How else to explain the findings in multiple recent surveys that upwards of 70 percent of all IT infrastructure will be outsourced by 2018? According to the RightScale State of the Cloud Report for 2015, 93 percent of organizations surveyed are already running applications in the cloud or subscribing to Infrastructure as a Service (IaaS). An enterprise software analyst with the investment banking firm Piper Jaffray predicts workloads in the public cloud will grow 44 percent annually over the next five years, versus only 8.9 percent annual workload growth in on-premises data centers. The cloud-based, on-demand, pay-as-you-go IT model is a future that has already arrived.
But infrastructure ownership and the on-premises data center aren’t disappearing. They are just becoming alternative — and still important — components in the modern hybrid data center: a mix of systems, servers and other resources that are owned, leased or subscription-based; dedicated or shared; physical or virtual; on-premises or outsourced, accessed through public and private networks.
Though still in the early stages of maturity, the hybrid concept is quickly taking hold. For its 2015 cloud report, RightScale found that 82 percent of enterprises now have a hybrid cloud strategy, up from 74 percent in 2014. Technology Business Research, meanwhile, forecast use of hybrid cloud to grow 50 percent this year.
It’s easy to understand why. Unlike previous IT approaches, the hybrid model affords enterprises all of the options they could want in tailoring a data center to their exact requirements for performance, scalability, security, resiliency and economy. As the CIO of one New York-based non-profit told TechTarget.com, “I see multiple flavors of hybrid solutions where a company may host email and other commodity services in the cloud, keep more critical services like telecom on an internal cloud or data center, and keep their primary data center, but put a redundant data center in the cloud.”
In fact, backing up both enterprise data and entire IT infrastructures for full-scale Disaster Recovery as a Service (DRaaS) is rapidly gaining traction as a primary use case for hybrid cloud. The research firm Technavio, for example, forecasts the U.S. DRaaS market to grow more than 50 percent per year from 2015 to 2019.
A Hybrid Data Center Calls for Hybrid Recovery
The reasons for the growing acceptance of DRaaS track those for the growth of the hybrid data center: it offers significant operational and economic advantages over traditional approaches to the same requirement: in this case, disaster recovery. IT executives believe that cloud-enabled hybrid DRaaS offers the best opportunity for aligning actual recovery performance (in terms of recovery time and recovery point objectives) to business expectations. It can speed recovery, simplify DR testing, increase flexibility and limit staffing needs. And by reducing ownership of infrastructure, it replaces the capital expense of additional data center space and equipment with the predictable and manageable monthly operating expense of a service provider’s contract. If compliance requirements, security or other concerns obligate an organization to own its own servers, colocation can at least shift to the provider the responsibility for operating and maintaining the underlying physical, mechanical and electrical infrastructure.
So, a comprehensive hybrid data center and disaster recovery solution therefore combines:
- Subscription, for pay as you go access, to a service provider’s shared recovery assets
- Colocation, in leased space in a provider’s facility, of customer-owned equipment as their dedicated private cloud server or physical recovery assets
- Cloud Recovery as a Service components (such as network, replication, deduplication, storage and restoration systems) that are virtual and physical platform agnostic, supporting any operating system, storage and hypervisor.
In operation, a DRaaS provider receives a customer’s data across a network and backs it up on mirrored systems at multiple redundant and secure locations so that in case of a disaster or disruption, it can restore complete server images and data to fully functioning physical or virtual systems. Access to restored servers, applications and data can begin in minutes after a total server loss. Should a disaster take out a company’s workplace as well as its production data center, a fully managed DRaaS solution offers the additional benefit of enabling employees to access their restored data and applications from nearly anywhere.
Choosing a Qualified Provider
Does the relative newness of the model make it difficult to evaluate potential providers for hybrid DRaaS? Actually, no.
