DRaaS or another approach to DR is better suited to your business, it’s first necessary to understand your requirements and budget. From a cost perspective, it’s not always possible to keep your primary and DR environment in perfect sync at all times, so effective DR planning is built around two all-important metrics:
Recovery point objective (RPO)
RPO is the length of time a backup can be considered recent enough to ensure business continuity. If you can afford to lose no more than four hours of data from your email server, for example, your RPO for that system should be set at four hours - and that should be the maximum interval at which you take a snapshot.
Recovery time objective (RTO)
RTO is the timeframe in which a backup should be restored and normal services resumed following a disruptive event. If your RTO for a system is two hours, you have a two-hour window in which to find the most recent backup and restore it to your live environment.
In the world of traditional DR, RPOs and RTOs can present major logistical challenges as they dictate how often you need to create and physically transport backups off-site, as well as what constitutes a suitable location (or locations) for said backups to live. Organisations also have hurdles to overcome in terms of restoring their backups to a live environment within a limited timeframe.
Should a hosted backup or BaaS solution be used, the process of backing up to a remote location will normally be much simpler or even automated (to a schedule that takes RPO into account). However, capacity and transfer speed limitations may have implications for what and how often you can back up. Furthermore, restoring to a live environment can still be a complex and time-consuming process.
DRaaS differs again in that it combines cloud-based backup (or, in some cases, direct server replication) with a pre-built, cloud-based failover environment. This simplifies both the backup and restore process, making demanding RPOs and RTOs less challenging to meet.
It’s not a silver bullet - you still need an effective DR plan in place, and some organisations may be better served by the flexibility and ownership of the more traditional approach - but DRaaS is, therefore, an attractive option if you:
Once you’ve chosen to go down the DRaaS route, before you choose a supplier and software vendor, it’s important to understand how your particular needs will determine the most suitable way to set up and use your failover environment. There are two main technological approaches to DRaaS, which are backup and replication.
Should you take the backup approach, your failover environment will be populated with standby virtual machines and your backups will only be restored to the environment on invocation of the DR plan (either by you or by your provider on demand). This minimises the amount of time your third-party environment is live, which helps to keep costs down, but translates into a longer timeframe between invocation and how soon your failover environment will be operational.
As the name suggests, the replication approach involves more regular synchronisation between your primary infrastructure and your third-party environment in the cloud. This allows you to switch to your failover environment instantly when you invoke your DR plan, but creates a greater overhead in terms of active use of your cloud-based infrastructure.
Once you understand which approach is best for your requirements and budget, you can start to look at specific considerations around which supplier to use for the delivery of your DRaaS environment.
A DRaaS environment is only as reliable as the infrastructure that underpins it, so it’s important to learn as much as you can about the data centre (or data centres) your supplier uses to deliver cloud capacity. This is especially true if you have specific requirements around connectivity that demand your DRaaS environment is hosted in a local data centre, as many disruptive events (including natural disasters, but also network and power outages) can affect a wide geographical area.
Another thing to consider is whether your supplier owns and manages its own data centre infrastructure or relies on third parties, which may introduce their own supply chain risks.
At the same time, using DRaaS should be seen as an opportunity to build more resilience into your supplier base and address any business continuity risks that arise from other supplier relationships (such as the use of public cloud providers). It’s not unheard of for organisations to use the same supplier for both their primary and DR environments, which is a great revenue opportunity for the supplier but also means the end user has all their eggs in one basket.
Find out more in our blog: Should you buy DRaaS from your primary cloud hosting provider?
Looking for a supplier that works with recognised software vendors (Veeam and Zerto are a couple of the best-known in the DRaaS space) will help you ensure your solution is reliable, well-supported, and keeps vendor lock-in to a minimum. Also, don’t overlook the cloud platform on which your DRaaS environment is built, and whether the quality of its management tools will affect the resource requirement of keeping that environment fit for purpose.
Technical issues are always a possibility when invoking a DRaaS environment, so it’s important to factor the cost, quality and accessibility of support into your choice of supplier. For some organisations, a fully managed service may be preferable to a self-service one - so it’s important to check the supplier can offer that.
More generally, your DRaaS supplier should be willing to work together with DR stakeholders from your organisation to ensure they can support the requirements of your DR plan, and that your RPOs and RTOs are met - both during testing and during a legitimate disruptive event.
When considering cost, it’s important to have an accurate idea of how often and for how long your DRaaS environment will need to be made live - whether for day-to-day use, testing, transfer of data or maintenance. A pay-as-you-go model will, for the most part, help ensure you only pay for what you need, when you need it - but it may be cost-effective to pay also for an allowance of time per month for configuration and updates.
The Tier classification system is a useful shortcut, but be aware it won’t tell you the full story about a data centre’s level of protection against power disruption. Look for specific information on UPS redundancy, how power is delivered from the grid, how much time is on the backup generator, and so on.
Look for steps taken to ensure the equipment in the data centre is able to function optimally at all times, including redundant cooling (as well as high-quality containment and air conditioning units), fire protection and on-site inventory of spare parts.
Most data centre outages can be traced back not to equipment failure or even human error, but to poor management of the data centre environment. Evidence of strong and well-enforced policies and processes for personnel working in the data centre should help provide peace of mind your DRaaS environment is in safe hands.
Established in 2007, TeleData has been providing customers with high-quality data centre services for over a decade. From our beginnings as a respected Manchester colocation provider, we’ve continually expanded to offer an ever wider range of services - including cloud hosting, workplace recovery and DRaaS.
Underpinning all of this is Delta House - our independent, ISO27001 data centre. With a police-linked control room, 2(N+N) UPS redundancy, an extensive carrier list and a premium business continuity workspace, we’ve made a name for ourselves as one of the most advanced data centres in Europe - a facility capable of meeting the DR requirements of some of the world’s most demanding firms.