DISASTER RECOVERY TESTING, YOUR EXCUSES, AND HOW TO WIN

Similar documents
UNITRENDS & NUTANIX ARCHITECTURE & IMPLEMENTATION GUIDE

THE STATE OF CLOUD & DATA PROTECTION 2018

BACKUP AND DRAAS IT BUYER S GUIDE FOUR WAYS TO BEAT DOWNTIME

The Data Protection Rule and Hybrid Cloud Backup

WHITE PAPER. Header Title. Side Bar Copy. Header Title 5 Reasons to Consider Disaster Recovery as a Service for IBM i WHITEPAPER

White Paper BC/DR in the Cloud Era

Disaster Recovery Is A Business Strategy

The Evolution of IT Resilience & Assurance

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

Buyer s Guide: DRaaS features and functionality

ON CALL, ALL THE TIME DISASTER RECOVERY AS A SERVICE FROM WINDSTREAM

The Evolution of IT Resilience & Assurance

Maximizing Availability With Hyper-Converged Infrastructure

Hyper-Converged Infrastructure: Providing New Opportunities for Improved Availability

Disaster Recovery Planning

CIO Guide: Disaster recovery solutions that work. Making it happen with Azure in the public cloud

Don t Jeopardize Your Business: 5 Key Business Continuity Use Cases for Cloud

Disaster Recovery Guide

Understanding Virtual System Data Protection

Availability and the Always-on Enterprise: Why Backup is Dead

TSC Business Continuity & Disaster Recovery Session

From Single File Recovery to Full Restore: Choosing the Right Backup and Recovery Solution for Your Cloud Data

FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION

arcserve r16.5 Hybrid data protection

UNITRENDS CLOUD BACKUP FOR OFFICE 365

What to Look for in a DRaaS Solution

` 2017 CloudEndure 1

IPMA State of Washington. Disaster Recovery in. State and Local. Governments

Elevate the Conversation: Put IT Resilience into Practice for Cloud Service Providers

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

Understanding Managed Services

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

Disaster Recovery Planning: Weighing your customer s options

THE FOUR STEPS TO A TAPELESS BACKUP ENVIRONMENT: YOUR HOW-TO GUIDE FOR DATA MANAGEMENT SUCCESS INTRODUCTION

-archiving. project roadmap CHAPTER 1. archiving Planning, policies and product selection

How to Protect Your Small or Midsized Business with Proven, Simple, and Affordable VMware Virtualization

Why Continuity Matters

Introduction. Read on and learn some facts about backup and recovery that could protect your small business.

Perfect Balance of Public and Private Cloud

The Key to Disaster Recovery

Cloud Strategies for Addressing IT Challenges

Go Cloud. VMware vcloud Datacenter Services by BIOS

PUT DATA PROTECTION WHERE YOU NEED IT

Ensuring business continuity with comprehensive and cost-effective disaster recovery service.

ITIL Event Management in the Cloud

TOP REASONS TO CHOOSE DELL EMC OVER VEEAM

Super Simple and Disaster Recovery

Shaping the Cloud for the Healthcare Industry

CLOUDALLY EBOOK. Best Practices for Business Continuity

A Better Approach to Leveraging an OpenStack Private Cloud. David Linthicum

Chapter 1. Storage Concepts. CommVault Concepts & Design Strategies:

Evolved Backup and Recovery for the Enterprise

Data Protection for Virtualized Environments

IBM Security Services Overview

A guide for assembling your Jira Data Center team

UPS system failure. Cyber crime (DDoS ) Accidential/human error. Water, heat or CRAC failure. W eather related. Generator failure

4 Criteria of Intelligent Business Continuity

A Practical Guide to Cost-Effective Disaster Recovery Planning

Four Essential Steps for Removing Risk and Downtime from Your POWER9 Migration

POWERING NETWORK RESILIENCY WITH UPS LIFECYCLE MANAGEMENT

Ransomware & Modern DR: Risky Business

Backup and Restore Strategies

Archiving, Backup, and Recovery for Complete the Promise of Virtualisation Unified information management for enterprise Windows environments

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Business Resiliency Strategies for the Cloud. Summary Results September 2017

Making the case for SD-WAN

White Paper: Backup vs. Business Continuity. Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

white paper Rocket Rocket U2 High Availability / Disaster Recovery Best Practices

Asigra Cloud Backup Provides Comprehensive Virtual Machine Data Protection Including Replication

Rethinking VDI: The Role of Client-Hosted Virtual Desktops. White Paper Virtual Computer, Inc. All Rights Reserved.

High Availability- Disaster Recovery 101

Data Protection for Cisco HyperFlex with Veeam Availability Suite. Solution Overview Cisco Public

3.30pm. A sneak peek at Veeam 2018 releases Veeam for VMware Cloud on AWS technical deep dive Veeam Availability Console Update pm. 2.

