Cloud Disaster Recovery: Public, Private or Hybrid Cloud Solutions Supporting Disaster Recovery

Similar documents
TSC Business Continuity & Disaster Recovery Session

Accelerate Your Enterprise Private Cloud Initiative

Dell helps you simplify IT

Total Cost of Ownership: Benefits of the OpenText Cloud

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

Professional Services for Cloud Management Solutions

State of Cloud Survey GERMANY FINDINGS

Appendix 3 Disaster Recovery Plan

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

How Managed Service Providers Can Meet Market Growth with Maximum Uptime

Disaster Recovery Is A Business Strategy

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

Cloud-based data backup: a buyer s guide

New Zealand Government IBM Infrastructure as a Service

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

Accelerating the Business Value of Virtualization

Keys to a more secure data environment

Accelerate your Azure Hybrid Cloud Business with HPE. Ken Won, HPE Director, Cloud Product Marketing

Emergence of Business Continuity to Ensure Business and IT Operations. Solutions to successfully meet the requirements of business continuity.

Continuity of Business

Perfect Balance of Public and Private Cloud

Symantec Data Center Transformation

IBM Resiliency Services:

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

The case for cloud-based data backup

Why Enterprises Need to Optimize Their Data Centers

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Business continuity management and cyber resiliency

Avanade s Approach to Client Data Protection

Getting Hybrid IT Right. A Softchoice Guide to Hybrid Cloud Adoption

CCISO Blueprint v1. EC-Council

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION

Five Key Considerations for Selecting Cloud Recovery Services

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

Networking for a smarter data center: Getting it right

Table of Contents. Sample

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Disaster Recovery and Mitigation: Is your business prepared when disaster hits?

Introduction to Business continuity Planning

Ensuring business continuity with comprehensive and cost-effective disaster recovery service.

WHY BUILDING SECURITY SYSTEMS NEED CONTINUOUS AVAILABILITY

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services

Disaster Recovery Self-Audit

Data Center Management and Automation Strategic Briefing

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Protecting Mission-Critical Application Environments The Top 5 Challenges and Solutions for Backup and Recovery

FROM TACTIC TO STRATEGY:

The Upside to Active Mail Management - Five Reasons to Actively Manage Mail

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Business Continuity Management Program Overview

Service Provider Consulting

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

INTELLIGENCE DRIVEN GRC FOR SECURITY

The Data Protection Rule and Hybrid Cloud Backup

ITIL overview Service Delivery. Jaroslav Procházka

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS

CORPORATE PERFORMANCE IMPROVEMENT DOES CLOUD MEAN THE PRIVATE DATA CENTER IS DEAD?

The Hidden Costs of Free Database Auditing Comparing the total cost of ownership of native database auditing vs. Imperva SecureSphere

Cloud Services. Infrastructure-as-a-Service

Kroll Ontrack VMware Forum. Survey and Report

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

Why Continuity Matters

Modern Database Architectures Demand Modern Data Security Measures

Run the business. Not the risks.

Controlling Costs and Driving Agility in the Datacenter

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

A Practical Guide to Avoiding Disasters in Mission-Critical Facilities. What is a Disaster? Associated Business Issues.

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

Cyber Risks in the Boardroom Conference

Continuous Processing versus Oracle RAC: An Analyst s Review

Fifteen Best Practices for a Successful Data Center Migration

McAfee Total Protection for Data Loss Prevention

KEYCLOUD BACKUP AND RECOVERY AS-A-SERVICE (BRAAS): A fully-managed backup and recovery solution for your mission critical data

AN APPLICATION-CENTRIC APPROACH TO DATA CENTER MIGRATION

6/21/2013. The Business Risk of NOT Considering a Cloud/Managed IT Services Strategy. Christian Brothers Information & Technology Services

