Disaster recovery and its key parameters

Imagine that the data center that hosts your business applications has had a serious accident and the server equipment is out of order. The IT infrastructure is unavailable. Of course, you had been following the 3-2-1 rule, so your backups are stored in a different data center. But deploying IT services will take too long. A disaster recovery could save you from a long downtime.

How Disaster Recovery works and how you can configure it.

Disaster Recovery (DR) is a set of tools that allows you to quickly restore the operation of IT systems of the company in case of disaster at the site where your IT resources are located.

In fact, DR involves creating a disaster recovery site at which the company's IT infrastructure will be deployed after a critical failure - in whole or in part. The sooner the services on the disaster recovery site start working, the fewer losses - both financial and reputational - the business will incur.

Depending on the availability of expertise, and IT budget in the company, the business can implement Disaster Recovery in a variety of ways. However, regardless of the method chosen, the disaster recovery site must meet a number of conditions.

Geographic distance. Then the emergency that caused the accident at the main site will not affect the reserve one. Quality network connectivity to the main site. The better the communication channel, the faster the data will "reach" the disaster recovery site.

On-platform. A company that is willing to make serious capital expenditures can build a disaster recovery site on its own. Of course, in this case it will need to acquire specialized expertise - for example, to hire specialists with the required competencies or use the services of integrators.

On leased physical infrastructure. The disaster recovery site can be arranged on physical servers rented from the IT service provider. Some of the duplication work can be delegated to data center specialists.

Cloud backup recovery. One of the most common ways is to set up a disaster recovery site based on a virtual infrastructure of the hosting provider. Resources can be scaled to your liking, and it only takes a few days to deploy the site. In addition, many providers offer the Pay-as-You-Go model.

Disaster Recovery as a Service (DRaaS). A ready-made disaster recovery service from the provider. In addition to benefits like SLA with financial responsibility and pay-as-you-go, this option can include various bonuses like expert advice, compliance with 152-FZ and others.

The main metrics for Disaster Recovery are:

RPO. Determines the maximum amount of data a business can afford to lose in the event of a disaster. It is the RPO value that determines how often replicas are created. For example: with an RPO of 1 minute, an IT replica will be created every minute.

RTO. Determines the maximum amount of downtime a company can afford. The smaller this parameter is, the faster the services will work after a failure. For example, if the RTO is 20 minutes, then the IT infrastructure will work from the disaster recovery site no later than 20 minutes after the failure.

Configuring disaster recovery is a rather time-consuming and expensive process. As a rule, it is impossible to do without it for companies whose profit and reputation directly depend on the efficiency of systems. Let us look at some examples.

A large banking organization. The bank's app is no longer working: clients are unable to access their personal accounts through either the website or the mobile app. Transactions are also unavailable - either shopping or transfer payments are available. Additional services are also unavailable: legal entities cannot issue and pay invoices or work with electronic document exchange. For this to continue for 30 minutes is a serious reputational damage to the organization. As a rule, a bank cannot do without DR.

A social network. An accident happened in the data center, which houses the IT infrastructure of a famous social network. The website and the app are not working. The tech support phones and emails are overflowing with messages from advertisers. Financial losses due to a 20-minute downtime run into the hundreds of thousands.

A small clothing store. The online store is hosted on a virtual machine rented from an IaaS provider. The virtual infrastructure goes unavailable for 30 minutes. However, during this time the small online store lost two orders totaling about 10 thousand rubles.

In the first two cases, the cost of disaster recovery is absolutely justified. But the online store to spend the IT budget for DR is not worth it - the cost of its DR setup will be disproportionate to the amount of financial loss, meaning that a backup will be sufficient.

It is important to understand that backup and disaster recovery accomplish different tasks and cannot replace each other.