disaster recovery

(Source – Shutterstock)

Complexities hindering backup and disaster recovery capabilities?

As-a-Service is the future for software and basically any form of technology being adopted by organizations today. Be it Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Backup and Disaster Recovery as a Service (BaaS/DRaaS), these four as-a-Service scenarios represent the core elements for an organization’s cloud journey as well.

The increased usage and dependence on the as-a-service model would also mean that businesses are going to need more protection for these environments. According to Veeam’s Cloud Protection Trends Report 2023, companies are recognizing the increasing need to protect their SaaS environments. Preparing for a rapid recovery from cyber and ransomware attacks was the top cited reason for this backup, with regulatory compliance as the next most popular business driver.

But is backup enough to secure and protect an organization’s data? And can BaaS enhance disaster recovery capabilities for an organization?

The realities of backup and disaster recovery

 Tech Wire Asia caught up with Anthony Spiteri, Senior Global Technologist, Product Strategy at Veeam to get his views on the backup and recovery industry as well as the challenges organizations are facing during Tech Week Singapore.

According to Spiteri, as organizations are moving towards object storage, a lot of companies are now offering object storage as well. The primary source is leveraging objects for a landing zone, but also to run other workloads out as well.

“For us, that means we scale up backup technology, which is effectively the software-defined storage that we have, we can now have enough storage. And then for capacity tier, which is for that medium-term retention to be s3, or whatever it might be. And long-term retention is on Amazon glacier, we almost never touch it. But we want to put you up with the majority of your data, because obviously, with compliance, and regulations, you need to store more and more data. As data grows bigger as well, with object storage, it is now become possible to treat it as a fast recovery landing zone situation,” commented Spiteri.

Spiteri also highlighted that as companies need to store data for several years, it’s not finding its way into insurance plans. For example, businesses would now have to prove their disaster recovery, backup policies, and such to get insured effectively.

“The financial sector led the way early on in terms of compliance around disaster recovery and backup around storage because they had to. But now, everyone is catching up to it. This means there is a need to store more data longer. So when you think about it, there’s a huge immutability coming to storage. That means you can’t actually store data the smarter matter because it is locked in longer. As such, you would have to pay more for this because it is not immutable. And these are the things that are coming into play now with backup and disaster recovery,” said Spiteri.

Complexities over cost for disaster recovery

Interestingly though, Spiteri believes that most companies are still a long way from taking disaster recovery seriously. Simply because many don’t feel there is a need for it yet. For Spiteri, businesses will only take disaster recovery seriously when they reach a situation that requires them to do so, and this is rather concerning.

“Cost is just one factor in the slow adoption. Disaster recovery is a lot more complicated than backup. You have to think about the application, network, storage, and such. So the orchestration part at the end to end of disaster recovery sits there while we effectively offer replication as a service effectively, people feed other sides of that. Now we have got a product called Disaster Recovery Orchestrator that does a little bit more of the orchestration and reporting. It is a tailored solution and at the moment, it’s getting a bit of traction. But yeah, I think it comes down to that cost is nothing secondary to complexity,” added Spiteri.

Meanwhile, Michael Cade, Senior Global Technologist at Veeam Software pointed out that a key part from a technology point of view is to make sure that Veeam is protecting and offering the ability to protect the workloads their customers are using. While some backup companies protect legacy systems (which Veeam does as well through an agent), there’s not been too much traction in it.

“You need to protect the bulk of your employees and not go outside your area of focus. And that’s what we are meant to be. We’re a backup company and we’re all about recovering. We do integrate into security but we’re not going to pretend that we’re a security company by any stretch,” said Cade.

New trends, same solution

The Cloud Protection Trends Report reinforces the views of both Spiteri and Cade. Highlights of the report showed that while new IT workloads are launching in the cloud at far faster rates than old workloads are being decommissioned in the data center, a surprising 88% brought workloads from the cloud back to their data center for one or more reasons, including development, cost/performance optimization, and disaster recovery.

At the same time, with cybersecurity (including ransomware) continuing to be a critical concern, data protection strategies have evolved, and most organizations are delegating backup responsibilities to specialists, instead of requiring each workload (IaaS, SaaS, PaaS) owner to protect their own data. The majority of backups of cloud workloads are now being done by the backup team and no longer require the specialized expertise or added burden of cloud administrators.

Today, 98% of organizations utilize a cloud-hosted infrastructure as part of their data protection strategy, DRaaS is perceived as surpassing the tactical benefits of BaaS by providing expertise around Business Continuity and Disaster Recovery (BCDR) planning, implementation, and testing. Expertise is recognized as a primary differentiator by subscribers choosing their BaaS/DRaaS provider, based on business acumen, technical IT recovery architects, and operational assistance in planning and documentation of BCDR strategies.

Unfortunately, as is often the case for new cloud-hosted architectures, some PaaS administrators are incorrectly presuming that the native durability of cloud-hosted services relieves the need for backup. 34% of organizations do not yet back up their cloud-hosted file shares, and 15% do not back up their cloud-hosted databases.