More and more organizations are either using or considering using cloud services as a backup for their data and applications. After all, it's cheaper than building a new data center or purchasing more equipment. However, going to the cloud for backup and disaster recovery is not necessarily a slam-dunk. Here are 10 best practices you should keep in mind if you're evaluating plans to use the cloud as a backup and disaster recovery service.
1: Back up and store seldom-used data on the cloud
Data is now doubling every two years, with some projecting that it will reach 44 zettabytes, or 44 trillion gigabytes, by 2020. At the same time, no one has a firm fix on how much of this data is being actively used by the enterprises that are storing it. If they did look into it, they would likely find vast repositories of data sitting out on farms of hard drives and tape drives that are rarely accessed. Corporate data managers are aware of these stockpiles of seldom used data—but they are afraid to get rid of them because the next request from corporate management could be a long-term trends analysis that could require this old data! This is an area where cloud-based archiving of seldom-used data is a great solution because the cost of stashing it on the cloud is more economical than the cost of internal data center facilities and storage.
2: SMBs: Consider the cloud as your primary backup site for disaster recovery
Unlike many large enterprises, small and midsize businesses can't afford a full backup and recovery solution in their own data centers. In these cases, using a cloud-based service that specializes in full backup and disaster recovery makes a lot of sense.
3: Larger enterprises: Consider using the cloud as a secondary "follow the sun" backup and failover platform
Most large enterprises have their own internal backup and disaster recovery resources—but particularly for multi-national organizations that want full backup and failover redundancy at locations strategically located around the world, using the cloud for at least a portion of these backups and DR sites is a sensible and flexible solution. It also eliminates having to build new data centers and facilities in multiple geographic locations.
4: Revise your disaster recovery plan
It's surprising how many companies fail to update their disaster recovery plans when they outsource an application to the cloud—or even if they determine to use the cloud as a backup and disaster recovery platform. Always include a review and an update of the disaster recovery plan as part of any new cloud implementation, even when it's your private cloud.
See: Power checklist: Managing and troubleshooting cloud storage (Tech Pro Research)
5: Test annually with your cloud provider
If you're using a cloud provider for the hosting of mission-critical applications and/or backup and disaster recovery, DR and failover testing should be conducted annually at a minimum—and this provision should written into your contract with the cloud provider.
6: Carefully review cloud governance
Any cloud provider's security, data safekeeping, privacy and IT policies/practices should be at least as rigorous as your own. If they aren't, you should shop for another provider.
7: Ask your cloud providers for regular IT audit and financial audit results
Part of the due diligence you perform on cloud providers should include regular reviews of their IT and financial performance. Your cloud provider should be able to demonstrate to you that it receives regular and satisfactory reviews of its IT security and performance and that it has been reviewed by auditors and deemed to be in good financial health to ensure its long-term viability as a business partner.
8: Write and review SLAs
A surprising number of cloud providers do not offer service level agreements (SLAs) that guarantee turnaround times for responses to questions, repair of problems, meantime to recovery for disasters, etc. The best way to ensure that you get what you want in these areas is to draft your own set of SLAs that you expect the provider to adhere to and attach this as an addendum to your contract with the provider. As part of the SLA process, some companies also require a quarterly review of SLA performance with the vendor.
9: Develop an IT architecture for the cloud
Many organizations, especially if they are small or midsize companies, tend to adopt cloud as needs arise instead of sitting down to envision what the end-to-end cloud architecture of the company is going to look like in the next five years. When they develop an overarching architecture for all their cloud apps and data, many companies discover that they will need a hybrid cloud that combines services from public and private clouds with resources from their own data centers. If they have an architecture that is fully developed, along with a roadmap that shows which applications are likely to use which cloud and data center services, they can more effectively plan for future expansion—and for how they are going back up and restore their data.
10: Get your IT staff trained in cloud
More training companies and public cloud services providers are offering classes and formal certifications for IT training on cloud technologies. As organizations continue to expand into a hybrid world of public/private clouds and the data center, it will be imperative for IT personnel to obtain formal training in cloud-based services. From a strategic standpoint, you don't want all your cloud expertise in the hands of outside cloud providers if cloud is a major part of your IT infrastructure—especially if you're counting on it for disaster recovery.
- 10 ways to leverage cloud capabilities in 2016
- Cloud data storage policy (Tech Pro Research)
- Clear out dark data to make room for useful big data
- 10 storage trends to watch in 2016
- Master these cloud vendor management IT and people skills
What has experience taught you about best practices for going to the cloud for backup and disaster recovery? Share your suggestions with fellow TechRepublic members.
Mary E. Shacklett is president of Transworld Data, a technology research and market development firm. Prior to founding the company, Mary was Senior Vice President of Marketing and Technology at TCCU, Inc., a financial services firm; Vice President of Product Research and Software Development for Summit Information Systems, a computer software company; and Vice President of Strategic Planning and Technology at FSI International, a multinational manufacturing company in the semiconductor industry. Mary is a keynote speaker and has more than 1,000 articles, research studies, and technology publications in print.