Challenges of Traditional Disaster Recovery Approaches and How Cloud DR Can Help

I’m Shad McNair, a software-defined data center practice director from Summit Technology Group. We are banking technologists who want to help other IT teams overcome their business challenges. Over the next few minutes I want to share some thoughts on the challenges of traditional DR approaches, the business imperative to address these challenges, and how we're helping banks and credit unions modernize DR with the cloud.

IT teams today are facing multiple challenges when it comes to disaster recovery and ransomware recovery. The traditional approach of owning, operating, and maintaining a secondary data center is expensive. Not just with capital purchases, but with the time and resources spent by IT for the care and feeding of the environment. Plus, it's likely that your secondary data center is in the same region as production so you're not protected against a regional event.

What type of outage should we protect against? Legacy solutions protect against physical events - hardware failures, data corruption, site outages, or "smoking holes". These are important, but a ransomware event is far more likely to cause an outage today. And unfortunately, disaster recovery is not the same as ransomware recovery. With disaster recovery, we want to fail over to the latest copy in the secondary site as fast as possible. During a ransomware event, that copy is likely infected. We need to find a copy of the workload that is free of the malware that caused the event.  How far back do your copies go? Can you quickly find a good candidate to restore? How fast can you restore it? How do you keep the restored machine isloated from your network? How do you have confidence that the vm is not infected? How fast can you iterate through this process for all infected machines?  Ransomware recovery is a complex process that requires a series of features and activities that traditional solutions don't offer.

Traditional Disaster Recovery

Operationally, we know testing DR is challenging. When was your last full DR test performed? I'd guess a lot of folks would say "never", if you're being honest. Can you show auditors, regulators, or insurance companies, that you have successfully executed a DR test? Have you ever performed a ransomware recovery test? Again, the answer is probably "no" for most customers.

Now in the face of these IT challenges come mounting business pressures. The potential business impact of ransomware is significant. Think about the reputational harm that a single weeks-long outage will cause - how many customers will you lose?, how many potential new customers will go to competitors? It is such a significant threat that it has reached the CEO and board level. Regulatory and compliance requirements continue to increase. Cyber insurance companies are increasing premiums and imposing harder restrictions on paying out claims.  "checking the box" is simply not enough anymore. IT teams need to show proof that they can restore operations after an outage.

So, what can you do? At Summit, we have used cloud solutions to successfully help several customers address these concerns. First, disaster recovery is one area where cloud can really be cheaper than on-prem. Most DR and backup solutions can store data directly in low-cost cloud storage. Compute resources are only used when needed. Take advantage of these cloud economics and pay only for what you use rather than a full, duplicate IT stack. An added benefit is that the data and compute can be in a completely different geography from production to provide you with regional protection. Second, now that you are out of the secondary data center business, your team has some time back to focus on more impactful activities - such as executing regular DR tests. The last thing you want to do in a disaster is think. The best way to not think is to practice and build muscle memory. Look for solutions that also provide an audit trail as proof that the solution has been tested and works. Last, some cloud solutions offer orchestrated ransomware recovery that address the complexities we just discussed. This is ideal for community banks and credit unions with limited resources.

Cloud Disaster Recovery

We know many IT teams are facing challenges and planning initiatives in this area so if you’d like to learn more, you may find our webinar helpful. It’s titled, ”4 Key Banking IT Trends - Leveraging the Cloud.”  

If you have any questions, please reach out to us on LinkedIn or at www.thesummitgrp.com and if you found this helpful, feel free to comment on and share this.  Thanks for your time and I hope this helped.