What all DRaaS offerings have in common is that the provider has special disaster recovery tools available. These are aimed at mirroring entire IT environments including all the components. The scope ranges from data and applications to networks and complete systems. Servers and end devices are backed up across operating system boundaries; this includes files, databases, virtual machines, and containers. Once mirrored, the components are made available in the event of damage to replace the systems that are down.
Multiple backup destinations are usually used to back up the data. Following the 3-2-1 rule, at least one of the backups is geographically remote. Depending on the design of the DRaaS model used, the remote backup target is a local data center or a cloud-based storage medium. Furthermore, hybrid approaches can be used. As with backup, data recovery is based on physical, virtualized, or cloud-based storage media, depending on the deployment. Data transferred over the network is encrypted for transport.
In addition to recovering affected data and systems, professional DRaaS offerings often include another essential business continuity feature. With cloud-based “failover environments”, a replacement system is put into operation when a system is down, allowing users to continue working with minimal disruption.
To monitor the protected systems and control the backups and failover environments, most DRaaS offerings have management consoles. These are usually web-based applications that are used via the browser. This means that it is still possible to access the console in the event of loss and this also works from mobile devices. Some DRaaS offerings also include a VPN function for accessing secured data and failover environments.
Since the development of network technology and the connection of servers to public networks such as the Internet, there have been many attacks on company IT infrastructures. Usually, administrators and technicians protect systems against unauthorized access and denial-of-service attacks. In recent years, another particularly worrisome type of attack has emerged where cyber criminals infect a device with so-called ransomware, also known as a “crypto Trojan”. This software nests on the device and encrypts the data there. Once encrypted, the actual users can no longer access the data and are asked to pay a ransom.
Crypto Trojans pose a serious threat today. Even conventional backups do not offer any protection, as they are encrypted and therefore rendered unusable in the event of an emergency.
In the course of the new threat situation, ransomware protection has established itself as an important feature of DRaaS solutions. This involves the use of another copy of all backed-up data. This is marked as “immutable”. Once written, the data can be read again and again, but not changed. This is also referred to as the “Write Once, Read Many” or WORM model.
