How does one explain disaster recovery to a SMB owner or an organisation’s president without confusing them more than clarifying? Or without boring the hell out of them? Here’s my attempt.
First, there are a few terms you’ll need to acquaint yourself with. Like RTO and RPO. Common slang for us IT experts, but nonsense to non IT professionals.
RTO: Recovery time objective. Simply put: how much time between the moment of the disaster and the time users can work again?
RPO: Recovery point objective. How far back in time are you willing to go in case of a disaster? How much work and/or transactions can be lost without hindering business continuity?
Both of these are counted in minutes, hours or days, and are directly related to the criticality of your IT processes and data. The lower the number is for RTO and RPO, the higher the cost will be for a disaster recovery solution.
Usually, it’s mostly core business applications and data that are included in the scope of a disaster recovery plan. If you think about it, what data is your business dealing with that is not business critical? Usually most of it is, but because disaster recovery can get pricey, some organizations choose to only include a certain percentage of their data in the plan. This, of course, means that you won’t access the data you didn’t include in the plan should a disaster occur.
Before I paint you a broader picture, here are other important terms you should know. Here are the 3 types of recovery sites. An important thought to keep in mind: there is not wrong or right here. The key is to find a disaster recovery plan that meets your organization’s specific needs.
Cold site: A cold site is a datacenter with sleeping servers (virtual or physical) where regular offsite backups can be restored to the sleeping servers. For example, backups for mission critical systems could be done every six hours. This is the most affordable and common type of disaster recovery for SMBs. Usually this scheme is chosen for longer RTO/RPO values.
Warm site: Warm sites require better infrastructure, but they can bring down RTO and RPO to minutes. It all depends on internet link speed, latency, etc. Because they require active licenses, warm sites have about the same total cost of ownership as the original datacenter they are duplicating. Sometimes, they can even cost a little more because of the costs for synchronizing tools for servers and data.
Geographically dispersed high availability: This type of site offers almost instant backups of the duplicated environment in real-time. It is achieved through applicative and network load balancing, and requires advanced Domain Name System (DNS) servers management process.
Cold and warm sites have been the most common disaster recovery options for larger corporations as their data processing defines their business continuity capabilities. Nowadays, the widespread adoption of cloud services allows eased implementation and cost reduction like never before.
Most companies now use virtual servers to handle their daily computing requirements. Virtual server infrastructures are inherently more resilient and easier to replicate across internet and WAN links. Cloud hosting providers can help companies setup a warm site with reduced capabilities through a synchronization procedure that respects the target RPO/TRO.
One the main features of a cloud infrastructure is elasticity. This means that in the advent of a disaster, one simply allocates the required resources to the synchronized servers and move the operations to the cloud hosted infrastructure.
Of course, these setups still require planning and the expertise of IT architects/business specialists to address the specificities of each company. These experts can assess with accuracy the companies’ mission critical needs and thus evaluate feasibility to properly set the requirements of a disaster recovery plan. Cloud technology has made disaster recovery solutions within reach of most SMBs that rely on IT to thrive.