Where is your DR site?
The night Hurricane Sandy hit the New York metropolitan area in 2012, some Manhattan companies that backed up to New Jersey data centers found themselves in a major jam: The storm had knocked out power across the entire region, crippling backup sites as well as main sites.
Conclusion: You want to replicate your data to a site far enough away to reduce your risk of being shut down by a major regional storm or power outage. The trouble is, the farther away you replicate your data, the more issues you can have with network latency — so you’ll have to balance distance with your need for a fast network response time.
Make sure your DRaaS vendor can tell you exactly where your data will be replicated and how much latency that distance will cause.
How stringent are their policies?
DRaaS providers should be able to clearly illustrate how their solution will help you address your businesses regulatory demands. Look for evidence that the provider is working with businesses like yours that are referenceable.
Make a checklist of your compliance needs and ensure your provider can offer satisfactory reassurance that they will not expose you to compliance risk in a disaster and can address any insurance requirements. Most DRaaS companies realize the importance of compliance to organizations but don’t take this for granted.
Who is managing the data?
One of the prime appeals of DRaaS is working with a vendor who supplies disaster recovery expertise your company lacks.
You can’t assume your DRaaS provider has all the skills your company needs. You’ll be asking this service provider to virtualize your data center environment and create processes to replicate it all with as minimum disruption to your business as possible. That takes serious IT acumen.
Again, you need to make a checklist of all the relevant disaster recovery competencies your computing environment requires, and ensure your DRaaS provider has people on staff with appropriate certifications and proven track records.
Is it guaranteed to work?
Many clients invest heavily in a fully redundant, “always on” secondary environment (active/active) that is very expensive to operate, yet has never been tested or proven to work. The only successful DR environment is one that has been completely documented, tested, and then proven that end users can get to critical applications in full DR mode. Anything short of that is a wing and a prayer that what you have put in place will work.
Your DRaaS provider should be able to conduct routine tests of your DR plan, without affecting the daily operations of your organization. Once the test has been completed, ask your provider for a letter of test performance clearly defining your DR program and showing their successful test results, so you’ll know critical applications will be available at all times when you need them most.
Getting all your DRaaS questions answered
Of course, there are many more questions to ask a DRaaS provider, like fees, SLA structure, and testing schedules.
It’s important to take the time to research the full range of concerns that a potential DRaaS provider must address to meet your specific needs and requirements. Treat your search like you were interviewing a candidate for a critical role on your team. Build a thorough list of questions to help you determine which vendor would be the best fit for your business.
Every company needs a reliable, robust Business Continuity and Disaster Recovery (BCDR) program. Neglecting the DR side of the equation can undermine the BC half, leading to a higher chance of failure and putting the whole enterprise at risk.