5 Tips to Slay the Cloud

Disaster Recovery Dragon

BUILD YOUR CLOUD DR CONFIDENCE AND CONTROL

IT organizations are choosing the cloud to harness the never-ending onslaught of data
coming at them, from sales to social media. Storing data in the cloud, along with virtualized
datacenters, is becoming a far more common practice as the cloud offers elastic storage
capacity, giving IT more freedom in moving workloads and eliminating operational waste.
While the cloud is less of an esoteric concept now, what has not gotten the attention it should
is data recovery. That’s scary, considering the incidence of company data breaches is on
the rise, with the number of incidents increasing 40% in 2016, year over year.1 Cloud-based
disaster recovery (DR) is the next hill for IT to take, the next frontier to conquer. It’s time
for IT to take the reins and deliver cloud DR that can provide a stronger offense against
cyberattacks through better visibility, tighter security and cross-platform management.

1 Bloomberg Technology, “2016 was a Record Year for Data Breaches,” January 19, 2017
 Remember when you thought ‘the cloud’ was really edgy, ahead of the
curve? Apple did television commercials for phones using the cloud.
‘Smartphone’ was a catchphrase. Ah, the good old days. Now the cloud
has evolved from a cool user app mentality to becoming a fundamental
part of how businesses store and retrieve data, and deploy applications.
In particular, businesses are using the public cloud to move data and apps
quickly, using dominant cloud providers such as Amazon Web Services.
A Forrester report estimates the global public cloud market to grow at a
22% CAGR, and to exceed $146 billion in 2017, a big jump from $87 million
just two years earlier.2

Whether an organization deploys the public cloud to move and store

data, its own purpose-built private cloud, or a hybrid combination, one
commonality that exists is the need to secure the data. Organizations
must also have thorough visibility into the repository and be able to
effectively recover critical data from the cloud should a disruptive event
occur.

Moving the organization from its current ‘we love data in the cloud’
premise to a more fully enveloped strategy that includes cloud DR, and
getting buy-in from the C-suite, takes a controlled approach. Being a
perfectionist, and aggressive in getting the needed tools, is what it takes
to deliver a highly secure, reliable DR solution.

Tip #1: Get a Management Reality Check. The IT team is well aware of the
need for reliable DR but the C-suite may be more focused on workload
increases and storage capacity than disaster recovery scenarios. This is
the time to lean on the C-suite for detailed information that will help set
overall objectives for recovery, and will indicate their level of buy-in for
enhancing cloud DR.

Questions can include:

• How is the C-suite envisioning use of the cloud over the next 1-2 years?
• Does the C-suite believe cloud deployment to date has lived up to its
expectations?
Cloud security spending
• What is the projected business growth of the organization over the next increased for 48 percent of
1-2 years? the companies in the past
• Given this anticipated growth curve is there budget considerations in year, while the IT security
place for increased workloads, for stepped up security for critical data
budget for other security
and applications?
• Is there sufficient awareness of the need to retire more legacy systems activities remained the same.
for cost effectiveness, and migrate more functionality, such as disaster SC MAGAZINE
recovery, to the cloud? February 2017

• Does the C-suite have a clear understanding of the elements of cloud

DR versus on-premises backup and recovery?

Don’t be surprised if these answers are not as satisfactory as one would

wish. How many C-suite executives really spend time thinking about DR?
It is incumbent upon IT to connect the dots between data storage and
recovery in the cloud and what IT needs to provide a cloud DR service that
ensures business continuity for the organization.

2
2 CIO.com, 6 Trends that will shape cloud computing in 2017, November, 2016
As one published article notes, it’s smarter for IT to make a business
value case for cloud expenditures and investment than to fall into the
trap of debating CAPEX versus OPEX.3 The C-suite needs to see cloud
investment, DR included, as supportive of their larger goals of growth, of
digital transformation and market competitiveness.

