Systems Admin at a wholesaler/distributor with 501-1,000 employees
Real User
2021-09-10T11:39:57Z
Sep 10, 2021
If you can get the funding for DRaaS then do it. You have to look at the cost of a single system or multiple systems being down for your enterprise.
Depending on your situation, SLAs, number of users, number of physical servers, number of virtual servers, etc., you need to decide can the critical systems be down for minutes/hours/days/weeks while being rebuilt or replaced.
If you are in the cloud and running virtual you probably have an SLA with the hosting company as to downtime and they handle the backend by making sure systems are operational. But if you are concerned about a physical server in the data center (even if you have a 4x24x7 service contract) can you wait those 4 hours for a tech. to come and replace any needed hardware and then possibly have to configure and bring back OS/data?
You have to weigh the cost-benefit of having DRaaS in your environment and what the cost would be for the system being down.
Search for a product comparison in Disaster Recovery as a Service
As a primary source for DR in respect to Enterprise, absolutely never.
Going to the Cloud, and more specifically DRaaS isn't modernizing, it's breeding IT ignorance and gives a false sense of security to operations and infrastructure that you are totally removed from. And on a long enough timeline, the Cloud can be more expensive than efficiently rolling your own DR.
For primary Enterprise Disaster Recovery, invest in personnel and processes to run DR on-prem.
DRaaS can be a second line of defense, but there are many blind spots in going to the Cloud that have been overlooked in lieu of relinquishing infrastructure control and knowledge for ease of use and the 'street cred' of being able to say the data is in the Cloud.
Security, data ownership, Cloud outages, cost of data egress in the event of a Disaster Recovery event, to name a few.
CIO and Information Security Leader at AxCel Technology
User
2021-09-12T00:44:00Z
Sep 12, 2021
The first question I would ask is: does your business have a business continuity (BC) plan? Unlike a DR plan, a BC plan is honed around more frequent things that can affect the business. It is a good foundation to have if you can get it going.
If you do have one, you have gone through a process with the business which establishes the most critical things the business needs to stay alive, all applications/systems/processes as well as what you need during an outage are established clearly and are prioritized and agreed upon by the business - it's not just an IT dept. decision. If you have one you can use this as leverage to get into DRaaS, especially if your budget is shrinking. Think of it as insurance for business-critical items.
This being said, is DRaaS essential these days? My answer would be: absolutely. Do you have the staff to man your business needs 24x7x365? Do the math on the cost-effectiveness, typically it is very cheap in comparison to adding new bodies and benefits. Then add to this you will always have "evergreen" technology behind your DR plan, no need for your staff to worry about updates or equipment to replace to keep things current. Typically DRaaS includes any report you want or need, along with alerting.
Any modern IT plan should contain some sort of DR as a service. Focus on the most critical systems that would hurt the business if offline, that's a great start. Sell the BC plan to get the budget if need be, don't just make it their decision.
Today's world is much different than it was even 5 years ago. IT burden has gone up, things are more complex in nature, and in most cases, the manpower to get things done has disappeared with tight budgets. Add to this that the threat landscape has not gotten better, it has exponentially grown worse.
I have personally watched people lose their jobs over setting the importance of DRaaS aside. So I would at least try to start it. What's the next best thing to not trying to include DRaaS into your IT plan. especially in a larger enterprise? Have your resume ready to go at all times.
There is a lot more to this to talk about as you get into the weeds. I hope it spurs ideas.
SQL Database Administrator at Aurora Mental Health Center
Real User
Sep 13, 2021
@Bret Mantey gives some excellent points but the biggest advantage when giving a presentation to management is the cost of being down. Your CFO should be able to give a cost per hour of lost revenue for downtime then the math is pretty simple to compare DRaaS to all the components that Bret talked about.
As a contractor, I laughed in the face of a CEO of a mortgage company who would not spend the $10,000 to upgrade his software to run on Windows 10 versus the support cost that his IT team spent maintaining the old software, on old computers, and interface with new applications to keep his people running.
If it costs you more to keep the old stuff than to upgrade it really doesn't matter how good your DR is, you are still losing money.
CIO and Information Security Leader at AxCel Technology
User
2021-09-17T15:38:38Z
Sep 17, 2021
DRaaS is like car and home insurance, sure some people do not have it, but most do.
Many states are starting to require insurance, as are insurance companies starting to require DRaaS as part of your recovery plan.
Would you drive your car around town without it and take the chance of losing everything? Most don't, yet the logic for some reason is reversed in IT.
Tim's example shows how a CFO can be dollar-wise and business foolish (IMO). They only look at $$, not necessarily what makes sense for the business itself when it comes to IT, remember most CFOs see IT as a big cost center to this day.
I have watched several Banking and Manufacturing businesses refuse DRaaS, only to be called a few short months later as they were hit by Ransomware -and then they implement it. Not only did they foolishly throw away money to pay the ransom, but they also paid to cover their customers with digital insurance policies. Who's business will they lose because of it? More loss.
DRaaS is very ROI-friendly. A simple calculation: calculate all those who would be affected by the outage (10, 20, 50, 1000 people/customers?) and multiply by an average wage/income per hour. Then add to that other costs associated, ie; equipment, paid out ransomware, software. Sure some people can do other things while the systems are down, but do they really? This may turn a head or two when they see the cost per hour.
Add to this it is always 24x7x365 and evergreen - set and forget it and just watch the reporting.
Also - Do check with your digital insurance provider, many are starting to require DRaaS. Some companies are finding it hard to get reimbursed after the incident - check your policy for clauses. It would be a shame to have something happen only to find your insurer will not pay out.
Disaster Recovery as a Service providers offer solutions that enable businesses to recover their IT infrastructure and data in the event of a disaster.
If you can get the funding for DRaaS then do it. You have to look at the cost of a single system or multiple systems being down for your enterprise.
Depending on your situation, SLAs, number of users, number of physical servers, number of virtual servers, etc., you need to decide can the critical systems be down for minutes/hours/days/weeks while being rebuilt or replaced.
If you are in the cloud and running virtual you probably have an SLA with the hosting company as to downtime and they handle the backend by making sure systems are operational. But if you are concerned about a physical server in the data center (even if you have a 4x24x7 service contract) can you wait those 4 hours for a tech. to come and replace any needed hardware and then possibly have to configure and bring back OS/data?
You have to weigh the cost-benefit of having DRaaS in your environment and what the cost would be for the system being down.
As a primary source for DR in respect to Enterprise, absolutely never.
Going to the Cloud, and more specifically DRaaS isn't modernizing, it's breeding IT ignorance and gives a false sense of security to operations and infrastructure that you are totally removed from. And on a long enough timeline, the Cloud can be more expensive than efficiently rolling your own DR.
For primary Enterprise Disaster Recovery, invest in personnel and processes to run DR on-prem.
DRaaS can be a second line of defense, but there are many blind spots in going to the Cloud that have been overlooked in lieu of relinquishing infrastructure control and knowledge for ease of use and the 'street cred' of being able to say the data is in the Cloud.
Security, data ownership, Cloud outages, cost of data egress in the event of a Disaster Recovery event, to name a few.
The first question I would ask is: does your business have a business continuity (BC) plan? Unlike a DR plan, a BC plan is honed around more frequent things that can affect the business. It is a good foundation to have if you can get it going.
If you do have one, you have gone through a process with the business which establishes the most critical things the business needs to stay alive, all applications/systems/processes as well as what you need during an outage are established clearly and are prioritized and agreed upon by the business - it's not just an IT dept. decision. If you have one you can use this as leverage to get into DRaaS, especially if your budget is shrinking. Think of it as insurance for business-critical items.
This being said, is DRaaS essential these days? My answer would be: absolutely. Do you have the staff to man your business needs 24x7x365? Do the math on the cost-effectiveness, typically it is very cheap in comparison to adding new bodies and benefits. Then add to this you will always have "evergreen" technology behind your DR plan, no need for your staff to worry about updates or equipment to replace to keep things current. Typically DRaaS includes any report you want or need, along with alerting.
Any modern IT plan should contain some sort of DR as a service. Focus on the most critical systems that would hurt the business if offline, that's a great start. Sell the BC plan to get the budget if need be, don't just make it their decision.
Today's world is much different than it was even 5 years ago. IT burden has gone up, things are more complex in nature, and in most cases, the manpower to get things done has disappeared with tight budgets. Add to this that the threat landscape has not gotten better, it has exponentially grown worse.
I have personally watched people lose their jobs over setting the importance of DRaaS aside. So I would at least try to start it. What's the next best thing to not trying to include DRaaS into your IT plan. especially in a larger enterprise? Have your resume ready to go at all times.
There is a lot more to this to talk about as you get into the weeds. I hope it spurs ideas.
@Bret Mantey gives some excellent points but the biggest advantage when giving a presentation to management is the cost of being down. Your CFO should be able to give a cost per hour of lost revenue for downtime then the math is pretty simple to compare DRaaS to all the components that Bret talked about.
As a contractor, I laughed in the face of a CEO of a mortgage company who would not spend the $10,000 to upgrade his software to run on Windows 10 versus the support cost that his IT team spent maintaining the old software, on old computers, and interface with new applications to keep his people running.
If it costs you more to keep the old stuff than to upgrade it really doesn't matter how good your DR is, you are still losing money.
DRaaS is like car and home insurance, sure some people do not have it, but most do.
Many states are starting to require insurance, as are insurance companies starting to require DRaaS as part of your recovery plan.
Would you drive your car around town without it and take the chance of losing everything? Most don't, yet the logic for some reason is reversed in IT.
Tim's example shows how a CFO can be dollar-wise and business foolish (IMO). They only look at $$, not necessarily what makes sense for the business itself when it comes to IT, remember most CFOs see IT as a big cost center to this day.
I have watched several Banking and Manufacturing businesses refuse DRaaS, only to be called a few short months later as they were hit by Ransomware -and then they implement it. Not only did they foolishly throw away money to pay the ransom, but they also paid to cover their customers with digital insurance policies. Who's business will they lose because of it? More loss.
DRaaS is very ROI-friendly. A simple calculation: calculate all those who would be affected by the outage (10, 20, 50, 1000 people/customers?) and multiply by an average wage/income per hour. Then add to that other costs associated, ie; equipment, paid out ransomware, software. Sure some people can do other things while the systems are down, but do they really? This may turn a head or two when they see the cost per hour.
Add to this it is always 24x7x365 and evergreen - set and forget it and just watch the reporting.
Also - Do check with your digital insurance provider, many are starting to require DRaaS. Some companies are finding it hard to get reimbursed after the incident - check your policy for clauses. It would be a shame to have something happen only to find your insurer will not pay out.
@Bret Mantey’s post is 100% on target !!! Backup without on-demand DRaaS is not an option in the world of business.
The ability to test on-demand will make all your stakeholders sleep well.
Jim Dziak