Overcoming the Top Challenges of Back up and Recovery to the Cloud

By Sam Woodcock, EMEA Director of Solutions Architecture, iland

Disaster recovery and back up in the cloud have changed almost beyond recognition since iland started offering services 11 years ago.

The business landscape is more complex, cloud adoption has gone mainstream and the regulatory environment bears little resemblance to what it looked like a decade ago. But, although the answers to back up and DR questions have changed, those key questions remain the same and there are still five top challenges that companies face when considering back up and recovery in the cloud. Getting to grips with these at the start paves the pathway to a smooth onboarding experience and offers a much better chance of implementing a reliable business continuity strategy for your company. Let’s take a look at these challenges.

• How do I know what I need in the cloud?

A cloud-based back up and disaster recovery project generally starts with a raft of questions: what do I need in the cloud? How do I know that what I have on-premises is ready to replicate to the cloud? What are my specific disaster recovery requirements and priorities? Answering these questions used to involve quite a bit of guesswork and there was always a possibility that businesses might over-provision, generating excess cost, or under-provision, creating unacceptable risk. To address this challenge, iland have developed a lightweight standalone app that is downloaded into the customer’s environment and helps manage the assessment process by identifying and prioritising workloads for backup or DR. The app walks organisations through understanding their existing network and workloads and calculates exactly what size cloud environment is needed. It can also give a good window on what the likely costs are going to be as they build out their virtual data centre. This means that decisions can be made on the basis of knowledge, not guesswork.

Of course, while apps like this can give you autonomy over scoping out your back up and DR needs, you don’t have to do all the hard work by yourself. Solutions architects at your prospective CSP should be supporting you through this, analysing the data that comes off your system and flagging up any issues that might arise based on the specifics of your environment.

• How can I meet my compliance obligations?

Compliance today means something far different to what it meant ten years ago. Back then it basically came down to the ability to conduct an audit of data centre security. Now, the risks of severe regulatory penalties rank right up there with the actual damage caused by a system outage or data breach, and understandably so. Businesses are now responsible for ensuring that data processor partners like cloud service providers are compliant with regulations such as the EU General Data Protection Regulation (GDPR) along with many other regulations such as ISO 27001, SOC 2 and data sovereignty. Assessing the compliance posture of potential cloud service providers has become a key part of vendor selection in a bid to minimise data risk, financial and reputational exposure. Fundamentally, your data is probably one of the most valuable things your business owns. If you’re going to be replicating that to the cloud you need to be able to hold your provider accountable.

To help you navigate the minefield of compliance, you need to look for a combination of third party accreditation and a “compliance mindset” within the vendor. You want a vendor who has the in-house expertise to actively engage with your risk and compliance teams and deliver transparent, ongoing monitoring and reporting. If you work in a particularly highly regulated sector such as finance or healthcare, look for partners who demonstrate that they have specialist knowledge of the compliance environment you operate in.  Ask them how they are going to help you meet audit and reporting obligations as well as what tools they offer for self-service reporting of security and compliance settings within your cloud environment.

• How will the cloud handle complex network design?

When planning back up and DR, building out a network blueprint for DRaaS in the cloud is critical. Moving a service physically from one region to another is a complex networking challenge, especially if you are required to change internal networking parameters or hostnames – you don’t want to do this on the fly in the face of an incident. It’s much better to have the ability to build a replica of your internal networking scheme in the cloud, so all your failed over applications can work seamlessly.

Another useful feature is the ability to partially failover just those parts of an application that have a problem, rather than having to failover your whole infrastructure. By just failing over the affected VM or group of VMs to the cloud, your on-prem environment can access that VM just as if it was on its local LAN. This saves a great amount of work and cost as well as providing for a fast and secure failover process.

• How do I orchestrate systems for recovery in the cloud?

It’s now pretty easy to get data from Point A to Point B in back up terms, but you need to ask what you’re actually going to do with that data when you need it. How are you going to orchestrate your systems to come back online when disaster happens? What will the process look like and how easy is it to do a test failover, record what happens and use this as a reference to check for anomalies? You want to be able to dictate the flow of the failover and the order that everything will come back online to ensure the most efficient process that causes minimal business disruption.

The best tools to do this allow you to create recovery groups and organise those into a runbook that dictates the order and timing with which everything comes back online. iland’s DRaaS offering allows customers to build automated Disaster Recovery runbooks which can be leveraged for automated testing and fully-automated failover. The beauty of this is that as your system evolves and more VMs are added to the cloud, you can simply edit the runbook and resave it, rather than having to start again from scratch.

• How am I going to manage cloud-based back up and DR once it’s in place?

The final challenge of preparing for back up and DR to the cloud is ongoing management. Moving to the cloud can be a game-changer, but it requires a different mindset and you’ll also want the same sort of visibility you’re used to in your on-premises environment. You’ll want to know how you can manage your DR in extreme circumstances that disasters create. For example, we know that, in an evacuation situation, communications can be disrupted, so we’ve ensured that you can hit the failover button from your iPhone and manage the environment from your mobile. More prosaically, you might want alerts to be set up around billing, performance, security so you can have the same level of manageability you would have on-prem, and not be hit with any nasty surprises!

By getting answers in these five areas at the outset you can get a handle on the critical aspects of moving to the cloud for back up and DR and know that you’re getting the right environment that can evolve with your business to protect it now and in the future.

