Getting the balancing act right between critical data protection and maximum uptime has, over the years, resulted in what might be regarded as a piecemeal approach to investment in backup and recovery solutions. The economic benefits of these systems are often overlooked, making it hard for IT teams to secure budget for ongoing improvements which has in turn inhibited the move away from legacy systems in spite of changing customer requirements. Making do or ‘bolting on’ new functionality to meet today’s more demanding recovery requirements has inevitably resulted in a mixed bag of disparate backup and recovery systems providing various levels of integration, capability, support and overall customer experience.
It’s no surprise then that the key words dominating the findings of the latest State of Disaster Recovery Report carried out by Quorum this year are simplicity and speed.
The report found that 64% of respondents are using more than three different disaster recovery products and 26% are using between 5-10. Faced with overwhelming complexity and cost, 90% of respondents were naturally keen to consolidate their disaster recovery solutions in a bid to reduce time managing multiple products, streamline processes and also reduce training costs.
In order to address this challenge, businesses need to get a clearer understanding of the difference between the safe archival of data and its timely recovery and to decide where to prioritise their efforts to support key business objectives.
It’s imperative however that companies remember that customers, users, employees and management now expect to have instant access to and response from every website, application and service they encounter and downtime of any amount is no longer acceptable. 80% of respondents unfortunately said that it takes them over an hour to recover from a server failure (often much longer). This clearly increases the risk of customer dissatisfaction, lost revenue and exposure to increasingly sophisticated malware attacks so it was only logical that 72% of respondents also said that speed of backup and recovery is business critical.
Recent advances in virtualisation, cloud and networking technologies, new appliances and hybrid cloud solutions significantly reduce the frequency and risk of extended downtime and at a lower total cost of ownership which explains why three quarters of those interviewed have decided to leverage cloud based disaster recovery solutions. Indeed 36% are using a hybrid on premises and cloud model and 39% have taken the Disaster Recovery as a service (DRaaS) approach. 89% of respondents are planning on implementing more cloud based disaster recovery in a bid to meet increasingly aggressive Recovery Time Objectives (RTO).
Organisations obviously need to decide how long they can afford to be offline in terms of reduced productivity and incomplete transactions but how much they are prepared to spend in order to protect against loss of revenue, customers and reputation as a result of an outage.
Slow recovery speeds provided by traditional backup solutions have to be weighed against the lower cost of storage. Backup to the cloud can reduce administrative headaches but costs can be unpredictable, with potentially unsustainable ‘per gigabyte’ charges, and bandwidth restrictions reducing download speeds. For increasing numbers the answer appears to be hybrid cloud recovery which not only charges per protected server, meeting the CFO’s need for greater predictability and constrained costs, but enables companies to benefit from the best of both the on premises and cloud-based approach to recovery, not just backup. Regardless of the choices made, however, the case for simplification is clear.
Selecting one solution, that can be managed by a single management platform, can help already stretched IT staff to automate key processes and more easily identify any potential disruption to normal service. Given that the majority of outages occur at a local level, the need to be able to take action fast and recover locally clearly makes sense. And the need to track and fix the increasing number and sophistication of malware attacks has only hastened this need for fast recovery at a local level as businesses strive to reduce system lock down triggered by ransomware.
Demand for increased speed of recovery has naturally led many vendors to offer a RTO of less than an hour and a Recovery Point Objective (RPO) of 15 minutes but the realisation that a more proactive and preemptive approach to recovery, rather than backup and archive alone, is also making a difference. Companies understand and appreciate the benefit of creating up-to-date, ready to run clones of critical systems that run on high availability onsite appliances, or in the cloud, which enable system administrators to transparently take over failed servers, within minutes. Incremental backups, performed every 15 minutes - versus cloud backups which typically are less frequent (several times a day) – can form the first line of defence from a cyberattack. It means businesses can isolate and clean affected servers and achieve close to instant recovery, running on clones until production systems can be brought back online, much quicker.
Interestingly, discussions about recovery performance are also increasingly focused on the ability of backup solutions to deliver the ‘same speed as production’ systems which are designed to work at high speed and manage large workloads. If businesses have to switch over to backup systems in the event of a disruption, they must be able to run at the same speed – whether it be for one hour, one day or an extended period. Customers that encounter a ‘slower than normal’ service may take their business to a competitor, rather than wait for a slow transaction to complete. Backup and recovery vendors clearly need to keep pace with the speed offered by production systems by overhauling storage management architecture and adding SSD cache to make backups and recovery performance ‘just as good’ as typical production hardware.
At the end of the day the need for simplicity and speed is about shielding end-users from disruption, outages and attacks so that they get the service and access to data they need, without any indication that the application in question is running from a backup appliance. Businesses that want to be assured that their disaster recovery plans are fit for purpose must not only plan for the best case scenario but rehearse their disaster recovery strategies and schedule regular tests of their systems before an incident occurs to prove that they will work as expected if and when they are needed. After all, in business, every second counts.