Disaster Recovery and Business Continuity

The Hidden Costs of Free Database Auditing Comparing the total cost of ownership of native database auditing vs. Imperva SecureSphere

Appendix 3 Disaster Recovery Plan

Backup vs. Business Continuity

Using Self-Protecting Storage to Lower Backup TCO

Veritas Backup Exec. Powerful, flexible and reliable data protection designed for cloud-ready organizations. Key Features and Benefits OVERVIEW

Five Powerful Factors Driving Dramatic DRaaS Growth

10 Reasons Why Your DR Plan Won t Work

DR Planning. Presented by. Matt Stolk Associate Director Northwest Regional Data Center Florida State University

Creating and Testing Your IT Recovery Plan

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth

Total Cost of Ownership: Benefits of the OpenText Cloud

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

Protecting VMware vsphere/esx Environments with Arcserve

Moving From Reactive to Proactive Storage Management with an On-demand Cloud Solution

CASE STUDY: USING THE HYBRID CLOUD TO INCREASE CORPORATE VALUE AND ADAPT TO COMPETITIVE WORLD TRENDS

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

The case for cloud-based data backup

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

High Availability- Disaster Recovery 101

Disaster Unpreparedness June 3, 2013

Next Generation Backup: Better ways to deal with rapid data growth and aging tape infrastructures

Protecting Microsoft Hyper-V 3.0 Environments with Arcserve

Slashing Downtime from 24 Hours to 24 Minutes:

Disaster Recovery and Mitigation: Is your business prepared when disaster hits?

(MC-Cloud) for Mission Critical

NEC Express5800 R320f Fault Tolerant Servers & NEC ExpressCluster Software

Transcription:

DISASTER RECOVERY TESTING, YOUR EXCUSES, AND HOW TO WIN INTRODUCTION You can plan, look at diagrams, listen to consultants, but you still won t know that all your recovery capabilities will actually work without testing. Why because recovery can be complicated. So many things can go wrong network configurations do not get replicated properly, application dependencies are not in sync across sites, DR resources may become insufficient over time, etc. And the worst time to identify an issue is during an actual emergency. The cost of failure is high. Failing to recover or deflect attacks results in application downtime. While the cost application downtime varies dramatically across industries, an average for all organizations is about $9,000 per minute in decreased productivity, lost revenue, and other negative business impacts per The Ponemon Institute1. While 99.9% uptime is great, shortening that to 99.99% could save an organization about $350,000 per month1. This level of uptime is only possible if data protection and recovery solutions are tested regularly, and correction of issues that may slow recovery. But how often should you test your DR and what tools should you use?

CURRENT STATE OF TESTING The only way you know you re not wasting time and money on an expensive recovery plan is to test it regularly and see the results. Period. In our annual survey of the backup and recovery practices of medium to large enterprises, we asked respondents how often they test their recovery capabilities. The majority of responding organizations reported testing their DR plans only once per year, less, or not at all. A lot of changes occur in enterprise data centers over the course of a year. In addition, most industry governing bodies require companies to have business continuity plans and know and document their results. With the pressure to keep businesses up and running, why is testing performed so infrequently? WHY TEST? Let s step back a second and make sure everyone agrees that regularly testing recovery is the right thing to do. What does testing provide? Confidence Documenting and maintaining a recovery plan is now an essential task of the IT department. You need to prove to senior management that you have a verifiable process in place to recover business services. You need confidence that your business can run in an emergency and documentation that proves it. Identification of recovery issues A good testing process will identify issues that impact recovery. These can then be addressed prior to a real emergency. Compliance reporting Most companies have industry mandates that require protection against loss of data and functionality. Health care organizations, for example have HIPAA mandates that require not only DR protection, but also that recovery technologies are tested regularly so auditors can see the results. SOX (Sarbanes - Oxley) SOX compliance is required by all publicly traded companies. In addition to requiring corporate officers to take greater responsibility for the accuracy of

financial reports, SOX mandates that organizations understand the risks that may impact the financial reporting process. A proper assessment of this risk should include IT risks resulting from inadequate disaster recovery or business continuity plans. Job Security Failing to raise the criticality of testing can leave the business exposed in ways that can limit the careers of IT professionals. IT professionals are intelligent. If testing is so important why don t companies test more often? The reason is testing can be costly, difficult and risks interrupting critical business processes. EXCUSES ORGANIZATIONS USE FOR NOT TESTING MORE FREQUENTLY When polled, most organizations cite several reasons why they don t test more often: Testing takes time IT pros are already overwhelmed with the day to day tasks of managing complex and extensive IT infrastructure. Testing can disrupt production systems Many test procedures require that you bring down production in order to validate the test. And if traditional restore processes are used, this downtime process can be very impactful. So much so, that organizations feel the need to cut corners in the process, which leads to false positives, high risk, and wasted time. Testing can cost money Outside providers are playing an increasing role in providing disaster recovery services. DR testing can create charges for things like public cloud compute cycles, 3rd party recovery services, or consultants that have to be included in an IT budget. Undocumented DR plan While most organizations will claim to have a documented DR plan, most are not regularly updated, dependent on a While most organizations will claim to have a documented DR plan, most are not regularly updated.