IT Consulting and Implementation Services

Choosing the Right Cloud. ebook

Why the Threat of Downtime Should Be Keeping You Up at Night

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

CYBER RESILIENCE & INCIDENT RESPONSE

VMware vcloud Air Network Service Providers Ensure Smooth Cloud Deployment

Nine Steps to Smart Security for Small Businesses

Supporting the Cloud Transformation of Agencies across the Public Sector

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

SD-WAN Solution How to Make the Best Choice for Your Business

Creating and Testing Your IT Recovery Plan

YOUR CONDUIT TO THE CLOUD

THE IMPACT OF SECURITY ON APPLICATION DEVELOPMENT. August prevoty.com. August 2015

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

The 10 Disaster Planning Essentials For A Small Business Network

The 7 Habits of Highly Effective API and Service Management

a publication of the health care compliance association MARCH 2018

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value. An IDC InfoBrief, sponsored by Cisco September 2016

DISASTER RECOVERY TESTING, YOUR EXCUSES, AND HOW TO WIN

IN THE FRAME. Computacenter Public Sector Frameworks FRAMEWORK

Transcription:

White Paper Cloud Disaster Recovery: Public, Private or Hybrid Cloud Solutions Supporting Disaster Recovery Table of Contents Introduction... 2 Business continuity and disaster recovery development flow... 3 Those unprepared for a disaster... 3 Disaster recovery in the cloud is a two-part equation... 4 Part one: the best practice approach to disaster recover... 4 Part two: choosing a cloud solution... 5 Cloud options to consider... 5 Moving the technology stack to the cloud... 6 Validation comes with testing... 6 Disaster Recovery Preparedness Council, June 2016... 6 Cloud disaster recovery assessment... 7 Assessment time requirements... 8 Additional disaster recovery services... 8 Ready, set, go... 9 Conclusion... 9 Why Datalink... 10 References... 10

Introduction In years past, mentioning disaster recovery to executives immediately created angst. Everyone envisioned enormous sums of money being spent on technological safeguards with no quantifiable return on investment. Often it was referred to as expensive insurance that will never be needed or a money pit, consuming budgets that would be better spent elsewhere. Today, however, we all see the news, along with vivid pictures of damage caused by hurricanes, tornados, tsunamis, earthquakes, floods, fires, terrorism and violence of all types occurring around the world. These kinds of disasters are the most easily understood. Unfortunately, disasters occur in other ways that are much less obvious, such as employee sabotage, data corruption, hacking and data theft. Whether natural or manmade, disasters happen, and unfortunately we don t know when or where they will strike. Executives know that having disaster recovery solutions in place makes good business sense. But traditional costs to own the necessary hardware and software, and to employ the staff to support the chosen solutions, continue to impede efforts. Today, cloud offers a myriad of options capable of addressing the needs of businesses regardless of their size, type, or complexity. Public cloud provides robust, scalable, convenient, and cost-effective solutions, enabling more businesses to move forward with their disaster recovery initiatives. Public cloud is most often managed by a third party, which yields the benefit of lower staffing needs. As with any solution a company considers, they must understand what is appropriate for the organization, both in terms of meeting business objectives and regulatory requirements.

Business continuity and disaster recovery development flow Cloud disaster recovery is only one part of a greater equation. Below is a model depicting the evolution of work for cloud and traditional business continuity and disaster recovery. Plan & discover Design & architect Install & deploy Implement & integrate Validate, test & transfer Project kickoff Recovery capability Recovery Recovery plan Recovery validation: Tools deployment Gather data Business impact analysis Risk assessment Application mapping Operational recovery (BURA) strategy design Solution implementation development: - Disaster recovery - Business continuity - Crisis management - Disaster recovery - Business continuity - Crisis management Program development and management Those unprepared for a disaster Businesses caught unprepared for a disaster suffer losses in many different ways, including damaged reputations, loss of customers, fines/penalties, and revenue impacts because they believe it wasn t necessary to be proactive. Disasters do not have to be large to be costly. Simple data breaches, losses, or corruption events can be very expensive. Data breaches hit organizations squarely in the wallet. The average cost per record goes up depending on who or what caused the exposure. 1 Human error: Breach caused by human error or negligence costs an average of $137 per record or $3.85 million per event. System glitch: A system glitch exposing records costs an average of $142 per record or $3.99 million per event. Hackers and insiders: When hackers break in or insiders leak data out, the cost per record is $170 or $4.77 million per event. The likelihood of an outage from weather is only 14%. The two major causes of data loss are technology failure and human error. The question isn t whether or not disaster will happen; it s when. 2 3

