Subscribe to the Blog
© 2021 Global Storage. All rights reserved. Privacy Policy
Data Protection in the Cloud
With the increasing trend of organisations thinking of or currently migrating critical production workloads to the cloud whether it’s a hybrid or public provider model it is still important to look at your data protection, there are the obvious advantages and benefits over the private cloud model and these have been documented numerous times and there is no need to go into detail about them again, but just to refresh a cloud should provide infrastructure, environmental, human resource and software licensing savings; this in turn allows the business to focus strategically on core business services.
The advantages are clear but what other critical requirements are there? Does disaster recovery, business continuity, backup and archiving compliance ring a bell? It is important when an organisation is in the process of choosing a cloud provider that along with providing robust IaaS SLAs that the provider can also provide data protection SLAs.
Has the provider had previous disaster recovery experience? Can it provide your organisation with a clear path during a disaster? Does the provider in fact provide backup, archiving and restore functionality at all? Who maintains the backup, archive and disaster recovery? Is the disaster recovery tested? Cloud providers located at Tier 3 data centres provide numerous N+1 redundancy features but the fact remains there have been two Tier 1 vendor outages in the last 6 months that affected hundreds of customers. So whether you organisation is looking or currently moving towards either a public or hybrid cloud strategy ask the provider about data protection, your data is your business.
The Importance of Disaster Recovery Testing
When considering disaster recovery, any organisation that has seriously examined the impact of a total loss of IT systems would have determined that the desired recovery time objectives (RTOs) are tight. After all, time is money.
The backup mechanism in place determines the minimum RTO possible. Tapes have a finite data transport speed and must be physically moved between sites. Server-based backup solutions, which can perform live replications to a DR site, are a huge improvement in both speed of data transfer and availability, but these require significant skill sets in order to install and manage. With respect to recovery times, there are many other factors that can delay recovery of systems to a running and transactionally consistent state. How do you determine these factors? Through regular disaster recovery testing.
Disaster preparedness goes beyond taking regular backups. It comes down to knowing that the required resources and recovery skill set is available when needed. It’s reasonable to expect that in-house technical staff can perform tasks such as restoring database backups – the processes for this are well defined and tested. However, restoring platform operating systems and dependent services is a different story, and is complicated when (as is commonly the case) the available recovery platform is dissimilar from that of production. Often physical systems are restored to virtualised systems as part of a cost-effective disaster recovery solution. This is known as a physical to virtual conversion, or P2V, but is not always a straight-forward exercise.
With training and disaster recovery testing exercises, in-house technical staff can develop sufficient knowledge to perform adequate recoveries. But is the training expense and time invested in this cost-effective? Do you have the man-power to perform sufficient tests such that the time taken for recoveries is within the required recovery time objective? Maybe you can achieve this with a one-off testing exercise, but with the evolving inter-dependencies of typical business systems, will the lessons learnt be applicable in future?
An option worth considering is to engage the services of a dedicated disaster recovery service provider. Such a provider has specific skills in platform management, server-based backup and recovery systems and specific experience recovering a variety of common server technologies such as email and database dependent systems. A disaster recovery service provider should provide your organisation with regular disaster recovery testing exercises that are professionally project managed, executed with a prudent level of isolation from production and will present a professionally prepared report addressing the actual recovery times against the agreed RTOs.
Your in-house IT personnel deal with operational issues every day, and are ideally qualified to validate the correct operation of business systems as restored by a disaster recovery service provider. The coupling of your in-house IT expertise with a disaster recovery service provider able to efficiently restore production systems in the shortest time possible, is a key element to a successful business continuity plan, and ultimately to the survival of a business from a crippling disaster.
Global Storage at ARN Roundtable
Whether it be the rise of upcoming industry players, increased vendor consolidation or new technology advancements, the traditional storage market is shaking to its foundations. Such a shakeup demands a new partner power play however, as IT decision makers look to the channel to map out effective storage strategies in this ever-changing technological world. This exclusive ARN roundtable discussed the importance of business continuity, the key market disrupters and crucially, how the channel can shift the role of storage across enterprise.