For more insights on best practices for implementing cloud-based backup and DR, go to iland.com

By Sam Woodcock, EMEA Director of Solutions Architecture, iland

Disaster recovery and back up in the cloud have changed almost beyond recognition since iland started offering services 11 years ago.

The business landscape is more complex, cloud adoption has gone mainstream and the regulatory environment bears little resemblance to what it looked like a decade ago. But, although the answers to back up and DR questions have changed, those key questions remain the same and there are still five top challenges that companies face when considering back up and recovery in the cloud. Getting to grips with these at the start paves the pathway to a smooth onboarding experience and offers a much better chance of implementing a reliable business continuity strategy for your company. Let’s take a look at these challenges.

• How do I know what I need in the cloud?

A cloud-based back up and disaster recovery project generally starts with a raft of questions: what do I need in the cloud? How do I know that what I have on-premises is ready to replicate to the cloud? What are my specific disaster recovery requirements and priorities? Answering these questions used to involve quite a bit of guesswork and there was always a possibility that businesses might over-provision, generating excess cost, or under-provision, creating unacceptable risk. To address this challenge, iland have developed a lightweight standalone app that is downloaded into the customer’s environment and helps manage the assessment process by identifying and prioritising workloads for backup or DR. The app walks organisations through understanding their existing network and workloads and calculates exactly what size cloud environment is needed. It can also give a good window on what the likely costs are going to be as they build out their virtual data centre. This means that decisions can be made on the basis of knowledge, not guesswork.

Of course, while apps like this can give you autonomy over scoping out your back up and DR needs, you don’t have to do all the hard work by yourself. Solutions architects at your prospective CSP should be supporting you through this, analysing the data that comes off your system and flagging up any issues that might arise based on the specifics of your environment.

• How can I meet my compliance obligations?

Compliance today means something far different to what it meant ten years ago. Back then it basically came down to the ability to conduct an audit of data centre security. Now, the risks of severe regulatory penalties rank right up there with the actual damage caused by a system outage or data breach, and understandably so. Businesses are now responsible for ensuring that data processor partners like cloud service providers are compliant with regulations such as the EU General Data Protection Regulation (GDPR) along with many other regulations such as ISO 27001, SOC 2 and data sovereignty. Assessing the compliance posture of potential cloud service providers has become a key part of vendor selection in a bid to minimise data risk, financial and reputational exposure. Fundamentally, your data is probably one of the most valuable things your business owns. If you’re going to be replicating that to the cloud you need to be able to hold your provider accountable.

To help you navigate the minefield of compliance, you need to look for a combination of third party accreditation and a “compliance mindset” within the vendor. You want a vendor who has the in-house expertise to actively engage with your risk and compliance teams and deliver transparent, ongoing monitoring and reporting. If you work in a particularly highly regulated sector such as finance or healthcare, look for partners who demonstrate that they have specialist knowledge of the compliance environment you operate in.  Ask them how they are going to help you meet audit and reporting obligations as well as what tools they offer for self-service reporting of security and compliance settings within your cloud environment.

• How will the cloud handle complex network design?

When planning back up and DR, building out a network blueprint for DRaaS in the cloud is critical. Moving a service physically from one region to another is a complex networking challenge, especially if you are required to change internal networking parameters or hostnames – you don’t want to do this on the fly in the face of an incident. It’s much better to have the ability to build a replica of your internal networking scheme in the cloud, so all your failed over applications can work seamlessly.

Another useful feature is the ability to partially failover just those parts of an application that have a problem, rather than having to failover your whole infrastructure. By just failing over the affected VM or group of VMs to the cloud, your on-prem environment can access that VM just as if it was on its local LAN. This saves a great amount of work and cost as well as providing for a fast and secure failover process.

• How do I orchestrate systems for recovery in the cloud?

It’s now pretty easy to get data from Point A to Point B in back up terms, but you need to ask what you’re actually going to do with that data when you need it. How are you going to orchestrate your systems to come back online when disaster happens? What will the process look like and how easy is it to do a test failover, record what happens and use this as a reference to check for anomalies? You want to be able to dictate the flow of the failover and the order that everything will come back online to ensure the most efficient process that causes minimal business disruption.

The best tools to do this allow you to create recovery groups and organise those into a runbook that dictates the order and timing with which everything comes back online. iland’s DRaaS offering allows customers to build automated Disaster Recovery runbooks which can be leveraged for automated testing and fully-automated failover. The beauty of this is that as your system evolves and more VMs are added to the cloud, you can simply edit the runbook and resave it, rather than having to start again from scratch.

• How am I going to manage cloud-based back up and DR once it’s in place?

The final challenge of preparing for back up and DR to the cloud is ongoing management. Moving to the cloud can be a game-changer, but it requires a different mindset and you’ll also want the same sort of visibility you’re used to in your on-premises environment. You’ll want to know how you can manage your DR in extreme circumstances that disasters create. For example, we know that, in an evacuation situation, communications can be disrupted, so we’ve ensured that you can hit the failover button from your iPhone and manage the environment from your mobile. More prosaically, you might want alerts to be set up around billing, performance, security so you can have the same level of manageability you would have on-prem, and not be hit with any nasty surprises!

By getting answers in these five areas at the outset you can get a handle on the critical aspects of moving to the cloud for back up and DR and know that you’re getting the right environment that can evolve with your business to protect it now and in the future.

For more insights on best practices for implementing cloud-based backup and DR, go to iland.com