Chairman of the Board of Directors
5 Questions You Need to Ask Your DRaaS Provider

5 Questions You Need to Ask Your DRaaS Provider

Since the advent of cloud computing, organizations of all kinds have leveraged its capabilities to modernize their IT systems. From data storage to software applications, the cloud can fulfill almost any need that a business may have.

Many organizations are now turning to the cloud to facilitate disaster recovery. Organizations looking to improve their business continuity rely on disaster recovery as a service (DRaaS), a cloud solution that allows them to replicate and back up their data and applications via a third-party vendor. The organization is able to operate as usual in this new virtual environment while the primary system is repaired.

However, given the array of DRaaS providers out there, it can be difficult to find the one that’s best for your organization. Here are a few questions you should ask any potential DRaaS vendor:

1. Are they compliant with security regulations?

You should never choose a DRaaS provider that cannot prove their security standards. Not only should they leverage the latest technologies to keep both their environments and your data secure, but they must also comply with certain regulations. Depending on the type of data your organization has, you will need your DRaaS provider to meet different standards. If you handle healthcare information, for example, you must ensure the DRaaS provider’s compliance with the Health Insurance Portability and Accountability Act (HIPAA). For financial data, your provider must comply with Sarbanes-Oxley Act (SOX) and Financial Industry Information Systems (FISC) standards.

2. How fast are their recovery speeds?

The entire purpose of DRaaS is to ensure that your organization has the IT resources it needs for business continuity—that means minimal downtime. As such, it’s important to examine providers’ recovery speeds and determine if they meet your own objectives before agreeing to any contract.

Your disaster recovery plan should help you achieve two outcomes: a short recovery time objective (RTO) and a short recovery point objective (RPO). The former refers to the duration of time that can pass before your business continuity is compromised after a disaster; the latter establishes a time limit for the restoration of a business function after an interruption, in order to avoid negative consequences. Your DRaaS provider should work with you to establish an RTO and RPO that are as close to zero as possible. In addition, be sure to include your RTO and RPO expectations in your service level agreement (SLA) so there’s no confusion about your provider’s responsibilities in the event of a disaster.

recovery speed

3. Do they have ample geographic spread?

The best DRaaS solutions leverage geographic diversity to guarantee continued uptime of cloud environments. In the past, achieving such a setup would require your organization to make copies of your data and applications, move them to another site, and pay to manage that additional data center.

Today’s DRaaS providers do this for you, and the best will maintain more than one backup site. More importantly, they will place these sites far enough away from each other that they won’t all succumb to the same disaster. Look for a DRaaS vendor with good geographic spread. Data centers that are more than 20 miles apart should prevent localized disasters from taking down all of your disaster recovery resources at once.

4. Do they facilitate regular testing?

It isn’t enough to devise a disaster recovery plan with your DRaaS provider. You must ensure that your plan aligns with your goals and actually keeps your organization running after a disaster. Testing is the best tool you have to verify the efficacy of your disaster recovery plan, and your DRaaS provider should be there to help you with it.

Some providers will conduct testing on an annual basis, but you really should evaluate your disaster recovery plan more frequently. With the assistance of a good DRaaS provider, you’ll have the technology and support needed to facilitate thorough, rigorous tests without disrupting your daily operations. In some cases, you may be permitted to conduct your own testing.

5. Are they reliable?

You should be looking for a DRaaS provider that can prove more than just their technical capabilities. It’s crucial that you also find one that will be a reliable choice for your business.

To this end, ask potential vendors about the level of support they provide following a disaster. Some DRaaS providers are more accustomed to working with large organizations and focus less on individualized support, while others will work hand-in-hand with you on all your disaster recovery needs. Whichever option you choose for your organization, you should select a provider that will be available to assist you any time of day or night.

When evaluating the reliability of DRaaS providers, you should also look to their experience. Have they successfully implemented a recovery plan after a major disaster in the past? Those with a proven history of excellent disaster recovery will be a better choice than less experienced providers. If you need more background, you can turn to a provider’s current customers for references. Aside from their general opinions, you should ask about their experience working with the provider’s team. After all, if a disaster occurs, these people will be responsible for managing your organization’s IT infrastructure.