What are the biggest roadblocks organizations face when implementing DR in the cloud?
The most frequently cited roadblock to cloud DR is ensuring security of customer data that is stored in a cloud environment, especially in third-party storage solutions. Since multiple customers and their data typically reside in the cloud, it is possible to hack into all of the customers. Cloud service providers must demonstrate their security capabilities, such as encrypting all client data and employing sophisticated analytical tools to identify potential threats (e.g., distributed denial of service attacks) before they escalate. One way for users to address this challenge is to build a hybrid solution in which noncritical data is stored in the cloud and sensitive data is stored in an on-site storage solution.
Another challenge is the issue of contracting for DR in the cloud. Most users are used to a multitude of contracts for software, hardware and systems management. Cloud providers aim to provide a single contract for all services, but in reality, this may not be enough. Further, if service level agreements (SLAs) are required, cloud vendors may not be able to accommodate rigorous user SLA requirements. Users are well advised to examine the contractual options closely before executing any agreements.
Subscribing to a cloud service and then trying to switch vendors may be a problem if the cloud provider tries to lock in the user. Switching to a different vendor or simply to a different platform can be costly, and vendors will usually not wish to absorb the costs of the change. Users should question prospective cloud vendors about their lock-in policies before signing a contract.
A fourth potential roadblock to DR in the cloud is the issue of managing cloud environments once they have been deployed. Support from cloud vendors may vary, and users may have to build new management plans.
Related Q&A from Paul Kirvan
With ISO/TS 22330, the International Organization for Standardization covers the issues related to the people involved in BC/DR incident response. Continue Reading
Definitions for business continuity and resilience sometimes clash, but both processes help an organization stay on its feet. A new ISO standard ... Continue Reading
Emergency response planning needs to be specific and varied enough that it will enable an organization to recover in the event of many different ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.