Tuesday, September 22, 2009

5 Keys for Full Recovery in the Cloud

The cloud is a natural solution for disaster recovery, but careful consideration must be given before entrusting you data to a sky-high backup repository. Can you recover workloads from the cloud? How well does it scale? What's the nature of its billing system? Is its infrastructure secure? And will it offer complete protection?

While cloud computing is a familiar term, its definitions can vary greatly. So when it comes to online backup, the cloud is an important feature that can play a large role in securing and protecting during a disaster, which I like to refer to as "cloud recovery."
In order to be worthy of this cloud recovery title, a solution should have the following five features, which I have outlined below.

1. Recover Workloads in the Cloud
There is an old saying in the data protection business that the whole point of backing up is preparing to restore. Having a backup copy of your data is important, but it takes more than a pile of tapes (or an online account) to restore. You might need a replacement server, new storage, and maybe even a new data center, depending on what went wrong.
The traditional solutions to this need are to either keep spare servers in a disaster recovery data center or suffer the downtime while you order and configure new equipment. With a cloud recovery solution, you don't want just your data in the cloud -- you want the ability to actually start up applications and use them, no matter what went wrong in your environment.

2. Unlimited Scalability
If you were buying disaster recovery servers for yourself, you would have to buy one for each of your critical production servers. The whole point of recovering to the cloud is that they already have plenty of servers.
The ideal cloud recovery solution won't charge you for those servers up front but is sure to have as much capacity as you need, when you need it. Under this model, your costs are much lower than building it yourself, because you get the benefit of duplicating your environment without the cost.

3. Pay-Per-Use Billing
I love pay-as-you-go business models because they force the vendor to have a good product. Plus, this make the buying decision much easier -- just sign up for a month or two (or six), and see how it goes.
Removing the up-front price and long-term commitment shifts the risk away from the customer and onto the vendor. The vendor just has to keep the quality up to keep customers loyal.
We also know that data centers are more cost-efficient at larger scale, especially the management effort, and they require constant improvement. In your own data center, you might have some custom configurations, but in the data recovery data center, you just need racks, stacks of servers, power and cooling. You are much better off paying a monthly fee to someone who specializes.

4. Secure and Reliable Infrastructure
Lots of people like to bash cloud providers for security and reliability, but I think they hold the providers to the wrong standard. Although it is fine, in the abstract, to point out all the places where cloud providers don't achieve perfection in security and reliability, as a customer evaluating a cloud vendor, it seems better to compare them to your own capabilities.
I believe that most of the major cloud providers' infrastructures are more secure and more reliable than those of most private data centers. The point is that security and reliability are hard, but they are easier at scale. Having control over your own data center isn't enough -- you also have to spend the money to buy the necessary equipment, software , and expertise. For most companies, infrastructure is a necessary evil. Companies like Amazon (Nasdaq: AMZN) and Rackspace do infrastructure for a living, they and do it at huge scale. Sure, Amazon's outages get reported in news, but do you think you can outperform them over the next couple of years?

5. Complete Protection
Remember the "preparing to restore" line? For me, it really comes home in this idea of complete protection. If your backup product asks you what you want to protect, I am already suspicious. My vote is, "get it all." I see lots of online products offering 20GB plans, and to me, they look like an accident waiting to happen. I don't want to know which files I need to protect -- I want to click "start" and know that any time I want, I can click "recover", and there won't be any "please insert your original disk" issues.
The places people normally get bitten by this are with databases (do you have the right agent?), configuration changes (patched your server, or added a new directory of files?), and weird applications (the one that a consultant set up, and you don't really understand how it works). Complete protection means that all of these things can be protected without requiring an expert in either your own systems, or with the cloud recovery solution.