This is part 4 in our cloud-native series, covering disaster recovery (DR) considerations for organizations adopting a cloud-first or cloud-native strategy. You can catch up on the series beginning with Part 1 .

When disaster strikes, it’s critical to have a plan. That’s true in our personal lives as well as the data and repos that companies depend on to stay in business. In addition to disasters such as flooding, wildfires, and even freak Texan blizzards, companies should plan for and be able to recover from cyber attacks and ransomware.

Are disaster recovery (DR) and cyber recovery (CR) the same?

The short answer is no. Disasters are usually containable to a specific region, such as an office that floods. Cyber recovery events can spread quickly across all offices and networks. However, adopting a cloud-first approach can help with both types of disruptions.

DR and CR in the cloud

As companies adopt more cloud-based services, deploy their own applications to the cloud, and hire employees across regions, company data may be scattered in multiple places. The DR plans that worked for an on-premises data center are not sufficient. Keep reading for tips on managing DR and CR in the cloud.

1. Understand the Shared Responsibility Model. The Shared Responsibility Model outlines the responsibilities of each cloud provider and yourself when you buy and leverage compute and storage services. Cloud providers like AWS, Google Cloud, and Azure usually handle the physical data center, the host operating system and its patches, and networking for the services it provides. Customers are responsible for their data, the guest operating system, and any applications installed. You can read more about each provider’s shared responsibility model here: AWS, Google Cloud, Azure.
2. Audit your data and where it’s located. You cannot protect or recover what you don’t know exists. Are your development teams using services in both AWS and Google Cloud? Is your HR department using an employment management system in a third cloud?
3. Not all data is created equal. Once you know where your data is, it’s time to prioritize what you absolutely must recover and how quickly you need to recover it. The more data you transfer between regions, or move from lower-cost “cold” storage to high-access storage, the higher your bill will be. For a natural disaster, you may have long-term backups of most of your data that can be recovered over time. For a cyber recovery event, prioritize the most critical data you can restore quickly.
4. Cloud providers can failover to other regions. A significant benefit of working in the cloud is that providers run multiple regions and can provide increased availability and failover in the event of downtime. This is more cost-effective for small and medium companies that could not otherwise stand up and maintain multiple data centers. These services are not free, so it’s still important to inventory and prioritize the data and applications that will receive this treatment. Learn more about failover between availability zones and cross-region from AWS and Azure.

Selecting a cloud DR solution

Cloud providers also offer their own disaster recovery services (AWS, Azure, Google Cloud). These can be very attractive and simple solutions for single-cloud customers. The main cloud providers can also provide long-term, low frequency of access storage to back up your on-premises data. If your data and applications are across clouds, you may need DR services for each cloud, or you can look at multi-cloud cyber recovery solutions, such as the one offered by Dell and Faction.

Have questions? ReleaseTEAM provides consulting services, helps customers evaluate solutions, and is an AWS solutions expert.