A 2017 study by Databarracks reported that business leaders are becoming less confident in their ability to recover from a disaster. Almost one in five (18%) said they “had concerns” or were “not confident at all” in their disaster recovery plan. That’s up from 15% in 2016 and 11% in 2015. One possible explanation for this drop in confidence is that more and more businesses are getting serious about digital transformation. While initiatives built around advancements in AI, the IoT and Big Data can change the way we compete in a crowded marketplace, relying on technology comes with inherent risks. It’s no wonder business leaders are increasingly nervous.
Experts recommend re-evaluating your disaster recovery plan at least once a year, including taking a fresh look at the vendors you rely on to help you meet your recovery objectives. Here are ten questions that can help you choose a new DRaaS provider or evaluate the strength of your current provider.
1. Does the DRaaS provider understand your compliance needs?
The need to comply with regulations like HIPAA and PCI DSS isn’t suspended when disaster strikes. If your business is heavily regulated or working with confidential customer information, you need to make sure your disaster recovery plan allows you to maintain that compliance even when things get a bit messy.
Tip: Don’t rely on what your provider says on their website. It’s easy to put together content with a compelling message. Demand proof such as case studies, customer references and 3rd party audits such as SSAE 18.
TierPoint is recognized for its “ability to execute” and “completeness of vision” in the 2018 Gartner Magic Quadrant for Disaster Recovery as a Service. Get the full report here!
2. Does the DRaaS provider have adequate security protocols in place?
Disasters can leave your data more vulnerable than ever. In fact, cyber thieves have been known to create one disaster, such as a DDoS attack, so they can sneak in and steal confidential information while your security team has its hands full. While you may never use your vendor’s failover resources, you should evaluate them just as you would a primary data center.
Tip: Remember to include physical security features such as 24/7 security personnel, biometric access screening and full-building digital camera systems in your assessment.
3. Where are the provider’s rollover data centers located?
It might feel good to work with a local company, but if all of your vendor’s failover sites are in the same geographical region, a widespread disaster such as a flood could leave you high and dry. (And not in a good way!)
4. Can the provider meet your recovery objectives?
The two primary targets for disaster recovery are RTO (Recovery Time Objective) and Recovery Point Objective (RPO). The targets you set for these can have a significant impact on which solutions you choose and your overall costs. Choose a provider that understands these targets and is willing to document the agreed upon RTOs and RPOs for various workloads.
- Recovery Time Objective (RTO) – The maximum length of time your organization can afford to be without access to systems or data.
- Recovery Point Objective (RPO) – The amount of data you can afford to lose, without substantial loss to the business, should a disruptive event occur. RPO is expressed as a measure of time, e.g., 30-minutes’ worth of data.
5. Does the DRaaS provider have hybrid cloud expertise?
The majority of businesses use more than one type of cloud to meet the needs of their various workloads. Your disaster recovery provider should be able to provide a comprehensive recovery plan that covers all of your data and applications no matter where they reside.
You may also like:
6. Is the DRaaS provider technology agnostic?
Some vendors have a niche, while other vendors offer solutions that cover a wide range of technologies. It’s a business model choice that every DRaaS provider must make. However, as a customer, you want to be sure your DRaaS provider has experience with the platforms and applications you use
Tip: The certifications your vendor holds can tell you a great deal about which platforms they are qualified to support.
7. Does the DRaaS provider conduct periodic testing of your disaster recovery plan?
A disaster is no time for (extra) surprises. Ask your provider how often they test the disaster recovery plan to ensure everything will work as it should during an actual event. More advanced DRaaS providers offer solutions that allow them to test their systems with minimal to no disruption to your business operations.
8. Does your disaster recovery plan cover multiple contingencies?
Thanks to the particularly active hurricane seasons we’ve had recently, many of us think of natural disasters when we think of disaster recovery. But disasters come in all shapes and sizes, from human errors to cyber-attacks. Your provider should be willing to work with you to assess your greatest risks and create a disaster recovery plan that addresses each contingency.
9. Does the DRaaS provider offer workgroup recovery services?
If your facilities are affected, a big part of getting back on your feet is finding a temporary location for your team to work. This includes necessary infrastructure such as desks, PCs, VOIP and connectivity as well as the amenities like a break room and kitchen that can help instill a sense of normalcy.
10. How financially stable is the DRaaS provider?
While bigger isn’t always better, you want to be sure your DRaaS provider has the financial stability to weather a disaster themselves. You’ve got enough things to worry about, without having to worry whether your provider will close their doors in the middle of your recovery.
Choosing the right DRaaS provider can be a tall order, but asking these 10 questions to a new or current provider should help you find the right DRaaS solution for your business. Need help? We have customized recovery solutions that can help you deploy the right solution for your business.
TierPoint has been recognized as a Challenger in Gartner’s Magic Quadrant for Disaster Recovery Solutions (July 2018). We feel this recognition validates our choice to focus on building the breadth and depth of services needed to address a wide range of customer needs. Gartner has given us permission to make the full report available. You can download it here.