What is managed disaster recovery?

Managed disaster recovery (DR) is a service offered by third-party cloud providers who manage a business’ disaster recovery by replicating their systems and data to a private or public cloud and orchestrating the failover and failback process. Managed DR is also called Disaster Recovery as a Service (DRaaS).

Companies of all sizes used managed DR and pay for the services via a contract or on a monthly or annual fee.   

According to industry experts, the average cost of downtime is increasing every year. For example, according to one study, the average cost of downtime across all businesses was $260,000 in 2016, up 60% for some industries in 2014. In another study, 25% of respondents worldwide reported average hourly server downtime costs between 301,000 and 400,000 USD in 2020 (see Figure 1).   

While there are countless other statistics on how much a disaster can cost your business, one thing is certain: If your organization does not recover quickly from a disaster, you can risk going out of business. This is why many organizations choose managed disaster recovery.  

Managed DR, also known as managed IT recovery, minimizes downtime and data loss to ensure business continuity, lowers disaster recovery costs, and helps an organization stay in compliance with regulatory requirements.

Whether you’re hit by a flood, hurricane, tornado, fire, or cyberattack, any disaster that destroys or brings down your IT systems and causes downtime can put your organization out of business. With managed DR, the cloud provider is responsible for ensuring your organization achieves agreed-upon recovery point objectives (RPOs) and recovery time objectives (RTOs). These are defined as:  

Recovery Point Objective (RPO). The maximum amount of time that you are willing to lose data on your systems because of an event. Recovery Time Objective (RTO). How fast you can recover from the moment of a disaster to the moment you return to normal operations.

Reputable cloud providers offer a guaranteed service level agreement (SLA), which dictates these terms, ensuring that your systems and business get back up and running fast while minimizing data loss. 

For any business, self-managed DR can be a high-risk, expensive option because it requires:

• Internal IT technical staff and expertise to develop, test, and execute your DR strategy
• Your organization to back up your systems and data and maintain these backups in an off-site data center, physical or virtual machine (VM), or on disk or tape stored off-site
• Duplicate data centers and physical servers requiring investment in hardware and software, and paying for maintenance and support costs. If you choose not to have the hardware or software ready if a disaster happens, your may experience extended downtime as you wait to purchase and install new systems.

With managed DR, you will reduce costs and enjoy peace of mind because:  

• Smaller businesses eliminate the need to hire DR experts.
• Larger IT teams can focus on core operations versus DR planning, testing, and execution.
• The cloud provider will orchestrate the backup, failover, and failback services and maintain your backups in a safe and secure data center.
• You will not need to invest in purchasing and maintaining a separate data center or duplicate hardware or software.
• You can cut your recovery time from days and weeks to minutes and hours – in some cases recovery can be as fast as 15 minutes.

For organizations legally required to comply with industry or government regulatory requirements – such as HIPAA, GDPR, PCI, SOC 2, etc. – managed DR can help you stay compliant. Reputable cloud providers can ensure compliance with whatever controls you require, which is why it is important to ask the right compliance questions when researching managed DR providers.

If your business is in a regulated industry, check if your chosen managed DR provider will enable compliance for:

• Defined scope and storage of financial records
• Access and audit controls on customer information systems
• Access restrictions on data centers
• Encryption of electronic customer information
• Procedures to ensure that system modifications do not affect security
• Dual control procedures, segregation of duties, and employee background checks
• Monitoring systems to detect attacks and intrusions into customer information systems
• Response program that specifies actions in a case of unauthorized access

Want to be sure your managed DR provider uses software you can trust? With Acronis, your managed service provider can add disaster recovery to your backup system in minutes and protect your workloads by instantly spinning up IT systems in the managed cloud recovery site and recover them to any similar or dissimilar hardware.