What is Disaster Recovery as a Service (DRaaS)?

What is Disaster Recovery as a Service?

Disaster Recovery as a Service is a cloud computing service model that protects business applications and data from IT downtime, which can occur for a variety of reasons (e.g., natural disaster, human error, cyber-attack).

When a datacenter, or even a portion of it, is failing to serve its clients, companies are subject to lost revenue, damaged reputation, and jeopardizing industry-specific credentials (e.g., financial, healthcare). Ideally, clients would be unaffected during datacenter outages; however, ensuring pristine business continuity is difficult and expensive, so companies have to strike a compromise between performance and cost. For example, not every company has the budget to provide synchronous replication of applications and data to support a zero-data-loss disaster recovery (DR) plan.

Why is DRaaS useful?

A cost-effective alternative for an increasing number of companies is to opt for a managed service for their DR needs. Cloud-based DRaaS boasts the majority of the core capabilities a large budget enterprise might enjoy, but at a fraction of the cost and with a much faster time to value. The typical trade-off is with recovery point objective (RPO) and/or recovery time objective (RTO), where an on-prem DR solution might approach RPO and RTO of zero, DRaaS solutions tend to be on the order of hours, or at best, minutes for each metric. For most companies, this is acceptable. As a result, DRaaS tends to appeal to companies that can withstand moderate data loss with the benefit of much lower TCO.

The standard service model for DRaaS is a baseline subscription that is tied to a service level agreement (SLA) the service provider (SP) is contractually bound to. Some SPs also meter ingress and egress traffic and tack on additional charges, based on usage. The DRaaS datacenter essentially becomes the DR target for a company’s on-prem applications and data. Once a relationship is in place, a VPN is pinned up between the customer and SP datacenter, and application snapshots are replicated to the DRaaS datacenter based on required RPO metrics. In the event of a datacenter outage, failover to the DRaaS datacenter is initiated and business operations are restored in compliance with the SLA.

How does DRaaS work?

The key difference between traditional DR and DRaaS is the managed service aspect of DRaaS. The same fundamental phases of DR exist in both cases: replication, failover, and failback.

Replication

When applications are earmarked for protection in a company’s DR plan, stateful snapshots are taken with accompanying data at a frequency consistent with RPO requirements. Once a batch of snapshots is taken, it is replicated to the DRaaS target datacenter, which stores groups of snapshots in a first-in-first-out (FIFO) algorithm. The most recent snapshots become the primary targets for failover during a disaster.

Failover

When a disaster strikes, initiating a failover event transitions end-user access to applications and data from the primary datacenter to the DRaaS datacenter, where applications and data have been spun up from the latest instance of replicated shapshots. This transition process, with the right vendor, is simple to manage. Good DRaaS services also include automatic shapshotting while applications run in failover mode, enabling graceful failback and zero loss of data, once normal primary datacenter operations are restored.

Failback

Once a disaster is mitigated, failback is the process of transitioning end-user access back to the primary datacenter. Once failback is complete, the three-phase process resets and the system readies itself for the next disaster.

DRaaS vs. Backup-as-a-Service (BaaS)

DRaaS protects applications and data whereas BaaS protects only the latter. From a business continuity perspective, DRaaS is a type of superset of BaaS in the sense that it includes compute services in order to facilitate application continuity for clients in addition to the data backup services required to support said applications. DRaaS also offers application-level protection policies and runbook automation to orchestrate failover/failback/testing. BaaS solutions are more manually intensive, less elegant, and more time consuming to achieve the same end a DRaaS solution does.

Advantages of DRaaS

• Rapid recovery with minimal downtime - with DRaaS, businesses can continue to operate and restore important resources within hours or even minutes, depending on SLAs.
• A cost-efficient solution - due to economies of scale, DRaaS is able to offer a point of entry for otherwise cost-prohibited organizations to effectively protect their businesses from the ramifications of IT downtime.
• Increased flexibility - traditional considerations, such as infrastructure, power and rent, IT staffing, and licensing, are all rolled into a single service.
• Resource optimization - since DRaaS is a cloud-based solution, usage is elastic, ensuring customers only consume and pay for what they need. This is superior in most cases to more expensive customer-owned/operated DR datacenters since capacity must be paid for upfront “just in case.”

Is Disaster Recovery as a Service right for your business?

Disaster Recovery as a Service could be an ideal fit if you are a small-to-medium-sized business (SMB), are a growing company that requires flexibility, or have no internal resources or bandwidth to manage this software or hardware. 

DRaaS enables you to forgo the exorbitant capital and operational costs of building, equipping and managing another datacenter. Virtualization to reduce storage requirements, as well as data backups, security, and recovery from man-made or natural disasters can be done by a DRaaS provider if these services are in your SLA.

What should you consider when choosing a DRaaS?

Below are critical items to consider when choosing the right DRaaS solution for your business.

• What are your responsibilities vs. the DRaaS provider during and after a disaster?
• What happens if the DRaaS provider cannot deliver services if a disaster occurs and recovery process? It is vital to understand your SLA and the services to which you are entitled. For example, be sure that your RPO and RTO thresholds and requirements are detailed and included in your SLA contract.
• Does the DRaaS provider offer backup software with file syncing to protect against data loss?
• How are applications accessed when disaster strikes? If a VPN is used during recovery, is it managed by the DRaaS provider or reroute?
• Who manages the VDI during a disaster and what is the impact of failover on users and overall operations?
• Does the DRaaS vendor provide strong security, such as early ransomware detection from a private cloud and data encryption from endpoint to cloud?
• How will DNS work in a crisis? Will it shift to DNS managed by the DRaaS provider? A lot depends on whether your DNS is self-managed or hosted.
• Include all regulatory and compliance mandates that are required in the cloud environment.
• What platform requirements, service types and locations/availability levels are supported by the DRaaS?
• How well do the DRaaS services integrate with your existing environment and integration with existing environment
• Security
• Does the DRaaS provider use the 3-2-1 backup rule?
  • Three copies of your data, one production version and two backups.
  • Two formats for your backup, such as network drives, external hard drives and cloud.
  • One of your backups is stored offsite or in the cloud.

• What processes, procedures and support will the DRaaS vendor provide during normal operations and when disaster strikes?.
• What is the extent of post-sales support?

Why should organizations choose DRaaS?

IT is the lifeline for most businesses today. If implemented correctly, it provides a competitive advantage for some while for others it simply means they can spend more time focusing on their core competencies, whether it’s teaching in a school system, or trying a case, or running a grocery store. Peace of mind frees up businesses to be the best they can be. A good DRaaS solution can be a big part of that vision.

Given the upward trend in disasters, DR is among the first insurance policy companies are now considering. DRaaS gives otherwise financially precluded organizations access to the necessary tools required to maintain business continuity during the most trying of times. Since it is a cloud-based technology, DRaaS affords customers the flexibility to expand their DR footprint as their business grows.

DRaaS has proven itself a viable, cost-effective alternative to building out a DR datacenter that might just sit unused most of the time. It also allows companies the option of turning CapEx into OpEx, freeing up resources for other business priorities. It’s not a one-size-fits-all solution, but DRaaS is certainly becoming a crowd favorite.

Related articles:

• Backup and Disaster Recovery
• What is Business Continuity?
• What is Cloud Computing?
• What is Disaster Recovery (DR)?
  
• What is Ransomware?