Disaster Recovery

10 things you should do when moving disaster recovery to the cloud

If you're incorporating cloud computing into your DR plan, this checklist will help you gain the advantages and avoid the pitfalls.

The use of private and public clouds has most companies revisiting their disaster recovery plans. No one fancies the job -- but the cloud can provide new disaster recovery (DR) advantages if IT plays its cards right. Here are 10 things to have on your cloud DR checklist.

1: Use multiple ISPs to avoid a single point of failure

We've all heard that anything you do in the cloud is only as good as your Internet connection. This is all the more reason to do everything you can to prevent Internet failures from happening at all. Forward-thinking companies use network hub technology that plugs into multiple ISPs (cable, wireless, etc.) for Internet traffic load balancing and for failover in case one Internet channel goes down. Using multiple Internet channels should be an integral part of any cloud DR strategy.

2: Evaluate your application portfolio

Do all your applications (e.g., teleconferencing, project management) really need immediate backup and recovery in a disaster? When you evaluate the impact of cloud-based applications, take the same approach. Your DR plan should initially include contingencies only for those applications absolutely needed to keep the company running.

3: Maintain physical copies of certain applications

In some instances (e.g., office productivity), it is both easy and inexpensive to keep a few physical copies of desktop software on hand for a disaster that affects your virtual software. Your office staff will love you for it.

4: Understand the cloud vendor's DR capabilities and promises

Before signing up for any third-party cloud solution, sit down with the vendor to see what provisions it has for disaster recovery and failover -- and what the promise times for service restoration are. These promise times should fall within the same guidelines you expect for your own in-house systems. If they don't, look for another vendor.

5: Test all mission-critical applications with vendors

Most companies do not initially place mission-critical applications with cloud vendors. But if you do, the vendor's DR guarantees are not enough. Before inking a contract, you should reach an agreement with the vendor on at least an annual test of the entire DR and failover procedure, as if that vendor were your own data center. Some companies even make it a practice to "failover" to a different cloud services provider for a mission-critical application on a quarterly basis and to run the application in production for a full quarter. This is a sure guarantee that DR and failover are working.

6: Use the strength of the cloud

One of public cloud's major selling points is the on demand availability of compute, storage, networking, and technical support resources. You pay only for what you use. This is a far cry from the old days, when companies had to pay expensive annual subscriptions just to reserve equipment configured exactly like their "home" IT in remote data centers. You can save money by going to the cloud with an on-demand cloud solution provider whose staff is knowledgeable about your equipment and how you must configure it so they can quickly have you up and running in a disaster.

7: Leverage private cloud virtualization and tools

Even in your own private cloud, with the help of virtualization and new tools you can quickly replicate operating systems and applications for purposes of DR and failover. Most sites that are using virtualization and these new automated toolsets for virtual OS and application deployment report that their time to deploy is reduced significantly.

8: Don't forget about redundant "old" communications channels

If you're running data communications between two data centers for your private cloud, you also want to include redundant communications lines with a mix of datacom topologies to lessen your DR risk. For instance, a site might opt to run duplicate lines in both dark fiber and fiber channel topologies.

9: Plan cloud DR for separate geographies

Large enterprises in multiple geographies should have cloud and data center DR and failover strategies that enable easy transitions to alternate sites in different geographical locations if a major catastrophe strikes a particular area. Private cloud (and even a well chosen public cloud) can facilitate this geographical flexibility because both can utilize data centers anywhere.

10: Have trained personnel at remote DR/failover sites

If you utilize multiple geographical locations in your DR/failover plan, you want to have access to people who are knowledgeable in your systems at these sites so you can avoid flying people in (which you might not even be able to do in a disaster). Checking each public cloud provider's staff expertise should be a vital part of your vendor interview process before you sign any agreement. If you create your own private cloud that uses multiple data centers, your plan should also include "follow the sun" IT staff who can perform every operation at the remote site that your people do at headquarters.

About

Mary E. Shacklett is president of Transworld Data, a technology research and market development firm. Prior to founding the company, Mary was Senior Vice President of Marketing and Technology at TCCU, Inc., a financial services firm; Vice President o...

7 comments
Slayer_
Slayer_

Just a quick comparison, a simple backup tape can supposedly read and write data at 80mbps (some more, some less). That's about 10megabytes a second. Over the internet, your lucky to get 2megabytes a second. So, even if we assumed a corporations upload was beefy enough to do backups to a cloud server in a single night. It would take 5 times longer to recover from a disaster using the cloud than just using backup tapes.

sys-eng
sys-eng

Before this can be seriously considered, the author should define "cloud". This term is not universal by any means. If the "cloud" means up there somewhere but nothing specific that you can touch and keep in one place, then this is a bad idea for anyone with a very important computer system because verification and accountability will also be out there somewhere.

Deadly Ernest
Deadly Ernest

store them off site. If a small organisation, just carry them out each night; if a big organisation, vpn them to a server or servers at one of your other locations.

reisen55
reisen55

My former manager at a major insurance firm in lower Manhattan is now a certified BCP/DR consultant and both his and my opinion of the cloud match Wozniak's recent famous opinion on security. It is a fools game. I believe the cloud exists primarily so that executive can clean out the data center room, fire staff, outsource to India and change room D305 to a cafeteria. Your data is in Bangalore with somebody else controlling it, not under your control, exposed to security theft and your business exposed to lawsuits. KEEP all your resources local!! If the cloud does not exist, you have no business! DR is way to important to outsource to the cloud. Oh, I am skilled in this area. Our former employer in lower Manhattan was Aon, based on the 101st floor of the South Tower. One 9-11 our servers crashed, 103 floors, to the ground. Yeah, been there, done that.

Deadly Ernest
Deadly Ernest

organisations such as Gmail, Hotmail, Yahoo for email storage on their servers, and other organisations that have huge server farms for you to run your office software and data storage over the Internet from their server farms.

sys-eng
sys-eng

So you just happen to have another enterprise server cluster with same hardware, firmware, etc. sitting around somewhere else not being used? And this other system has sufficient broadband trunking to the other dependent systems? Sounds great if it works.

Deadly Ernest
Deadly Ernest

the past - that's the VPN to other sites bit have done that - even works for some very big government agencies. One gov't agency has three major server set ups around the country that handles the work for that part of the country, late at night each backs up to the other two. For the smaller organisations it's usually best to make a physical back up for off site local storage, one of the staff carries it there on their way home each night.