Why Disaster Recovery Isn’t Resilience
From ransomware to server failures to user errors, the online threat environment is increasingly complex. Outages aren’t a matter of if but when. As IT teams execute their disaster recovery plans to remediate breaches and service failures, there’s still the issue of keeping the business running and data intact. This is where IT resilience comes in.
Not all resilience is created equal. Many companies are stuck in the manual, hands-on dark days of IT resilience in which IT teams maintain secondary physical data centers and are on pager (now cell phone) duty to quickly respond when things go awry. But in the new IT resilience paradigm, cloud-based automation and virtualization are the name of the game, saving time, effort and expense both before and after disaster strikes.
With this new, cloud-based form of IT resilience, businesses can stay continuously on even when breached or hit by an outage of any magnitude. Recent developments in the cloud and in cloud-converged infrastructure have changed the face of resilience, allowing businesses to enjoy higher levels of business continuity than previously possible.
Whether a Human Act or Act of God…
Disaster can strike in a number of ways, and each requires its own set of tools and solutions. Something as commonplace as a power outage can wreak havoc, as evidenced by Delta Airline's recent shutdown. Individuals — inadvertent or malicious — can bring a business to its knees. Increasingly commonplace are ransomware attacks, which arrive much like any other virus, but then hold data and subsequent business operations hostage.
With traditional disaster recovery, IT teams exist in a reactive, rather than proactive, state and are often caught in a game of catch-up. In order to test recovery protocols, IT teams have to spend time configuring and deploying entire data centers and servers. Any attempts at testing are only as good as the manual efforts to duplicate ever-changing infrastructure, data and software systems.
Modern IT disaster recovery, on the other hand, offers not only snapshotting and replication of entire systems, but the ability to easily spin up virtual environments using current data, applications and environmental configurations. Instead of waiting for the next Category 5 hurricane to hit before discovering whether preparations are sufficient, IT teams can proactively test their disaster preparedness.
Beyond Recovery: Resilience
Once upon a time, a business was down only for as long as it took to bring file systems back online. But now, entire business operations exist online. IT resilience is more than just disaster recovery — it is sustained availability and agile delivery of IT services, alongside integrity, privacy and confidentiality assurance for business information assets. Where disaster recovery aims to do just that — recover — IT resilience aims to protect against and prevent downtime, as well as recover afterwards.
IT resilience consists not only of business continuity and disaster recovery, but also data protection, testing and development, archiving and cybersecurity. The cloud offers an avenue for all of these previously disparate use cases to be met using a single, deduplicated copy of the primary IT environment.
Highly virtualized organizations, those that no longer rely on traditional on-premises servers and their physical limitations, have entered a new arena when it comes to IT resilience. They can depend upon automated systems to spin up new virtual servers in the cloud when disaster strikes. With physical servers, an IT team may backup the data but then have to rebuild and reconfigure servers, including the operating system environment and all the complexities that come with it, while the business remains down. But with virtualized servers, all of that complexity can be captured in the backup and be immediately recovered.
From Hyper-convergence to Cloud-convergence
In recent years, an answer to problems of legacy, on-premises infrastructure has come in the form of “hyper-convergence,” which merges silos of compute, storage, networking and software into a single box. You can think of this as a private cloud, often in the form of a proprietary solution. Hyper-convergence unfortunately suffers from some of the same drawbacks as legacy infrastructure, requiring IT departments to purchase more hardware and provide more budget for the facilities, power, and cooling to operate that hardware.
“Cloud-convergence” takes this solution to its ultimate end by eliminating costly excess infrastructure and moving compute, storage, networking and software entirely to the cloud. Cloud-convergence enables businesses to maintain just one copy of the software and hardware needed to run production IT, placing all resiliency and agility workloads in the cloud.
By taking disaster recovery to the cloud via disaster recovery-as-a-service (DRaaS), organizations can utilize the power, scalability and cost-effective on-demand nature of the cloud to achieve levels of resilience previously available only to the largest enterprises. In addition, these organizations can take advantage of the virtualized nature of their systems by accessing a single deduplicated copy of their data for other uses, such as testing, development and long-term data retention.
Todd Scallan is vice president product and engineering at Axcient.