Strategic CIO // IT Strategy
News
6/18/2014
11:00 AM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Cloud Disaster Recovery: CIOs Must Lead

IT teams wary of public cloud often discount its value in disaster recovery. That does a disservice to the business.

The song and dance from IT staffers about how public cloud is unsuitable for "real" enterprise workloads is getting old. We're in a period of rapid change, and CIOs must evaluate new technologies, even those their teams are uncomfortable with. Scratch that -- especially those their teams are uncomfortable with.

A prime example is business continuity and disaster recovery. For years we had two choices: Buy redundant gear and data center capacity and do it ourselves, or hire an expensive specialty DR provider. Cloud changes all that. In fact, it's completely reset the game. The savings and agility gains from public cloud disaster recovery are quite real, and we can't pass them up based on fear and resistance to change. CIOs who don't push their teams to consider all options aren't doing their jobs.

We'll discuss business continuity, which seeks continuous operation of the business no matter what's happening in the outside world, and disaster recovery, which seeks to restore service after an acute event, in the unified context of business availability. It's a top priority by any measure, yet there's an incredible amount of dysfunction. Too often, infrastructure teams get put in sole charge of provisioning and testing disaster recovery. But unless the application team is involved, you don't know if your test worked. "The login screen came up, but we didn't bother to log in," sounds suspiciously like, "The operation was a success, but the patient may have died."

Because disaster recovery testing is a time-intensive, expensive, and scary process, unless the CIO gets personally involved and insists that all hands get on deck, systems don't get tested, or the exercise involves not much more than three guys and a pizza. That means we're rolling the dice, every day. Our latest InformationWeek Backup Technologies Survey of more than 430 business technology professionals, all involved with their organizations' backup systems, shows just 23% are extremely confident they could get the business up and running again in a reasonable time frame after a major disaster that takes out the main data center. Asked how frequently they conduct test restores of data or applications, the No. 1 answer is "once in a while." Fourteen percent admit they've never tested their restore process for some applications (10%) or at all (4%).

Slipshod testing isn't the only problem. We need only look at Hurricane Sandy to know that regional disasters often render regional private data centers useless, and that regional service provider resources aren't always available when your organization needs them. The result is that fewer systems are protected than should be, and many CIOs are just a 100-year flood away from unemployment. So you'd think IT execs would be excited about,

Jonathan Feldman is Chief Information Officer for the City of Asheville, North Carolina, where his business background and work as an InformationWeek columnist have helped him to innovate in government through better practices in business technology, process, and human ... View Full Bio

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
sarasota786
50%
50%
sarasota786,
User Rank: Apprentice
7/9/2014 | 5:11:42 AM
cloudwedge
IT teams wary of public cloud often discount its value in disaster recovery. That does a disservice to the business. Inferior framework reliability may lead to issues during peak periods, restricted and complete recovery in the fastest time possible after a disaster. thats why thanks to cloudwedge it support to us. thanks
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
6/19/2014 | 10:26:24 AM
Re: Regional solutions for global customers
Great point, many folks forget that many business continuity issues are best handled by a provider who has multiple locations to mitigate against these regional factors.  If you operate on a global basis but only operate in a certain region, you could put the global customer base at risk should something happen.  Cloud providers with multiple locations make it easier to ensure that should something happens, they can transfer your services to a location not facing the same outages to keep you up and running.
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
6/19/2014 | 9:15:30 AM
Regional solutions for global customers
I think the problem stems from the approach most IT groups still follow.  A regional solution that is hardened and should withstand all but the worst natural disaster as a way to improve uptimes.  Then those companies do business outside of their geographic region and a regional solution isn't enough because their customers don't go offline with them.  That is of course the most basic level but everything builds from there.  Until that mentality changes any Cloud based solution is going to suffer from the same problem.
D.M. Romano
50%
50%
D.M. Romano,
User Rank: Moderator
6/19/2014 | 7:51:26 AM
Eggs into one basket...
DR is simply an extention of security measures. No one thinks it'll happen to them, until it does, and it's too late. While it may not be a malicious act that comes at you like a wrecking ball, something as simple as someone gaining access to your AWS console can shut down your business operations for good. Granted that was malicious, it teaches you a valuable leason about having all your eggs into one basket. Relying on the cloud (or one service in the cloud) might not be the best strategy these days. Rather a diversified cloud might be a safer reality for those business critical applications.

As the great military general Sun Tzu once said,

"Know your enemy and know yourself and you can fight a hundred battles without disaster."

Laurianne
100%
0%
Laurianne,
User Rank: Author
6/18/2014 | 11:20:44 AM
Common sense
A dose of common sense from Jonathan and Bruce Schneier. I can see that quote being highlighted by many people for later use.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.