The hype surrounding cloud computing was shattered when news broke last year of a complete, unrecoverable loss of Sidekick users’ data hosted on the Microsoft Cloud. The questions swirled. Just how safe is the cloud? Can your data and mission-critical applications be trusted to the cloud? And can you trust the cloud to provide secure disaster recovery?
The answers? It all depends on what you mean by “the cloud” and “disaster recovery.”
What is the cloud? The central idea behind the cloud is the delivery of computational function as a service. One of the promises of the cloud is that it provides pay-as-you-go scalable IT solutions with no upfront capital investment. Another is that it shields the user from having to design, manage and maintain the infrastructure delivering the solution. The technical challenges of powering, cooling, securing and connecting today’s powerful servers and vast amount of data storage are daunting and require massive capital investment. It’s little wonder that businesses are driven to achieve economies of scale by outsourcing expensive IT infrastructure. Starting with colocation and continuing through managed services, the cloud is just an extension of this trend.
Infoworld lists 11 different cloud computing categories ranging from application-as-a-service such as e-mail to infrastructure-as-a-service that let you configure virtual servers from your desktop to run your applications. Obviously, there are enormous differences in how these various services impact an organization’s operations and contribute to its business objectives. With overzealous marketers and breathless journalists, sometimes distinctions get blurred and innovative tools for accomplishing specific objectives can be portrayed as universal panaceas. Concerned about disaster recovery and security? The common retort is: Forget about it. All you have to do is get some of that cloud and all your issues will be resolved.
That promise, though enticing, is pie in the sky. Attaching your business to the cloud does not relieve you of the responsibility of understanding what measures are appropriate for protecting your data and ensuring business continuity.
What is disaster recovery? That starts with an examination of risk tolerance. For instance, the business risk of a busy e-commerce site going down is far greater than an interruption of a CRM application, but actually losing CRM data can be disastrous. It follows that some applications will require true geographic redundancy with a hot site, a mirror warm site and a cold site dispersed in different data centers in three different regions coupled with load balancing and failover switching. Some will be less sensitive. As a general rule, the more critical applications require greater control over infrastructure components such as the physical location of the data center, which network providers and carriers are available, how redundant the power supply is, HVAC capacity and redundancy, environmental risks and fire suppression capabilities, load balancing and failover switching and a whole host of other factors that traditional colocation providers allow.