Tip #2: It’s Right to Feel Insecure about Security. Risk mitigation is
one of the stickiest issues in migrating workloads to the cloud. Often
colleagues may assume anything living in the cloud is getting advanced
data protection, and easily recoverable should a disruptive event occurs. It
is not the case. Here’s a cautionary item: In published reports, Bitdefender
said its security study4 showed one third of companies in the U.S. were
breached in 2016, and almost 75% of those targeted were unaware of
how the incident occurred. It’s good to remember data is the lifeblood that
5 Benefits of Disaster
feeds cybercriminals, and clearly organizations are not yet winning the
Recovery in the Cloud
war against cyberattacks.
Read why the cloud is ideally
The report5 notes that cloud security spending is on the increase but
suited to support disaster
about one third of the companies say they need more budget to deliver
recovery operations.
efficient IT security. ‘This is mainly because migrating information
from traditional data centers to a cloud infrastructure has significantly
increased companies’ attackable surface, bringing new threats and more
worries to CIO offices regarding the safety of their data. From the total
base of the IT decision makers, they say only 64% of cyberattacks can be
stopped, detected or prevented with the current resources, on average,’ http://bit.ly/1DQ0XSQ
the report states.

Against this landscape, a few key items to consider for cloud DR:

• Can the organization verify that workloads deployed on cloud

infrastructures are protected by a true backup solution? Some
organizations believe simple replication across availability zones is the
same thing as backup.
• Are 2nd and 3rd tier workloads moving to the cloud securely managed
by a disaster recovery solution? Failure to look beyond Tier 1
workloads creates a potential risk exposure issue and/or a compliance
violation.
• Is IT fulfilling SLA requirements for backup and recovery regardless of
infrastructure – including all cloud workloads?

GETTING BETTER CONTROL

Adequate investment in cloud security is the first step. IT can provide
a more confident, reliable cloud DR service, be in greater control
of workload protection, and gain more traction with the C-suite, by
incorporating these three additional best practices:

Tip #3: Your Data is Restless. Help it Move. Complete data and workload
portability is essential since IT needs to be able to move workloads to,
from, and within clouds, regardless of the data’s origin. Should IT need
to quickly implement cloud DR, this portability ensures workflow will
continue. IT therefore can automatically provision the required compute
nodes and recover data sets in a public cloud infrastructure, ensuring

3 SearchCIO/Tech Target, the value of cloud computing to the C-suite, January, 2017 3
4 SC Magazine, One third of U.S. companies breached last year, study, February, 2017
5 Bitdefender, Virtualization makes CIOs role key
business continuity. The portability must include migration and recovery
between AWS, VMware, Hyper-V, and Azure to have sufficient cross-
platform recovery capabilities.

Tip #4: Be a Know-it-All. Cloud DR control means having comprehensive

visibility into all cloud-related digital assets. This is possible with an
advanced centralized management solution that will give IT the ability
to not only move workloads according to priority, but also ensure
critical workloads get priority in disaster recovery. Since organizations
often have a combination of on-premises, hybrid and public cloud data
locations, operational and recovery management through a central portal
is a must-have to provide efficiency and business continuity.

Tip #5: Move it (Fast) or Lose It! The organization’s expectation is that
cloud DR should be rapid, reliable and ready to deliver the critical data
sets and applications needed to perform business operations. So what
does ‘rapid’ mean? Working with the IT and executive teams, IT cloud
architects and managers can set recovery time objectives (RTO) for
business-critical applications such as email and CRM. These RTO’s
should fulfill SLA’s and include Tier 2 and 3 workloads as well as Tier 1, to
mitigate further security and compliance risks.

BECOME A CLOUD DR DRAGON SLAYER

In a lovely Disney cartoon, organizations would embrace the cloud for
its elasticity, its inherent harmony with the world of virtualization and its
fit with modern IoT culture. There would be no cyberattacks, or if there
were, an attractive dragon slayer would fight the beast and the world
would be safe. But the real world is a far more threatened environment
and IT has the daunting task of employing the cloud for all its operational
advantages, and at the same time, being the dragon slayer! Putting these
five control tips into practice is a good start in delivering a solid, reliable
DR strategy.

Develop the best cloud disaster recovery strategy to support your enterprise. Visit commvault.com/cloud.

© 2017 Commvault Systems, Inc. All rights reserved. Commvault, Commvault and logo, the “C hexagon” logo, Commvault Systems, Commvault
OnePass, CommServe, CommCell, IntelliSnap, Commvault Edge, and Edge Drive, are trademarks or registered trademarks of Commvault
Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to
identify the products or services of their respective owners. All specifications are subject to change without notice.

COMMVAULT.COM | 888.746.3849 | GET-INFO@COMMVAULT.COM

© 2017 COMMVAULT SYSTEMS, INC. ALL RIGHTS RESERVED.