There are many advantages of cloud computing and many organisations are moving many of their apps, systems and process to the cloud. While technologies, systems and hardware are constantly being updated and moved to the cloud, backup and disaster recovery systems are sometimes left behind and left as is. When moved to the cloud, you can provide a much better solution than any current solutions that may be in place. Utilising the cloud as a backup solution is becoming more and more popular with organisations because the cost is more manageable than purchasing hardware outright. In this article, we will explore some best practices when considering or implementing a cloud backup solution for a very effective backup and disaster recovery system.
Use the cloud to Back up and store second tier or archived data
Data is now doubling every two years, with some projecting that it will reach 44 zettabytes, or 44 trillion gigabytes, by 2020. Many organisations are required to store historical data for legal purposes but in most cases will never need to access the data again. This is an area where cloud-based archiving of seldom-used data is a great solution because the cost of stashing it on the cloud is more economical than the cost of internal data centre facilities and storage and can be easily retrieved if needed again.
Use the cloud as your primary backup site for disaster recovery
Implementing a full disaster recovery solution whether it be a warm or hot site can often become expensive. Using a cloud-based service that specialises in full backup and disaster recovery makes a lot of sense and you will be surprised that it can be cheaper than you think. Often when implemented correctly the time it takes to restore business continuity is extremely fast and data is often synchronised in real-time so is fully up to date.
Develop a Business Continuity Plan/ Disaster Recovery plan
Preparation is the only true way to avert or minimise the impact of a disaster on your organisation and ensure that business operations can continue. Protecting your business begins with understanding its vulnerabilities and safeguarding against the risks you could face. By preparing for the worst-case scenario, you can plan to best avoid business disruption.
A business continuity or disaster recovery plan can be developed to identify the key business areas, and critical functions as well as how your business depends on them. You should determine the downtime that will be acceptable for your business and outline your plans for maintaining operations in each critical business function or area using Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) as your key measurements for success. A business continuity plan, or disaster recovery plan, allows you to protect your business and your data—and make sure that your systems are available and reliable, no matter what disasters you encounter.
Constantly revise your DR plan
Once in place, it’s surprising how many companies fail to update their disaster recovery plans when they outsource an application to the cloud—or even if they determine to use the cloud as a backup and disaster recovery platform. Always include a review and an update of the disaster recovery plan as part of any new cloud implementation, even when it’s your private cloud.
Test annually with your cloud provider
If you’re using a cloud provider for the hosting of mission-critical applications and/or backup and disaster recovery, DR and failover testing should be conducted annually at a minimum. This provision should be written into your contract with the cloud provider.
Without testing, a plan will never have successful execution to back itself up. In the chaos of a crisis, your untested plan will likely fail since people won’t know which parts of the plan work and which don’t. Your testing should encompass all possibilities—from a small process failing, to the entire facility being wiped out by a natural weather event. Included with these tests should be detailed explanations describing what’s working in the plan and what isn’t. These will develop and mature your plan over time until business continuity is maintained even if something small is failing, and your organisation doesn’t suffer any losses in revenue or customer trust. Testing also allows for recovery practice training, which will also reduce recovery time when real chaos occurs.
Ask your cloud providers for regular IT audit and financial audit results
Part of the due diligence you perform on cloud providers should include regular reviews of their IT and financial performance. Your cloud provider should be able to demonstrate to you that it receives regular and satisfactory reviews of its IT security and performance and that it has been reviewed by auditors and deemed to be in good financial health to ensure its long-term viability as a business partner.
Write and review SLAs
Its great having a solid DR plan in place but if you reply on a cloud provider or Data centre to assist in that plan and they can not perform then you are limited to how successful your plan can be. A surprising number of cloud providers do not offer service level agreements (SLAs) that guarantee turnaround times for responses to questions, repair of problems, meantime to recovery for disasters, etc. The best way to ensure that you get what you want in these areas is to draft your own set of SLAs that you expect the provider to adhere to and attach this as an addendum to your contract with the provider. As part of the SLA process, some companies also require a quarterly review of SLA performance with the vendor.
Develop an IT architecture for the cloud
Many organisations, especially if they are small or midsize companies, tend to adopt cloud as needs arise instead of sitting down to envision what the end-to-end cloud architecture of the company is going to look like in the next five years. When they develop an overarching architecture for all their cloud apps and data, many companies discover that they will need a hybrid cloud that combines services from public and private clouds with resources from their own data centres. If they have an architecture that is fully developed, along with a road map that shows which applications are likely to use which cloud and data centre services, they can more effectively plan for future expansion—and for how they are going back up and restore their data.
Get your IT staff trained in cloud and your DR plan
Handling the backups and disaster recovery is often the responsibility of a single IT person or department at a company. If any critical person gets sick, leaves the company, or – heaven forbid – is rendered unavailable in a disaster, the company is left with tons of recovery documentation no one knows how to execute. For this reason, it is extremely important to train and involve several people and departments in your Backup and disaster recovery plan. And, if at all possible, train at least one of those people or teams outside your primary data centre region. That way, if a widespread problem or incident renders the people near the primary data centre unavailable, the team outside the region can step in to fill the role.