Vendors of backup and recovery technology may support only lower levels of testing, yet claim they have full testing capabilities. few key individuals, on a spreadsheet or Word Doc, and are difficult to locate. Testing will more than likely create the need to update the plan, requiring more time be spent on something everyone hopes will never be used. LEVELS OF TESTING There are many different ways to test data backup and disaster recovery capabilities. Some are very basic and check only that data has been replicated to the right location. Others actually test functionality to ensure users can perform their jobs. Vendors of backup and recovery technology may support only lower levels of testing, yet claim they have full testing capabilities, so research is required to determine exactly what they support. Examples of the different levels (basic to advanced) are: Data verification This test just checks that blocks / files are good after they have been backed up. Needless to say this level of testing does nothing to ensure the applications can be functionally recovered. Database mounting Verifies a database has basic functionality within backups. Single machine boot verification Verifies that a single server can be rebooted after a downtime event. Single machine boot with screenshot verification this test goes a little past boot verification by sending an image of the operating system splash screen to administrators as proof the system can be recovered. DR Runbook testing Multiple machines are spun up for testing. This is especially important for multiple servers that deliver a business service together, such as an ERP system or clustered databases. Recovery Assurance This is the highest level of testing as it includes multiple machines, deep application testing, SLA assessment, and analytics as to the reason any recovery failed.

Anything other than Recovery Assurance still leaves questions about a full recovery. For example, booting to the splash screen may indicate that the operating system can boot, but it proves nothing about its functionality and responsiveness to the business. You should also consider outsourcing your DR program to professionals. Disaster Recoveryas-a-Service providers embed testing as part of their offering with the best performing full recovery assurance testing. Traditional DR in the public cloud does not include this and can lead to organizations spending thousands of dollars per month with no idea if they are gaining any business value. Look for DRaaS providers that offer recovery Service Level Agreements (SLAs) as effective testing is the only way they can ensure they are not paying large amounts for non-performance. THOSE OLD EXCUSES FOR NOT TESTING ARE NO LONGER VALID Fortunately there are cost-effective, intelligent technologies available that can automate, orchestrate and analyze application recoverability to ensure entire workloads are functional and, if not, report what is broken. Additionally, you get an easy to read, formal report certifying the final results of a DR test that can be shared with auditors and senior management. These tools automate testing so you know exactly how fast and to what point your data and applications are protected without requiring much manual work or extra expense. The excuses for not testing are no longer valid: Testing Takes Time No more, it is fully automated. The results are emailed to you for a simple review to see that everything was successful. Testing can disrupt production systems No more, testing can be conducted within isolated labs that shield production applications from network conflicts. They can be run in alternate locations, such as cloud infrastructure. Disaster Recoveryas-a-Service providers embed testing as part of their offering with the best performing full recovery assurance testing.

Tools automate testing so you know exactly how fast and to what point your data and applications are protected without requiring much manual work or extra Additionally, they often do not even require additional storage given that test can be run against your backups. Testing can cost money While testing will never be totally free, focus on the TCO with the payoff being business continuity and data protection. Undocumented DR plan DR Specialists can help develop your DR plan and new web tools can keep it readily available to everyone on the team. In addition Recovery Assurance can document its DR recovery steps as part of its runbook setup. Also, all of these excuses can be overcome by outsourcing your recovery program to experts. They will do all recovery testing and take on the business risk of slow recoveries with SLAs that payout for RTOs that do not meet the contracted goals. expense. NEXT GENERATION TECHNOLOGY These next generation technologies can automate testing and reporting to give 100% confidence that recovery can and will take place as required. Recovery Assurance Recovery Assurance delivers fully automated recovery testing. Running either locally on the backup appliance or in the cloud, Recovery Assurance will automatically test and certify full business service recovery. Using backups, the entire infrastructure is recreated and booted up to ensure that all data and application dependencies are correct. Recovery Assurance can be directed to use as many of 50+ built-in tests that are appropriate for your environment. These can include: Running and verifying a database query, Mailbox transport submissions on Exchange Validating service availability, and Build and run your own custom scripts to test unique aspects of your workloads.

