Welcome!

Java Authors: Esmeralda Swartz, Elizabeth White, Roger Strukhoff, Lori MacVittie, JP Morgenthal

Related Topics: Cloud Expo, Java, SOA & WOA, Linux, Security, Big Data Journal

Cloud Expo: Article

A Business Continuity Plan Plus the Right Cloud Solution

The Perfect Equation for Disaster Proofing

It's an oft-cited FEMA statistic that 40 percent of small businesses never reopen after a disaster. Almost certainly contributing to this eye-popping failure rate is the fact that an estimated 74 percent of small to mid-sized businesses (SMBs) lack a disaster recovery plan, while 84 percent haven't bothered to obtain disaster insurance.

On an annual basis, flooding ranks as the most common and costly type of natural disaster in America. This hurricane season alone is expected to boast 10 named tropical storms and five hurricanes. Those SMBs that don't want their data to wash away with the rest of their possessions should consider revisiting the planning process, strategies, and cloud technologies that help businesses stay afloat in the event of a disaster.

Be Proactive - Planning Improves Reaction Time and Outcomes
Most businesses naively believe that they won't experience a true disaster, or that they'll just cross that bridge when in happens. However, according to the Aberdeen Group, disaster is arguably inevitable with the average business experiencing 2.26 downtime events per year, at an average cost of $163,674. Since all businesses aren't created equal, and many are constrained by dollars and cents, businesses must carefully calibrate their strategy for response to be commensurate with their risk. A well thought out business continuity and disaster recovery plan that takes into account the following six steps can make all the difference between a business that is poised for continued success, and one that is done in by something going awry:

Step 1: Identify mission-critical applications and data by performing a risk assessment and business impact analysis (BIA) as well as taking an asset inventory. This analysis will allow the business to calculate the potential impact of its most likely threats and prioritize their response accordingly.

Step 2: Estimate when operations should/will resume by measuring success against established RTO/RPO through frequent testing to ensure flexibility in the disaster recovery technology solution(s) the business chooses. Companies should keep in mind that, while accurate RTO/RPOs are easy to attain with specific systems, they are very hard to meet when data becomes more agnostic and distributed across more systems.

Step 3: Identify a backup worksite in the event the business becomes unsafe.

Step 4: Design and publish the business continuity plan/disaster recovery plan (BCP/DRP), making sure it is accessible to everyone from anywhere.

Step 5: Make sure employees know about the plan and are familiar with it. When disaster strikes, businesses with a clearly defined plan and consistent communication can more quickly cut through the chaos and get back on track.

Step 6: Businesses should regularly put their BCP/DRP to the test to ensure it meets current and future needs, and to expose areas that can be updated for improvement. With the maturity of cloud solutions, you also have to take into account migrating and living with a more diverse private/public cloud portfolio. Ensure you have a go-to plan for the future to expand into new things like high availability, and archiving within clouds.

Disaster-Proofing Strategies & Technologies for Every Situation and Budget
First, let's get one thing out of the way: tape is not a recovery solution. With the dizzying pace of innovation, today's modern business continuity and disaster recovery solutions available in the cloud have proliferated almost beyond count. This is making it challenging for a business to hone in on the right solutions, so let's take a quick look at some solutions that can fit various needs and budgets.

Community Cloud
In the SMB market, one strategy we are increasingly seeing is "community cloud" initiatives, which allow businesses to share risk and pool resources to stretch their dollars. For instance, through a mutual agreement, two companies in the same region could house one of their servers in the other's data center. Thus, rather than having to set up, manage, and pay for a duplicate data center, the companies are each afforded off-site protection. However, in event of a regional disaster, such as a storm, each of the sites might be subject to identical threats.  Therefore, this option should be reserved for businesses with shoestring budgets, in areas that face low regional threat risk.

Cloud-Based Disaster Recovery as a Service (DRaaS)
The emergence of cloud-based DRaaS over the past few years has been a game-changer for businesses of all sizes and budgets. DRaaS solutions can enable complete recovery of data and entire production environments in minutes - not hours or days. On a predetermined basis, a company's physical and/or virtual servers send images of their environments to the cloud of a DRaaS provider. In the event of an adverse event at the company's site, such as a storm or fire, a virtualized (and fully-operational) version of the physical server can be rapidly spun-up in the DRaaS cloud. Additionally, the affordability of DRaaS is attractive as it doesn't require capital investment and even some appliance-based solutions are offered as Hardware as a Service.

Despite its abundant benefits, though, DRaaS still doesn't solve the age-old problem of "what" a business needs to protect unless it's set up manually by default. Moreover, while advances in WAN Optimization equate to more rapid transfer of data to the cloud, there are still some bandwidth issues.

Hybrid Cloud Solutions
Hybrid cloud solutions are bursting onto the market and freeing applications from the need to be tied to a physical piece of hardware. They enable applications to live both locally, as well as in a cloud environment, at the same time. These hybrid solutions mean businesses don't have to DIY for their own disaster recovery sites and can instead designate a cloud provider to provide the infrastructure

In turn, these cloud vendors can achieve efficacies of scale and performance rarely seen with individual operators. For a small number of application-centric situations, such as finance institutions, this won't be the best solution. But for almost any other business, it leaves no reason not to move disaster recovery to the cloud.

Multi-Cloud Solutions
The disaster recovery landscape continues to evolve at a breakneck pace and very soon businesses will have the ability to operate between many clouds and avoid being locked down by just one. For instance, companies can now choose solutions that enable virtual and physical loads to be recovered inside multiple cloud providers and even orchestrate cascading failovers between different providers. This freedom essentially enables businesses to place their recovery eggs in multiple baskets. In the distant future, we can logically surmise that businesses will one day be able to move between cloud providers on a whim by simply pushing a button and failing over on top of another cloud platform.

Choosing the Right Solution
Businesses can narrow their search a bit further by choosing universal products that address their basic need around recovery (failover/failback) while being as agnostic to hardware and software as possible. At the same time, they should expand their horizons and look for application-centric solutions that enable them to focus on what matters: the actual data that drives their business. Any company that maintains a business continuity plan and implements the right cloud technology to meet their needs is well on the path to saving itself from becoming another morbid statistic the next time disaster strikes.

More Stories By Fredrik Schmidt

Fredrik Schmidt serves as the Head of Product and Innovation at Accelerite where he specializes in high performance computing, virtualization, security, storage management, business continuity management, datacenter transformation practices, and the cloud.

Fredrik joined Accelerite after serving as Technical Director at Symantec where he held a superior record of delivering simultaneous large-scale, mission-critical projects on time and under budget. Prior to Symantec, he’s operated as a Senior IT/IS Director at Thompson Multimedia and CIO and Co-Founder of Kryptonite Security, an LLC company engaged in Fortune 500 company security consulting. During his career, he's worked on several Big Data initiatives, revamped “code as a service' with the State of California, and executed the first state level Cloud-based initiative in the country which laid foundation for several high profile efforts currently underway.

Fredrik has strong knowledge of all components of IT operations and industry-standard technologies as well as service delivery. His is also fluent in Swedish, Norwegian, Danish, French, German and Japanese.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.