Cloud Alone Is Not Enough. You Still Need Disaster Recovery.
Cloud benefits, including accessibility and elasticity, are many. But the cloud isn’t infallible to disasters.
An IT disaster that leaves an organization without its data and applications can be crippling, if not fatal. The world has become increasingly reliant on access to data and digital services, and prolonged outages may cost your organization lost business, impaired productivity and irreparable reputation damage. The public cloud continues to grow as organizations realize the many benefits it offers but moving to the cloud doesn’t mean leaving behind best practices for disaster recovery preparedness. Even the largest public clouds experience outages as seen in recent news events.
Your Data is Your Responsibility
There is an old saying, “The buck stops here.” It means that responsibility ends with you, and that has never been truer than when it comes to the data your organization owns and manages. Another more recent saying I’ve heard is, “The cloud just means someone else’s computer.” While the truth is more complicated than this saying suggests, it is not wrong. With this in mind, although you may be paying a cloud service provider to host your data and applications on their systems, you are still responsible for your data.
Not only is your data your responsibility, but only you know the value of that data to your organization and what it would mean to lose access to it suddenly. It is up to you to decide what level of disaster recovery protection you need and to define the recovery point objective (RPO) and recovery time objective (RTO) that will minimize disruption to your organization and its customers. It’s unsafe to assume that your cloud service provider is doing any backup or disaster recovery of your data on your behalf. Just like an on-premises IT environment, it is your responsibility to oversee what solutions are available for your cloud data and applications and which ones meet your individual needs.
The Cloud Is Not Infallible
Imagine a cloud platform that is so resilient that you can put all your invaluable applications and data on it and never have to worry about using a disaster recovery solution again. It sounds great, and in some ways, that was what we were led to believe the cloud would be. Unfortunately, there have been enough cloud outages across enough cloud service providers to demonstrate that not even the biggest clouds are immune to disaster.
Whether a cloud administrator types the wrong command that takes down cloud services for thousands of customers, or a natural or man-made disaster disrupts services through loss of power, internet, or physical datacenters, no one can predict what disaster may strike next. It may be partially comforting to know that you are not suffering from an outage alone. Perhaps hundreds or thousands of other cloud customers are also feeling the pain, but that doesn’t help your customers or users access the systems they need when an outage happens. Without a disaster recovery plan, your organization is at the mercy of the cloud service provider to correct the issue.
Ransomware Can Strike Anywhere
Ransomware is a vast and still-growing threat to organizations everywhere. Regardless of the size of an organization, ransomware can infiltrate computing environments through the actions of a single individual mistakenly clicking on a seemingly innocent email attachment from a phishing email or by a variety of other methods. Regardless of where your data and applications reside, an infected system can allow ransomware attackers to encrypt and steal your data, even in the cloud.
Cybersecurity best practices and solutions can help mitigate the risk of a ransomware attack, but nothing can offer complete protection. It is a matter of when, not if, your organization will be attacked. If your cloud environment is attacked by ransomware without a disaster recovery plan, your business could be disrupted for days or weeks and experience significant data loss resulting in significant revenue loss. The methods that hackers use to create a breach are becoming much more sophisticated. Constantly evolving to attack more platforms with new techniques, even the cloud is no safe haven from ransomware .
Disaster Recovery in the Cloud
Some public clouds have native capabilities to offer some levels of backup or disaster recovery, but they are often limited in scale. There are also some cloud backup and disaster recovery solutions on the market that resemble traditional on-premises solutions using agents to protect virtual machines and their data. It is important to consider how these solutions can increase management complexity and will impact your application performance, recovery time objective, recovery point objective, and how they scale to meet your growing computing needs.
Zerto, a Hewlett Packard Enterprise company, offers a platform designed for disaster recovery, backup and migration solutions, including continuous data protection for cloud-based workloads. Zerto is known for providing industry-best RTO and RPO at enterprise scale. The newest Zerto In-Cloud for AWS technology provides protection of Amazon EC2 instances across regions, zones and multiple accounts, bolstering data protection in another region or zone. The disaster recovery experts at Zerto can help you assess your cloud environments and decide what solution is best for you, including ransomware recovery options.
See how Zerto for Cloud can augment your cloud strategy. To learn more about edge-to-cloud disaster recovery at scale for AWS, check out HPE’s blog or read Zerto In-Cloud for AWS.
Need a recovery solution from ransomware? Check out the Cyber Attack Survival Kit.
David Paquette 