Unitrends Recovery Assurance verifies the success of each point in time that an application is protected. It includes built-in analytics that assess the impact of an outage in terms of its projected downtime and data loss. It also reports the results of recovery testing to business stakeholders (no setup required) in the form of actual RTO and RPO achieved and flags warnings against their goals. Copy Data Management Backups are not just for recovery anymore. There many corporate benefits that can be derived from backup files. Copy Data Management (CDM) is a concept that, on command spins up test / dev environments identical to the production servers because they use the latest backups. The technology makes your latest data, applications, and lab environments available instantly for testing purposes. One use case is that organizations can use these sand boxes to identify issues with new software by testing them prior to deployment on production servers. Other uses can be for compliance testing, reporting, and any other purpose that requires fast, temporary access to cloned environments without over utilizing production resources. Once all testing is finished the entire test environment can easily be torn down. BCDR (Business Continuity & Disaster Recovery) Link A well documented DR plan is critical to the testing process. Organizations have typically created disaster recovery plans in Excel or Word that are then filed away and dusted off rarely. These can be hard to manage, store, and and have limited access to those who need it. BCDR Link https://bcdrlink. com is a free online tool that helps you build and customize a DR plan. The template follows the most up-to-date guidelines of International Organization of Standardization (ISO) standard 22301 that specifies security requirements for disaster recovery preparedness and business continuity management systems (BCMS) and includes all steps necessary for a comprehensive recovery plan. The advantage of on line access is that everyone knows where it is stored and the author can control who has access. All testing excuses can be overcome by outsourcing your recovery program to experts.

Outsourcing to DR Professionals The amount and frequency of testing should match the critical nature of the system. DRaaS has greatly evolved from its first iterations. World-class DRaaS providers now offer White Glove services that free enterprise IT from having to learn, manage and deploy recoveries. DRaaS White Glove providers will do complete DR planning, including setting up the server reboot order so business-critical applications are the first to recover. Recovery is initiated by a simple phone call with the service provider doing all the work. And the best part is that DRaaS White Glove providers offer both 1-hour and 24-hour Service Level Agreements (SLAs) for application recovery with financial recourse for any delays. This high-touch version of DRaaS can be managed and deployed from any location and protect remote sites around the world SO, HOW OFTEN SHOULD YOU TEST? So if you have the latest technology, how often should you test recovery? A quick Google search for How often should you test your DR shows most vendors and analysts won t give detailed advice. They mostly agree however that enterprises today don t test enough but even that advice assumes that there is a definition of enough. Gartner, in their report Modify Your Backup / Recovery Plan to Improve Data Management and Reduce Cost (February, 2017) advises Perform data recovery testing at least once a year on a subset of data to ensure the backup strategy effectively meets the stated SLA projections. This advice reflects the old world of testing and not the new reality. The real answer is It depends The real answer is the amount of testing should match the critical nature of the system. Prioritize testing based on the criticality of business services and work your way back to the infrastructure that supports them. If you have machines that require high responsiveness, validate this in your testing. Don t assume that performance is sufficient. Leverage technologies such as replicas vs. backups for highly transactional machines, and include performance scripts to validate responsiveness. While testing is not free, it is

far easier and more cost-effective than ever. It takes some resources for spin-up, but in many cases those are already available or can be supplemented by using backup storage given modern technologies. You should test as frequently as you can based on your available resources and recovery point objectives. Remember, every recovery time objective that is untested is a risk to your RPOs and can increase the amount of data lost in an outage because you weren t able to verify that a recovery point was successful. Users of next generation technology can do frequent testing of their entire infrastructure to greatly reduce the risk of recovery. If this is the case you should be testing automatically at least monthly and on-demand after changes are made to the infrastructure! Remember, IT infrastructures are not static environments. They constantly change. Adding new applications, virtualizing new servers, upgrading software, and moving assets to the cloud can break elements of your DR plan, so retest after infrastructure changes are made. If changes are made frequently, you want frequent testing. If changes are not made frequently and data change rates are not high, you can potentially live with less frequent testing. Testing is so important that you should include this metric in any DR solution purchase. To ensure faster recoveries and lower impacts from downtime choose a solution with automated, free recovery assurance as part of its offering. Or better yet, outsource your DR program to certified experts that will guarantee their performance with SLA s. GET YOUR FREE TRIAL Unitrends increases uptime and confidence in a world in which IT professionals must do more with less. Unitrends leverages high-availability hardware and software engineering, cloud economics, enterprise power with consumergrade design, and customer-obsessed support to natively provide all-in-one enterprise backup and continuity. The result is a one throat to choke set of offerings that allow customers to focus on their business rather than backup. Learn more by visiting unitrends.com or follow us on LinkedIn and Twitter @Unitrends. 1.Average Cost of Downtime - $9,000 per minute Source: Ponemon Institute Research Report unitrends.com PART# WP-2074-ENG-A Testing

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback