Data-driven businesses that operate on information, often accumulated over multiple years, would be in trouble if hit by major data loss. Chances are, an SME that is highly dependent on their data would take a long time to resume operations or even never recover from a disaster. Therefore, avoiding loss of data by planning for the worst-case scenario and being prepared should something happen will help you in disaster recovery.
What is disaster recovery
By a simple explanation, disaster recovery is the actions a business must take immediately after suffering a major data loss that impacts operations. It involves a set of policies, tools, and procedures that are meant to enable the business to recover and resume operations of vital technologies, infrastructure, and systems following a disaster.
Disaster recovery planning developed alongside information technology in the 70s as organizations began to recognize their dependence on computer systems. As the use of online data storage and processing grew, businesses became ever more reliant on the availability of their IT systems. Due to the same continuous trend of data dependence today, disaster recovery is only more important.
In context, a disaster can be natural such as floods, hurricanes, and earthquakes or man-made like infrastructure failures, terrorism, and critical bugs or cyberattacks. While natural disasters are impossible to prevent, managing the risks by avoiding disaster-prone situations and preparing with good planning can alleviate the impact. In the case of man-made disasters, pre-emptive measures such as monitoring, testing, and mitigation planning are invaluable. However, regardless of the reason for data loss, disaster recovery will be necessary.
Disaster recovery planning requires a good understanding of the many moving parts of your business as a whole. Some of the factors you will need to consider include company size, management structures, regulatory frameworks, used technologies, and more.
Disaster recovery control measures can be generally classified into three categories:
- Preventive measures, that are aimed at preventing an event from occurring.
- Detective measures, actions intended to detect or discover unwanted events.
- Corrective measures, which include the steps needed to correct or restore the affected systems.
Much of the scope and cost of disaster recovery will depend on your business processes. Carefully assessing and planning for each possible disaster will take time and effort. However, implementing holistic pre-disaster planning will be more cost-effect in the long run, possibly saving your business from the worst-case scenario.
The disaster recovery planning should include at least the following procedures:
- Analysing the potential impacts on your business
- Identifying vulnerabilities through risk assessment
- Deciding on the immediate actions depending on the vulnerability
- Establishing plans for intermediate actions
- Developing plans for long-term actions
- Test each broader vulnerability category and reiterate as needed
Disaster recovery planning as a process is very goal orientated. A fully realised plan would outline methods to minimize the initial interruption to normal operations as well as limit the extent of any disruption or damage.
It should establish alternative means of operation in advance to further reduce the economic impact a major disruption might have. All personnel need to be trained on these emergency procedures to allow quick reaction to disaster of any type.
Lastly, but perhaps most importantly, the plan has to provide an established process for restoring the services. Furthermore, planned disaster recovery measures should be documented and maintained by regularly performing disaster recovery tests.
Changes in disaster recovery
Due to the nature of older server technologies and network infrastructure, early disaster recovery was slow. Traditional disaster recovery methods often relied on transporting backup data to a backup site. The physical servers at the second location would then have the backup data restored in order to allow the systems to resume.
As networking technology developed, the increased bandwidth allowed data to be replicated from the primary to a secondary site over a WAN. This still required similar or near-identical hardware at both locations to facilitate failover. This type utilisation of a second entirely physical environment is expensive and often requires certain machines in need of safeguards to be prioritised, leaving others exposed.
Thankfully, the availability of cloud infrastructure has done away with the need for maintaining backup sites for most businesses. In contrast to self-hosted solutions, server virtualisation has helped make disaster recovery easier by allowing everything to be represented in logical terms. By utilising cloud infrastructure, new servers can be provisioned on a moments notice eliminating the need to maintain a physical replica of your environment.
Cloud computing has increasingly decoupled physical and virtual infrastructure. The actual location of the data centre where the cloud servers are run matters very little as long as the network is sufficiently reliable. At the same time, modern networking has become highly resilient which further alleviates concerns. While disaster recovery is still important, a big part of the issue is taken care of by simply choosing the right cloud provider.
The reliability of any platform is dependent on its foundations and we at UpCloud take this very seriously. Our entire infrastructure is designed from the ground up on resilience and redundancy to ensure high availability. We use only tested and trusted enterprise-grade hardware throughout our infrastructure for the best reliability but have also planned against hardware failure via redundancy of N+1. In effect, this means that for every mission-critical component, there is always at least one backup that is ready to take over the instant should something fail. Thanks to this, our trust in the infrastructure gives us the confidence to promise 100% SLA.
Data protection options
One aspect of disaster recovery focuses on data protection. In relation to this, another of the benefit of UpCloud’s infrastructure comes from our redundancy ensured block storage. Each storage backend consists of two identical stacks that replicate all data in case of a storage hardware failure. However, this should not be your only data protection measure. Luckily, cloud infrastructure provides many options for data protection.
The extent of any particular incident requires a different scale of protection. Data protection using storage mirroring works against very localised issues without so much a pause in operations. In contrast, a data centre wide outage will require your data to be already available at another location before something happens. Backing up storage on-site and automatically coping off-site, or making backups directly to off-site storage is a sure way of solving availability during local incidents.
Taking and copying backup snapshots is a relatively simple way of setting up data protection. However, in case of an issue, the backup must be restored to become usable in restoring the business processes. Instead, creating a replication system at an off-site location avoids the need to restore data. This way only the system state will need to be restored to resume operations.
UpCloud also offers Private Cloud solutions that can allow replication of the management data, such as templates and storage, into another part of the private cloud setup. These can then be restored in case a disaster occurs. Alternatively, Hybrid Cloud solutions could replicate to both on-site and off-site data centres. These solutions can provide the ability to instantly fail-over to local on-site hardware, but in the event of a physical disaster, servers can alternatively be brought up at another cloud data centre.
The more modern approach to data protection comes in using high availability systems. Maintain both data and system replicas off-site enables continuous access to systems and data, even after a disaster. This type of HA setup also affords additional flexibility in horizontal system scaling.
Note that disaster recovery includes more than simple data backup and restoration which is just a small piece of recovering an entire business process. In addition, UpCloud infrastructure implements other precautionary measures can with the objective of preventing a disaster in the first place.
- Surge protectors that minimize the effect of fluctuation in power delivery on delicate electronic equipment
- Uninterruptible power supply and backup generators at every data centre to keep systems going in the event of a power failure.
- Fire prevention and mitigation systems such as alarms and automated fire extinguishing methods.
- Restricted physical access to data centre facilities and security measures to prevent intrusions.
In some cases, businesses may elect to use an outsourced disaster recovery provider to allocate a stand-by site and systems rather than using their own remote facilities. These are also operated increasingly utilising cloud providers. Therefore, Disaster Recovery as a Service, or DRaaS, is one of the security features afforded by cloud computing.
Understanding the disaster recovery requirements of your business will allow you to assess the time-scales for recovery realistically. A good disaster recovery plan can minimize both downtime and data loss while advanced high availability system and data protection could mitigate a disaster altogether.
Disasters such as anything from a server crash to a ransomware virus or other form of cyberattack could happen at any time, and while efforts spent on disaster recovery planning will add up to extra costs, the results are well worth it in the event of proverbial smear on the fan.
One of the other types of disasters could come in the form of distributed denial of service attacks. Learn more about DDoS and the ways to mitigate it.