Disaster recovery in the cloud is a two-part equation When a company considers building a disaster recovery program utilizing the cloud, there are two parts to consider. 1. Building the program: At this point nothing changes. The process and methodology to build an effective disaster recovery program is the same. 2. Choosing a cloud solution: Ensure your solution best fits the technologies used by the organization and the requirements of the business to recover. Part one: the best practice approach to disaster recovery According to the Disaster Recovery Institute International (DRII), there are 10 Professional Practices that comprise the Body of Knowledge used to develop and implement a program. Use of the Body of Knowledge and Professional Practices can increase the likelihood so that no significant gaps will be present in your program, as well as increase the likelihood that the various parts of the program will work cohesively in an actual event. 3 It should be noted that these 10 Professional Practices (below) are exactly the same in every business continuity and disaster recovery program and do not change if a cloud solution is used. Cloud is simply another site with technology solutions implemented to support disaster recovery. 1. Program initiation and management 2. Risk evaluation and control 3. Business Impact Analysis (BIA) 4. Business continuity and disaster recovery strategies 5. Emergency response and operations 6. Plan implementation and documentation 7. Awareness and training programs 8. Business continuity and disaster recovery plan exercise, audit and maintenance 9. Crisis communications 10. Coordination with external agencies After initially building out a program, it is vital to keep it maintained. Continuous improvement efforts must be included in a company s daily routine. This includes performing processes and activities to ensure plans and documentation are updated. Development of policies, standards, and guidelines is crucial for success. These must be written to address specific regulations that impact the business. Finally, implementing an internal audit program to verify compliance to the newly established policies, standards and guidelines is required. This ensures the program is ready at all times in the case that an event occurs. Some of the areas that an internal audit will review include: Developed strategies are updated as technologies are implemented, changed or removed. Change management is routinely used to ensure consistent methodologies are applied; solutions are tested and documented before introduction into the production environment. Change management will include sign-off by the business continuity/disaster recovery program. Documentation is routinely reviewed and maintained to relevant regulatory guidelines. Business continuity and disaster recovery program consistently uses a quality improvement methodology, ensuring the program accurately reflects the current state, remaining relevant and ready for use. 4

Part two: choosing a cloud solution When choosing a cloud solution, organizations must address the technologies being used and the requirements defined by the business to recover. This will require an assessment of the features and capabilities of each type and their related costs. At this point, it is necessary to identify the best fit solution for disaster recovery and a cloud solution that may include public, private or hybrid cloud components. Cloud options to consider Gartner Inc. defines cloud as follows: Public Cloud: 4 Public cloud computing is a style of computing where scalable and elastic IT-enabled capabilities are provided as a service to external customers using Internet technologies i.e., public cloud computing uses cloud computing technologies to support customers that are external to the provider s organization. Using public cloud services generates the types of economies of scale and sharing of resources that can reduce costs and increase choices of technologies. From a government organization s perspective, using public cloud services implies that any organization (in any industry sector and jurisdiction) can use the same services (e.g., infrastructure, platform or software), without guarantees about where data would be located and stored. Private Cloud: 5 Private cloud computing is a form of cloud computing that is used by only one organization, or that ensures that an organization is completely isolated from others. Hybrid Cloud: 6 Hybrid cloud computing refers to policy-based and coordinated service provisioning, use and management across a mixture of public and private cloud services. From a more general disaster recovery and business continuity perspective, a hybrid solution may include public and private cloud offerings combined with physical infrastructure addressing strategies not cloud capable (architecting the best fit disaster recovery solution). Cloud is simply scalable data storage, computing resources and application hosting available via the Internet. Depending on the vendor a company may have additional tools and services available to you. The choice is driven by its business needs, cost, and support requirements. 5

