aleksandar nakovski - stock.adob
As IT continually evolves and improves, the strategic importance of disaster recovery has grown considerably. Advancements in technology have greatly automated the processes that keep systems and networks running smoothly. Those same technologies aid in the recovery process for servers, networks, VMs, applications, databases, edge computing and the cloud.
Technology disaster recovery (DR) was the first term used to describe initiatives to protect the integrity and operational stability of mainframe computing systems and associated devices. It dates back to the early 1970s, when medium to large organizations used IBM mainframes to power their organizations.
Concerns about protecting the overall business and how it operates did not appear until the early 1980s with the emergence of business continuity. Over time, DR focused more on an organization's technology infrastructure, how to protect it, how to prevent disruptions and how to recover the infrastructure following an incident.
10 DR trends to watch
A 2023 report from the Business Continuity Institute, "Evolution of the Resilience Profession over the Next Five Years," provides a five-year look into DR and its related disciplines, business continuity and resilience.
While the report covers several disaster recovery trends for 2023 and the coming years, there are some that might affect DR teams more than others. Here are 10 major disaster recovery trends IT pros should keep an eye on.
1. Increased testing. Testing and exercising DR plans and procedures ensures that IT infrastructure components can be quickly and safely recovered and returned to service. Testing can validate the retrieval and recovery of backed-up data, as well as other information resources. As the amount and complexity of data and systems increase, more frequent testing is required to ensure that everything works and that recovery and resumption of systems are assured. IT organizations must move testing higher in the priority list this year and in the coming years.
2. Recovery speeds. With greater quantities of data and increasingly complex systems, the need for rapid recovery has also increased. Based on previously-approved recovery time objectives (RTOs), IT managers can assess their current infrastructures and recovery capabilities. If testing shows that the speed of recovery is too slow, managers must analyze and consider other options such as new backup strategies and greater network bandwidth to increase speed and reduce latency.
As with anything involving faster recovery, costs to achieve the new RTOs may be significant. Organizations may need to balance cloud-based backup storage with on-site data backup to achieve RTOs. The same is true with backed-up systems, VMs, databases and other mission-critical resources.
3. Multi-cloud. It may be not enough to use a single cloud service. A growing disaster recovery trend among users is using more than one cloud service, and often deploying cloud services from multiple vendors. Depending on the application for each cloud service and each vendor's policies, users will need to carefully evaluate the costs and benefits of multiple cloud services. For example, it may be possible to back up data to more than one cloud vendor's data center, and complement this with data backup from another cloud vendor.
IT managers must base the decision for each strategy on business requirements, such as which systems and data they must back up, how quickly they need to retrieve and recover that data in an emergency, as well as the costs. An ultimate cloud environment may provide the desired security and peace of mind, but the cost might be prohibitive.
4. Instant database recovery. As noted earlier, recovery speed is a function of the systems backing up data and applications and the network bandwidth used for moving resources from one environment (backup location) to another (production system). Instant database recovery is a growing trend in this area of disaster recovery. Achieving the fastest database recovery can be done using a third-party service or a hybrid of on-site storage, such as NAS or RAID storage array, coupled with a cloud-based backup tool.
5. Ransomware recovery. A growing number of applications and tools are available to address the major challenge of ransomware. Since many ways exist to enter an organization's technology infrastructure, a combination of tools, policies and procedures is necessary to stay ahead of attackers. A secure network perimeter, intrusion detection and prevention systems and strong firewalls may be a good start, but hackers are increasingly sophisticated and can often find holes to penetrate even the most secure perimeters.
In the endless cat-and-mouse game that pits hackers against cybersecurity professionals, the challenge is to regularly update cybersecurity resources to ensure they remain operational. This is yet another reason to keep current with system patching, especially in systems that address security. All these actions must be supplemented with policies and procedures, plus senior management support in case an attack does occur.
6. Endpoint management and security. While traditional IT initiatives focused on the computing engines, today's corporate environment moves more computing power to the endpoint, or edge, of IT infrastructures. While options are available to manage and secure the endpoints, more will be needed in the coming years as many employees continue to work remotely and link into the IT infrastructure.
7. Artificial intelligence as a DR tool. Perhaps the most important technology trend that will significantly affect disaster recovery is AI. AI can analyze huge amounts of data, such as company IT trouble reports, DR test results and system outage data from anywhere in the world. It can also provide strategies for increasing system reliability and recoverability. AI is increasingly prevalent in security systems and other IT management platforms. Its increased use means that users can be better prepared for disruptive events.
8. Data protection as part of data management. One of the most important international IT standards is GDPR, which applies to any organization that does business with a European Union nation or EU-based business. Its rules and regulations affect many global organizations and underscore the importance of data protection. Organizations must address data protection, storage, backup, security and even data destruction in a DR plan. The GDPR is among the most well-known of such regulations, as it applies to so many organizations, and its penalties for noncompliance can be costly.
9. Greater compliance with standards. Many standards, regulations and frameworks exist that address DR, and knowledge of and compliance with these will be increasingly important in the coming years. In addition to GDPR, which has stiff penalties for noncompliance, IT professionals should keep up to date on the many other domestic and international standards that affect their operations. These may include standards and regulations from organizations such as the National Institute of Standards and Technology and ISO. Compliance with one or more standards is increasingly important, especially from an audit perspective.
10. Breaking down silos. DR activities have often been pigeonholed within IT and other departments, but with pivotal events like the COVID-19 pandemic and major cyber attacks, it is going to be increasingly important for DR teams to collaborate, cooperate and share information with other IT teams. Breaking down the traditional internal silos will help improve DR by getting the right teams on the same page with regard to strategies, policies and procedures.
"Evolution of the Resilience Profession over the Next Five Years," can be viewed here.