– Greg Lairdvice president of Datalink (www.datalink.com), says:

When you’re faced with another predictable work-week, it’s hard to think of what you (and your data center) would do if the unthinkable happened. Yet, over the past 12 months, a wide swath of U.S. businesses has had to do just that after being confronted with extreme acts of nature.

In the Fall of 2011, Atlantic states had to bounce back from record flooding after Hurricane Irene made landfall across the Eastern Seaboard. Ripple effects from an Arizona utility worker’s error caused a Southwestern blackout which impacted millions of homes and businesses. More recently, record heat waves and a string of deadly thunderstorms across several states triggered extended disruptions in the U.S. power grid. These not only threatened this year’s local July 4th events, but they also wreaked havoc on local homes and businesses as well.

Such events often cause businesses to refocus on what it would take to keep their people, processes and systems up and running after a disaster. How would your data center bounce back from a sudden outage? What if a disruptive event lasted a few days (or more) and made your critical applications and data suddenly unavailable? How would that impact your company’s potential revenue, its customer base and its overall perception in the market?

According to Gartner, only an estimated 35% of small to medium-sized businesses (SMBs) currently has a disaster recovery (DR) plan in place. Even less of those has a related business continuity (BC) plan. In this case, it’s clearly time to be one of the “haves” instead of one of the “have nots”.

With that in mind, I’d like to offer some tips and advice on using the cloud and related technologies to help prepare for any unwelcome, future surprises.

Backup or DR in the Cloud: The Good and the Bad

Cloud-based application and data services have become a popular option in the area of disaster recovery and business continuity. These services are now starting to gain the ear of many IT directors and CXOs. With many cloud providers promoting an “always-on/always-available” message and an affordable, OPEX-based cost-per-use model, it’s easy to see why they are becoming popular.

Sending your backup data off-site to a cloud provider, in theory, ensures you’ll always have another copy of your data, hopefully, accessible from another region, if needed. Some cloud providers let you back up your applications along with your data. You may even opt to replicate much of your critical systems to the cloud provider. This service-based approach to backup/DR has both pros and cons.

Here’s the Good News…

A few years ago, many businesses had their development and testing personnel at one site while their production employees were at another. If you had a major outage at your production facility, knowledgeable personnel at the other site could theoretically step in. You had, in effect, implemented a solid business continuity practice: Successfully separating your people, your technology and your processes.

This same practice can hold true for many backup and DR cloud providers as well. Leveraging the cloud in this manner, it’s possible for you to obtain a similar result, at a better cost. Suddenly, the cloud provider’s personnel are able to support your IT production processes while you focus on the disaster itself.

Many DR-related cloud service providers also use the latest backup, virtualization and DR technologies in their data centers. Instead of IT being viewed as a cost to the overall business, it becomes the cloud provider’s core competency. This is an area of differentiation where the average business can also benefit.

…And Here are Some Potential Problems to Avoid

While cloud services can be impressive, it’s important to keep some potential pitfalls in mind. Sending your data and applications to the cloud can lull some companies into assuming they are now adequately prepared for a disaster. Putting your DR “in the cloud,” however, doesn’t shift DR responsibility to the cloud service provider. It just shifts operations to the service provider.

In other words, the cloud provider should still be viewed as an extension of your data center and an extension of your own enterprise operations. This means you need to look closely at the service provider’s SLA to ensure they have satisfied your expectations before a disaster strikes.

Here are a few SLA items we’ve come across as we advise clients in the areas of BC and DR:

o   Get the provider to commit to performing an acceptable level and frequency of DR testing on your applications and data. Make sure the provider’s SLA spells this out, along with the specific DR test steps involved.

o   Get the provider to commit, in writing, to having your data or applications back up and running within a certain amount of time after you’ve declared a disaster. As a refresher, this is also known as the RTO (recovery time objective). An RPO (recovery point objective) is also important, which specifies how current your data should be once it’s been restored.

o   Have the cloud provider communicate their “Plan B” in case they also experience a disaster or outage that impacts your data/applications. Make sure you are comfortable with their level of redundancy and automation. In a world where even the Amazon cloud can go down, you must prepare for the prospect that your cloud provider could go down as well. If you aren’t comfortable with the provider’s Plan B, build in your own redundancy, possibly with a second cloud provider.

Can the Cloud Solve All Ills?

Just as with traditional DR, there isn’t a single blueprint for cloud-based disaster recovery. Every company is unique in the applications it runs, and the relevance of the applications to its business and the industry it’s in. Therefore, a cloud disaster recovery plan should be very specific and distinctive for each organization.

Cloud services, like virtualization, can be excellent enablers to effective DR. But, they still represent a small part of an overall BC strategy. 

Let me leave you with some final words. To achieve success with DR, you need to first decide which key applications and data you can’t be without for long following a disaster. You then need to see what upstream and downstream processes could be impacted by those applications and plan accordingly.

Identifying and prioritizing the risks, then documenting the specific steps you plan to take when disaster strikes are a good start to ensure that your people, processes and technologies will bounce back accordingly. You might then find that choosing cloud technologies–or something else– is the best choice to help get you there.

Greg Laird, vice president of Datalink consulting, leads Datalink’s consulting services organization, where he develops methodologies and manages the delivery of consulting services focused on data center optimization, cloud initiatives, virtualization, business continuity, and disaster recovery. Greg has experience in leadership positions for both startup and Fortune 50 high-tech companies. During his 30-year career, he has delivered bottom line results, streamlined existing operations, turned around unprofitable functions, and directed the start-up of new business units with revenues from $0 to $150M. He has deep expertise in general management, strategic planning, P&L management, software development, and operations. Previously, he held executive management positions with IBM, Siemens, Xerox, and PreNet.