Moving the technology stack to the cloud Will not change: The commitment and ongoing support required by executive management 10 Professional Practices used to develop, document, and maintain a company s program Tangible and verified data collected through the various assessments, evaluations, interviews, and data gathering efforts Will change: Efforts required to manage the environment Resource types needed, as public cloud utilizes shared resources managed by a third party changing the level of control experienced How organizations think about and design security. Public cloud shares resources and often moves data from region to region (possibly country to country raising concerns about data sovereignty) without notifying stakeholders. It will be necessary to determine if this is acceptable in its environment of legal, contractual, and regulatory requirements. Types and strengths in negotiated Service Level Agreements (SLAs) and underpinning contracts The manner in which costs are expensed; capital expenses will now become operational expenses. Validation comes with testing Even companies that have invested in developing a disaster recovery program fall short when it comes to testing and validation of their strategy. Cloud disaster recovery can help address this problem. Cloud can provide a secure testing environment, is scalable, and may have automation tools or contracted third-party resources available to reduce the need for specialized skills. Cloud disaster recovery significantly reduces cost over traditional disaster recovery with physical hardware in a dedicated location. In most organizations, testing can only be done on a limited level perhaps quarterly and most often annually. Issues around cost, staffing, environment control and the impacts to business operations all impede testing efforts. This can be compounded by the use of multiple sites, time zones and other barriers. Many times, companies even forget that true testing requires end-user participation, and bandwidth on the network is under-sized or constrained by other activities. The elasticity of cloud can address these concerns and greatly improve testing and validation efforts. It is now easier than ever to conduct frequent test cycles of any size or complexity without the negative impacts previously encountered. Organizations can size their cloud environment to meet the need, and when they are done, reset it in preparation for the next test. Public cloud makes this very cost-effective since companies pay for what they use and only when they use it. Disaster Recovery Preparedness Council, June 2016 6

Cloud disaster recovery assessment For 2016, cloud will become the first option when building new IT architecture. This means that companies will start by considering public cloud, then will move to private cloud, hosted systems, or on premise systems if needs dictate. Ultimately, the infrastructure will be a diverse mix, and monitoring/management will become a top challenge. 7 The market for public cloud services is continuing to demonstrate high rates of growth across all markets and Gartner expects this to continue through 2017. 8 To meet this growing challenge, identifying all of the business drivers and requirements is vital. It is absolutely critical that companies know and understand what they have in place today so it can be addressed by new cloud architecture. To reach this level of understanding, a cloud disaster recovery assessment will guide a company in its cloud analysis. A consistent methodology of requirements and data gathering, analysis, and strategy formulation take the mystery out of cloud. An informed organization can make the appropriate decisions needed to drive a successful cloud disaster recovery initiative. Regulatory requirements and strategic decisions aside, knowing what you need and must do, and how it must perform, is the starting point. Some of the key elements in a cloud disaster recovery assessment include: Discovery Understand business disaster recovery goals and objectives Gather interview and workshop data to understand business disaster recovery issues and operational requirements Analysis Review documentation (infrastructure inventory, operations plans, diagrams, P&Ps, SLAs, cost information, existing disaster recovery plans) Review people (skill sets, job descriptions) Review processes (operations, infrastructure, governance and disaster recovery) Review tools (operations and disaster recovery management, monitoring, charge-back, automation and orchestration) Review existing infrastructure architecture (storage, compute, network and security) Review existing application architecture Review cloud solution vendors to identify best fit options Strategy Develop a Disaster Recovery Infrastructure and Capabilities Assessment report Recommend cloud disaster recovery solutions with supporting detail Implement a cloud disaster recovery roadmap 7

