Cloud Disaster Recovery (cloud DR)

Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other resources to public cloud or dedicated service providers. When disaster occurs, the affected data, applications and other resources can be restored to the local data center -- or a cloud provider -- and resume normal operation for the enterprise.


The goal of cloud DR is virtually identical to traditional DR: to protect valuable business resources and ensure that protected resources can be accessed and recovered to continue normal business operations. DR is a central element of any business continuity (BC) strategy. Before the advent of cloud connectivity and self-service technologies, traditional DR options were limited to local DR and second-site implementations. Local DR didn't always protect against disasters such as fires, floods and earthquakes. A second site -- off-site DR -- provided far better protection against physical disasters but imposed significant business costs for implementing and maintaining a second data center.


With the emergence of cloud technologies, public cloud and managed service providers could create a dedicated facility to offer a wide range of effective backup and DR services and capabilities. Businesses receive continuous access to highly automated, highly scalable, self-driven off-site DR services without the expense of a second data center and without the need to select, install and maintain DR tools.


Selecting a cloud DR provider

Selecting a cloud DR provider typically involves six separate considerations: location, reliability, scalability, security and compliance.


First, a business must consider the cloud DR provider's physical distance and latency -- putting DR too close increases the risk of shared physical disaster, but putting the DR too far away increases latency and network congestion, making it harder to access DR content. Location can be particularly tricky when the DR content must be accessible from numerous global business locations. Next, consider the cloud DR provider's reliability. Even a cloud experiences downtime, and service downtime during a recovery can be equally disastrous for the business.


Cloud Based DR Approaches Side by Side

Cloud-based DR approaches include managed primary and DR instances, cloud-based backup and release, and replication in the cloud.


Also, consider the scalability of the cloud DR offering. It must be able to protect selected data, applications and other resources, but it must also be able to accommodate additional resources as needed and be able to provide adequate performance as other global customers use the services. Understand the security requirements of the DR content and be sure that the provider can offer authentication, virtual private networks (VPNs), encryption and other tools needed to safeguard the business's valuable resources. Evaluate the compliance requirements and be sure that the provider is certified to meet compliance standards that relate to the business, such as ISO 27001, SOC 2 and SOC 3, and Payment Card Industry Data Security Standard (PCI DSS).


Finally, consider how the DR platform must be architected. There are three fundamental approaches to DR: cold, warm and hot. These terms loosely relate to the ease with which a system can be recovered.


Cold DR typically involves storage of data or virtual machine (VM) images. These resources generally aren't usable without additional work such as downloading the stored data or loading the image into a VM. Cold DR is usually the simplest approach -- often just storage -- and least-expensive approach, but it takes the longest to recover, leaving the business with the longest downtime in a disaster.


Warm DR is generally a standby approach where duplicate data and applications are placed with a cloud DR provider and kept up to date with data and applications in the primary data center. But the duplicate resources aren't doing any processing. When disaster strikes, the warm DR can be brought online to resume operations from the DR provider -- often a matter of starting a VM and redirecting IP addresses and traffic to the DR resources. Recovery can be quite short, but still imposes some downtime for the protected workloads.