Serg Nvns - Fotolia
Disaster recovery adoption has gone up over the past few years, along with the number of potential IT threats.
According to industry experts, the advent of the cloud has opened up newer, less expensive ways for businesses to adopt a disaster recovery (DR) plan than in the past. However, threats like ransomware and natural disasters making headlines are also driving disaster recovery adoption.
"Disaster recovery is now within reach," said George Crump, chief steward at Storage Switzerland. "Replication 10 years ago was a mystic art, but now everybody has a replication tool. And those tools are getting less expensive and more powerful."
Crump said not only are businesses able to use the public cloud as a DR site, but more vendors are offering DR as a service, significantly lowering overhead and barrier of entry to disaster recovery adoption. He said, in the past, DR involved a second data center, and an organization's only course of action in a catastrophic failure was simply restoring as fast as possible from backup copies. For some companies, those copies lived on magnetic tape. The cloud eliminated the physical footprint requirement for DR and increased the speed at which data could be recovered.
While the cost of disaster recovery adoption has gone down, the potential costs of not having DR have gone up, further driving adoption. Increased frequency and sophistication of cyberattacks and the severity of natural disasters have made organizations take DR more seriously.
"The news helps us," Crump said. "The publicity generated as a result of these events is certainly making people take DR more seriously."
When dealing with clients in areas that were at low risk for a natural disaster, Crump said DR was a tough sell historically, because they felt safe. But with high-profile ransomware incidents hitting the news, customers now see that cyberattacks can take out a data center the same as any flood or fire, making no geographical location safe.
When Marc Staimer, president and founder of Dragon Slayer Consulting in Beaverton, Ore., brings up the topic of DR with his clients now, they're usually thinking about cyberattacks, rather than natural disasters.
"Right now, the biggest thing is ransomware. The numbers say so," Staimer said. "Whenever I talk to people about data protection, ransomware always comes up; natural disasters do not."
Smaller businesses less likely to invest in DR
Staimer said disaster recovery adoption has become more accessible to smaller businesses. That's because as-a-service offerings take the burdens of physical footprint and hardware sizing, acquisition and management off of companies that lack IT resources.
However, he said he still encounters many small companies with no DR plan at all, simply because DR is viewed as a cost from the business perspective. Investing into it doesn't bring profit to the business.
Marc Staimerpresident and founder of Dragon Slayer Consulting
"After they've had a disaster, guess what? They're investing now," Staimer said.
It's those small and medium-sized businesses (SMBs) that are most likely to be caught off-guard by disasters, said Greg Arnette, technology evangelist at data protection and security vendor Barracuda, based in Campbell, Calif. He said because they lack the resources of large enterprises, SMBs are more likely to "do without," when it comes to things such as disaster recovery adoption.
In the past, when enacting business continuity (BC) and DR plans was too expensive, many of these businesses would consider whatever traditional backup they had as good enough.
Arnette said managed service providers (MSPs) are seeing this market and have started to add BC and DR services to their portfolios.
"The availability of BC [and] DR capabilities offered as low-cost, pay-as-you-go, cloud-enabled services is becoming more appropriate to SMBs, especially ones that work with MSPs to get their IT needs solved," Arnette said.
Not discounting the ever-present threat of cyberattacks, Arnette said climate change is having an impact on areas that were once considered safe or low-risk for natural disasters. Companies in these zones are finding they need to implement a DR strategy, whereas they never had to think about it before.
"Storms and events that impact information technology systems are increasing, and their magnitude is getting more severe," Arnette said. "Organizations that hadn't considered disaster recovery systems now need to put their attention onto that, because changing climate is driving more severe weather."
Arnette said the golden rules and best practices of DR -- tips like making sure the DR site is not on the same power grid or relies on the same internet connection as the primary site -- haven't changed. Rather, more people need to be aware of and start implementing them.