Hybrid DRaaS as an integrated service offering may be new, but it comprises individual data center and DR concepts and components with which the most qualified providers have long and successful track records. The early leaders in DRaaS include companies well experienced as outsourced providers of disaster recovery, network services and data center hosting and colocation. The criteria for choosing among providers of those services apply to providers of hybrid data center and DRaaS services as well. Here are a few:
- Resiliency and Reliability — by Design
A provider’s data center or disaster recovery facility should itself be designed to withstand disaster. Resiliency requires concurrent maintainability throughout the mechanical and electrical infrastructure, not just old-fashioned redundancy. This is especially important if you will be colocating your own physical systems there, too. 2N design in power transformers, UPS systems, chiller plant, environmental controls, cabling to your equipment and emergency diesel generators can all help to keep a facility operating, no matter what. This level of redundancy makes the facility concurrently maintainable, assuring that your service will not be interrupted during scheduled maintenance or repairs.
- Carrier Neutral Network
Cloud-enabled hybrid DRaaS depends on your ability to transmit data via your existing carrier or carriers all the way to the provider’s facility. “All the way” means the provider manages the “last mile” to their site and offers diversely routed, direct network links into multiple points of presence, reducing the impact of any single point of network failure.
- Platform-Agnostic Recovery
The more heterogeneous your data center environment, the more important it is that your provider offer a wide range of platform-agnostic recovery solutions. They should support all operating systems, physical and virtual servers, storage systems and end-user devices — especially if your organization has implemented a bring your own device (BYOD) initiative.
- Layers of Security
How does the provider secure the facility against intrusion or damage? For starters, the facility should be as anonymous and private as possible, with no signage, shared tenants or public access. The perimeter should be fenced with anti-ram vehicle access control. Exterior doors and interior lobbies should be designed with robust security attributes and locked at all times. Access should be controlled by programmable CCTV and electronic or biometric authentication. Building-wide fire sprinkler systems and lightning protection are also essential to the security of your equipment, employees and data.
Ask about the provider’s approaches to data protection and chain of custody. How many copies of your data does it store, and how are they secured?
- Independent Third-party Certifications
Don’t just take the provider’s word that they have adequate security and protections in place. Their facilities, processes, staff and internal controls should be regularly reviewed and certified for safety and reliability by third party auditors. Ask to see their most recent audit.
A few of the top certifications to look for include:
- Uptime Institute Tier III or Tier IV certification to prove concurrent maintainability of electrical and mechanical infrastructure. There are many such certified facilities across the country. Never accept a provider’s “self-certification” If it has not been independently validated for compliance with the Tier rating requirement by the Uptime Institute, walk away.
- Payment Card Industry Council Data Security Standard (PCI PSS) that validates security standards for the major debit, credit, prepaid, ATM and POS cards.
- SOC 2, the objective certification standard for IT service providers’ controls for security, availability, processing integrity, confidentiality and privacy.
- FISMA — the Federal Information Security Management Act of 2002 — that ensures providers meet the high security standards for handling government data.
In business today, anything can change without notice. That includes your IT infrastructure and disaster recovery requirements. So look for a provider who makes it easy and economical for you to add or remove services so that your contract always matches your evolving requirements. They should also be flexible in test scheduling and providing you the time it takes to run your tests effectively.
An All in One Solution
For the most customer-focused, economical and effective solution, choose a provider from whom you can get all of the foregoing attributes in one fully integrated service offering, delivered across one network, in one flexible and customer-friendly contract. With a single service provider, you minimize risk, shorten recovery windows and eliminate the need to manage multiple vendors during an actual disaster or disruption. Costs should be lower, since a single qualified vendor can provide multiple services more efficiently and economically than multiple providers. Service should better, as well, because a single vendor knows it has to be more responsive to assure your satisfaction.
An Informed Choice Leads to Better Results
As data centers become increasing hybrid, so too should hybrid DRaaS become a universally accepted component of the complete business continuity toolkit. Established and leading providers of integrated data center, disaster recovery, networking and cloud services are rapidly gaining solid experience with the hybrid model, providing enterprises with a choice of highly reliable partners for this critical service. Knowing what to look for in a vendor, evaluating qualifications and choosing the right partner can help your hybrid data center to achieve the performance, scale, security and economy you are after.