While hybrid cloud adoption is increasing and data protection remains a top organizational priority, companies are still struggling to refine their disaster recovery (DR) initiatives in the cloud.

This is one of the findings in the recently published 2021 Cloud Protection Trends Report. Others include the following:

  • That roles outside of central IT are leaning in more on core data protection decisions.
  • Migrating workloads between on premises and cloud is not always a one-way path
  • Organizations are seeing the need to back up container environments and SaaS applications like Office 365

The research shows that organizations are experiencing a long list of challenges as they try to use or test the public cloud for DR. More than half (54%) of the 1,550 IT decision makers polled said their companies were struggling with network configuration during testing while production is still functional. Additionally, more than two in five listed DR-related challenges in achieving connectivity for users within corporate locations (47%), securing remote sites against cyberattacks or access (43%), and connectivity for users working remotely (42%).

Beyond this, one in six said they don’t even use cloud-hosted infrastructure as part of their DR strategies. The main reasons for not doing so include concerns that cloud infrastructure is not secure enough or would violate compliance requirements, the fact that their DR strategy uses a remote third-party BC/DR location, and the perception that cloud infrastructure is too expensive.

Bottom line: Cloud-based DR is still hard to pull off successfully.Re-hosting servers that go down in one location and come back online elsewhere is already hard to do. And it can be even more difficult if those servers go down as data center servers and come back within a cloud host. How to reconnect the networks to ensure productive access without exposing a security risk is a key consideration among both current DR users and those not yet leveraging cloud DR. This is even more complicated when the recovery is from less than a whole-site failure, so current users must now access some old and some rehosted servers simultaneously.

Data portability features in disaster recovery tools provide support for cloud-based DR. They make it easier to back up, restore and move workloads across IT environments – across clouds, data centers, containers and hybrid landscapes.

Shifting responsibilities

Traditionally, backup responsibilities have been handled by data protection teams inside of central IT. However, the cloud approach is changing this. New stakeholders (LOB owners, DevOps, and compliance) are now stepping up to take bigger roles in core data protection decisions. This makes sense as traditional IT solution stacks evolve toward PaaS (microservices and containers) and SaaS. The owners of the investments into those services are now taking a vested interest in backup and recovery capability.

The research also showed different ways of resuming operations from organizations’ DR functions. The largest percentage of respondents recover data on premises by mounting data in the cloud and executing from on premises (40%). Following behind are those who take data from offsite and pull it back (25%) and those who recover in the cloud using preconfigured servers that would spin up but the networking is manual (22%).

While the use of cloud-based IT is inevitable for most organizations, there are many “modern” architectures to standardize on. In the past, nearly every organization centered its computing on midrange systems. Today, they’re all pursuing different “modern” scenarios including IaaS, SaaS, PaaS and containers – each with various benefits and each with different data protection requirements.

SaaS and containers

Looking at SaaS, there’s an urban myth that administrators don’t believe that their data should be backed up, and that perhaps the recycling bin is good enough. The reality is that both SaaS admins and backup admins agree on the reasons Office 365 still requires traditional backups above and beyond the built-in availability mechanisms.

The main reasons SaaS administrators listed for protecting data from Office 365 platforms is reacting to the accidental deletion of data (58%) and preparation against cybersecurity attacks (57%). These were followed by concerns about malicious users or other internal threats (48%), the need for better restoration capabilities (44%), and compliance or regulation requirements (43%).

Overall, 66% of SaaS administrators and 44% of IaaS administrators said their organizations either back up containerized applications or are looking for a solution to do so. The largest percentage said their containerized applications’ stateful data is contained separately and backed up there. Another 53% of IaaS admins and 34% of SaaS admins said their containerized applications don’t have data that needs to be backed up or that they don’t back up because their container architecture is natively durable.

Even though the IT roles in charge of deploying, managing and protecting containers (and its data) varies greatly, there is relative consistency between personas as to whether container-based data needed to be backed up and, if so, by what kinds of mechanisms. As more “stateful” container applications are brought into production, the need to protect the data holistically (meaning native within the container, instead of “just” the storage repository) is likely to grow – and presumably the requirement for third-party native backups.

ABOUT THE AUTHOR

Dave Russell

Dave Russell, VP of enterprise strategy at Veeam, is responsible for driving strategic product and go-to-market programs, spearheading industry engagement and evangelizing Veeam’s vision for Cloud Data Management. He works closely with the executive leadership team in accelerating the company’s growth. Prior to Veeam, he held the role of vice president and distinguished analyst at Gartner with a focus on storage strategies and technologies.

Rethinking Disaster Recovery for Cloud-based SaaS Applications
Dropbox. Google Workspaces (formerly G Suite). Microsoft Office 365. Salesforce. These software-as-a-service (SaaS) offerings represent some of the business-critical applications...
READ MORE >
Three Questions to Jumpstart DR Budget Discussions
The 2022 IT budget planning season is well underway and with the rising frequency and impact of cybercrime growing each...
READ MORE >
The Colonial Pipeline’s Security Awareness Lessons
Ransomware is one of the top cyber threats facing businesses. The most significant ransomware attack that ever went public involved...
READ MORE >
Disaster Recovery Testing Done Right: A Guide to Confirming Your DR Plan Is Ready to Go
The importance of disaster recovery testing can’t be overstated. It’s one thing to have a DR plan in place. It’s...
READ MORE >