Assessment time requirements Using the cloud disaster recovery assessment methodology takes an investment of 4-6 weeks depending on the business size, type, drivers, availability of essential information and customer involvement. This assessment is typically conducted on-premises with access to key staff across all business units and infrastructure locations. A thorough review of documentation and other support materials is included. The assessment methodology is highly interactive in order to develop a realistic understanding of business needs. This will ensure IT decisions and investments are aligned to desired business outcomes. Additional disaster recovery services Disaster recovery solution providers offer a myriad of additional services aimed at helping companies move their program forward. They can address any need from the initial assessment and building out the program to program documentation and validation of implemented solutions. Typically, their services address business continuity and cloud disaster recovery, as well as the more traditional models. Cloud automation and orchestration ITIL/ITSM Recovery capability assessment Application mapping Business Impact Analysis (BIA) Risk assessment (RA) Backup, recovery & archive assessment (BURA) IT Service Continuity strategy design IT Service Continuity Plan and Runbook development Capability validation using multiple methods such as Desk Check reviews, TableTop and failover exercises The services of a solution provider are designed to augment your own business efforts. They build off of a company s work and results when any services are added to an engagement. This helps in managing scope and cost when budgets are tight. 8

Ready, set, go Companies must ask themselves, Are we ready to invest in disaster recovery? Have we considered cloud to optimize our strategies while reducing our financial spend? Most companies admit that we don t know what we don t know. Getting started may seem like a daunting task to undertake, but help is available. A cloud disaster recovery assessment helps a company define what is needed, how cloud can fit into your disaster recovery program, determine what cloud options will be the best fit for an organization and more. Companies can benefit from and take advantage of public, private or hybrid cloud. A cloud disaster recovery assessment is a detailed look at an organization s existing infrastructure and program, helping them answer questions that will guide them toward a working, reliable and efficient cloud solution. Conclusion Disaster recovery utilizing the cloud has many benefits that will help today s businesses reach a level of preparedness they may not have previously experienced. Cloud also has pitfalls that need to be considered when deciding which type to use. Companies that understand what cloud offers and what they need to do to prepare are well-positioned to realize the benefits. Costs to implement and maintain a disaster recovery environment will certainly be lower using a public cloud solution. Cloud can improve a company s ability to test individual solutions as they are implemented or validate an entire strategy before it is called upon. To decide what type of cloud is right based on operational needs and budget, a company should complete a full assessment. Ideally, a company should have a disaster recovery solution provider ready to analyze all relevant information and work with them to guide decision-making. A customized disaster recovery solution is critical to a company s ability to protect its data, assets, people, and customers. With advances in cloud-based disaster recovery technology, the cloud is proving to be an increasingly attractive option. 9

Why Datalink? Datalink s highly skilled and experienced professionals provide vendoragnostic services to support IT transformation efforts. We ensure that your initiatives are relevant and successful in today s environment of growing customer expectations and decreased IT spending. Datalink s Cloud Disaster Recovery Assessment is a detailed look at an organization s existing infrastructure and program, helping them answer questions that will guide them toward a working, reliable and efficient cloud solution. Our team has deep experience in: Helping customers make cloud disaster recovery decisions Implementing cloud disaster recovery automation tools Developing automated end-user self-service portals Transferring our skills to your team Comprehensive services from cloud, business continuity and cloud disaster recovery strategies to robust technology solution architecting, managed services and cloud disaster recovery program development References 1: Ponemon Institute, 2015 Cost of Data Breach Study, December 14, 2015 2: Disaster Recovery Preparedness Council, 2014 Annual Report 3: Disaster Recovery Institute International, drii.org, Professional Practices, June 30, 2016 4, 5, 6: Gartner IT Glossary, Gartner.com, June 2016 7: Seth Robinson, Sr. Director, Technology Analysis, CompTIA, December 21, 2015 8: Gartner Inc. press release, January 25, 2016 datalink.com insight.com 2017 Datalink, an Insight company. All rights reserved. No portions of this document may be reproduced without prior written consent of Datalink Corporation. Datalink and the Datalink logo are trademarks or registered trademarks of Datalink Corporation. CDR-WP-2.0.03.17 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback