Who will recover your data if disaster strikes?
Expect the unexpected
Who here has a disaster recovery plan? OK, that's most of you. How many of you have a disaster recovery plan that isn't "panic"? That's a more reasonable number.
How many of you have disaster recovery plans that you have actually tested? Excellent! This is encouraging.
Now how many of you could implement the full plan before the downtime affected the business? Oh.
Few stories in IT are quite so appalling as those told by people who work in the backup industry. Sometimes, even the business models can be enough to rattle the nerves.
Take KineticD. It makes backup software. It does not make fancy software that can back up anything on the planet or have a feature list as long as your arm.
It does not target the large enterprise like nearly every other backup company. It writes a simple but remarkably effective backup application for small businesses.
In an industry bursting with competition, KineticD's main selling points are ease of use and the fact that it is a Canadian cloud backup company with a Canadian data centre. It would be easy to dismiss it as minor and likely to be annihilated by the overwhelming competition out there, but CEO Jamie Brenzel doesn't see it that way.
"KineticD doesn't compete against other backup vendors. Our competition is nothing at all. We are adopted by businesses that don't have a backup of any kind and we back up more than 60,000 businesses,” he says.
KineticD's story is echoed by IoSafe. There are plenty of companies out there that just want storage that will survive anything – even the building burning down around it. That is exactly what IoSafe makes and it does brisk business.
IoSafe representatives are quick to point out that they are firmly in favour of proper backups and disaster recovery plans, but they are perfectly aware that far too many people allow such schemes to lapse in the hope that the RAID will save them from true disaster.
With an IoSafe you are protected against the building burning down. With a backup program like KineticD you have proper versioning so you can cope with hardware failure or accidental deletions.
Either, or preferably both, of these are certainly better than nothing at all, yet neither represents a true disaster recovery plan.
Crash and burn
If the power goes out or the computer dies a retail outfit can get by for a while by writing sales down on paper and re-entering them when everything is back online. Realistically, how many days can that work? Across how many locations?
How long before loss of access to the financials package affects the ability to make payroll happen, pay the taxman his tithe or meet regulatory requirements to produce various statistics?
Do your accountants even know how to do this by hand any more? If so, do you have anywhere near to enough of them to do it?
What about manufacturing? Where do the robots get their instructions? What happens if the computers feeding them go down?
What feeds information into the computers that feed information into the robots? How deep does that rabbit hole go?
It may be perfectly rational to assume that a company located smack in the middle of a craton does not have to plan for an earthquake, but what about some unlucky fellow slamming into the side of a power substation while street racing?
Do your hurricane preparations amount to bucket brigades? Peer 1's did, and that company is one of the more capable hosting providers on the planet.
Businesses are expected to present IT services that are available at all hours, but not everyone is held to Peer 1's standards. It is likely that a business would be expected to continue operations in a car-versus-substation event, but many businesses would be given a pass in a Hurricane Sandy situation.
Too big to fail
But not all businesses would. It is all about who your customers are. A Ma and Pa bagel shop with three locations all in the same metro will probably be forgiven if they go down when the city experiences disaster.
Take that same company but spread the three locations out across the three major cities in the province and you might find the customers who are half a province away somewhat less forgiving.
In an ideal world every company would have a disaster recovery site that was identical to its primary
There are many schemes for disaster recovery on the market, each more convoluted than the last. In an ideal world every company would have a disaster recovery site that was identical to its primary but that is cost prohibitive, whatever the size of your organisation.
Unitrends allows you to back up all your data to its appliances, which also have a hypervisor installed. If everything goes pear-shaped, you can light up your most critical workloads at the push of a button and be up and running.
This won’t save the bacon of a Fortune 1000 company but it is probably a better disaster recovery plan than those of most small businesses.
CommVault is a great source of stories about the creative ways that companies try to plan for these inevitabilities. Proper disaster recovery planning means you can stand up your entire infrastructure – or at least the bits which are critical for day-to-day operations – at short notice, even if your primary site is destroyed.
If you control multiple sites that are far enough apart – Swiss banks use 100km minimums – with fat enough internet pipes, this is fairly easy. It is not cheap, however.
CommVault has become rather good at virtual infrastructure conversion and will gladly tell you tales of how companies with massive VMware infrastructure run Hyper-V in their disaster recovery site because it is cheaper.
Here is more interesting territory. Multiple sites have at least entered the equation. Automation of failover is still something of a question (how well does automated VMware to Hyper-V work?) as is automated failback after the primaries come back up.
Running one data centre is expensive. Even if your data centre is a single row of servers you are still getting into cabling, cooling, a lot more electrical than anything except heavy industrial equipment and eye-watering capital costs up-front.
A disaster recovery site is an insurance policy. Already an expensive proposition for most businesses, it is becoming ever more so. For how many people is the insurance on a house fire represented by having an entire spare house somewhere?
Disaster recovery can be done cheaper when it is done at scale. That means shared hosting of some variety.
Thanks to almost a decade of public cloud marketing most readers would be excused for assuming that disaster recovery means backing up to one of the big three providers. It doesn't have to be so.
Microsoft's Cloud OS concept seems the closest to a happy medium between "affordable" and "will probably work when waste encounters air rotator". Virtualise everything. Run the same hypervisor on your site as some other provider (a local service provider or Microsoft's Azure cloud) does on its site.
Use software that backs up the whole shebang on a continual basis and if need be turn on the bits that went down. The critical element is having the same hypervisor on both sites, making the entire process of moving compute and data much simpler.
Take your pick
At the very least, backups are required. It may take time to get everything back up and running from backups but a KineticD-style service is far better than nothing.
If you are a small business or home user keeping your data on a local NAS, buy an IoSafe because chances are you won't be checking regularly that your backups are running.
If, however, you run a business where downtime can cost you serious amounts of money, then it is time to start thinking about your disaster recovery options.
What resources do you have available? What needs to be up and running in minutes, hours, days or weeks?
If you pick a hosted provider – public cloud or local service provider – as your destination be sure to vet it thoroughly. You don't want to end up getting Nirvanixed.
You probably want the company that doesn't have to bucket brigade diesel up the stairs during a hurricane, but you absolutely want the one that will if it has to.
Who is on your list? Why? Your thoughts in the comments please. ®