Backup and Disaster Recovery Consolidated
Backup and disaster recovery consolidated as one service is not a new idea, but is again becoming a preferred practice with recently available technology.
There was a time when businesses and their CIOs looked at backup and disaster recovery as one and the same. Have we seen this thinking re-emerge? During our discussions with clients from differing industries, some used to think that backup by itself formed the disaster recovery strategy of the company. Fortunately many CIO’s have been able to educate businesses about the various scenarios and the implications of not having strategies in place such as, standby infrastructure at an offsite location or a tested disaster recovery solution.
With the evolution and acceptance of cloud computing and online data backup systems, more businesses are able to adopt a mature backup and IT disaster recovery strategy as part of their overall business continuity plan. Supported by the investment of tier 1 software vendors, the industry has been able to confidently combine the functions of backup and IT disaster recovery through the introduction of extended retention.
Continuous data protection (CDP) has not only reduced RPOs (recovery point objectives) to almost zero but has also allowed CIOs and CFOs to realise increased savings through consolidation. CDP technology can be used as part of a managed backup and disaster recovery solution with the added benefit of extended retention. If configured optionally, IT teams can have the high-availability luxury of local rollback snapshots points while having 7+ years of backup retention at the remote disaster recovery and backup site.
Offsite backup and disaster recovery treated as a single service; a consolidated approach to IT business continuity.
False sense of security pervades DR approaches
Australian businesses are aware of the importance of disaster recovery planning, but their reliance on manual approaches means that organisations risk falling short of target recovery times if an incident occurs, according to research released today.
A US study conducted by IDG Research Services, a sister company of IDG Communications, the publisher of Techworld Australia, revealed that although most companies surveyed had DR plans in place, many relied on manual recovery processes that ran the risk of missing recovery targets. Two-thirds of participants relied on manual recovery. In addition, testing of DR programs was a low priority, with a significant portion of organisations never conducting any ongoing DR testing at all. The results of an Australian DR survey conducted among IT professionals, 58 per cent of whom worked for companies with more than 500 seats, by storage services vendor FalconStor mirrored the US results.
Seventy nine per cent of respondents said they had DR/business continuity plan in place but the majority relied on manual or semi-automated DR solutions and testing was done annually or not at all. However, 60 per cent indicated recovery periods of longer than four hours would impact on productivity, reputation or revenue.
Kevin McIsaac, advisor at consultancy firm IBRS, said that there was a false sense of security among Australian businesses when it came to DR.
“The business has this unrealistic expectation that all their systems will be back in four hours,” he said. “They have no idea.”
Although most IT organisations realised the importance of DR planning, pressure from the business meant that revising and testing DR plans often falls by the wayside.
“I believe there’s of a lot of people in IT who are not sure about their IT plans or their ability to recover, but they don’t really kind of stick their head into it either — they don’t want to open Pandora’s Box,” McIsaac said.
“If I sat down with a reasonably senior person in your IT organisation and said, ‘Is this important?’ they would say yes. If I said, ‘Are you comfortable about your DR plans?’ they would generally squirm in their seat and go, ‘Mmm, not so much.’
“If I’m dealing with a more technical level guy, or a more junior guy, they just go ‘whatever’. For them, it’s just another piece of work. They’re overworked, they’re stressed, they’ve got way to many day-to-day operational problems and they’re putting out way too many day-to-day fires to really worry about what they consider to be an insurance plan for something they pray never happens. And if it does happen they’re no longer working there.”
McIsaac said there was an awareness of the problem, but “you think about the number of people who don’t insure their houses, think ah yeah we need to insure the house, then don’t do it”.
“It really falls in that same category,” he said. “Most IT organisations and people in general are often heavily driven by the urgent rather than the important, and it’s a classic planning and strategy problem.”
