Disaster recovery as a service (DRaaS) for MSPs in a comprehensive cyber protection strategy

Cyber Protect Cloud

The modern business relies heavily on information technology. And it simply cannot function whenever its IT systems go down.

In the event of a sudden and unexpected disruption, from a power outage or natural disaster to equipment failure or system crash, the consequences can be catastrophic.

According to research conducted by the Federal Emergency Management Agency (FEMA), the outlook for businesses that suffer such a crisis is often terminal. It found that as many as 40% failed to reopen following a disaster. And of those that did reopen, only 29% remained in business two years later.

This underlines the compelling case for offering your clients a way to maintain business continuity if the worst should happen.

Disaster recovery as a service (DRaaS) is a solution you can provide to your clients to do just that.

So, in this post, we explain the concept of DRaaS, how it can help minimize the impact of a disaster, and why MSPs should include the technology in their portfolio of cyber protection services.

What is DRaaS?

DRaaS solutions replicate an organization's data and IT infrastructure in a secondary standby environment, which they can call upon to keep their applications running if the primary system goes down.

They also provide orchestration mechanisms so customers can quickly and efficiently failover to the secondary system as and when needed. Likewise, the DRaaS platform also provides a failback mechanism for migrating data back to the primary site once it's back up and running.

Figure 1: Failover solution by Acronis to protect customer infrastructure (Source: Acronis)

Replication can be either synchronous, where it is performed in real time, or asynchronous, which works on a near-time or scheduled basis. The choice between the two depends on several factors. But it largely comes down to cost and the amount of data loss a customer can tolerate in the event they do need to failover.

DRaaS solutions can be highly complex, as they must consider:

●        Virtual and physical environments

●        Dependencies between applications

●        Rapid switchover to the failover site when required

●        Scaling of standby resources when called into action

●        Continual synchronization of data to the secondary site

●        Network connection to the secondary site

Customers can choose from three different categories of DRaaS offerings. These are:

●      Self-service DRaaS: Where the vendor sells a solution for the customer to operate themselves

●      Assisted DRaaS: Where the vendor also offers advice and support when the customer needs it

●      Managed DRaaS: Where the vendor plans and fully manages the system on the customer's behalf

Providers of DRaaS may charge for their services on a subscription, contractual, or pay-per-use basis.

Role in data protection strategy

DRaaS usually forms part of a wider data protection strategy, which should include cybersecurity and a backup and recovery system based on the 3-2-1 backup principle. This is a simple rule of thumb, which is designed to minimize the risk of data loss, where you:

●        Store at least three copies of your data

●        Use at least two different types of storage media

●        Keep one copy in an offsite location

Backup and DRaaS complement each other in a number of different ways. For example, you would use backup as the recovery method if a client only needed to restore a small number of files.

In addition, backups provide a means of recovering from a ransomware attack. However, hackers often target both production data and backups. So it's important these backups are immutable. In other words, they cannot be modified, encrypted, or deleted until the end of a specified retention period.

However, unlike DRaaS, backups don't provide the network and server resources to keep IT systems going while you restore the primary site. Furthermore, recovery from backups can be slow, resulting in lengthy downtime your clients cannot afford. That's why they ideally need both solutions as part of a more comprehensive cyber protection approach.

Benefits to your clients

The following are the ways in which MSPs can benefit their clients by offering DRaaS as part of their range of data-protection services:

●        Convenient failover solution that helps them avoid the complexity of building their own replication system.

●        Informed advice on issues such as choice of failover architecture, regulatory compliance, and identifying which systems are a good fit for DRaaS.

●        Security expertise to help protect the secondary system from cyberattack.

●        Reliable and maintenance-free platform where you perform all testing and maintenance on the client's behalf, leaving them to focus on their own IT projects.

●        Affordable OPEX charging model, eliminating the need for upfront investment in their own failover infrastructure.

SMEs, in particular, will benefit from DRaaS, as they generally don't have the budget or in-house knowledge to build their own failover system.

However, despite the clear potential of the service, you may still need to overcome client objections to adopting the technology. The best way to do this is to explain the value it brings in terms of ROI. In other words, by comparing the cost of downtime with the much lower cost of a DRaaS solution.

You should also showcase your capabilities, such as your DR expertise, support for both virtual and physical environments, any highlights in your service level agreement (SLA), and the security of your failover system. This will be key in helping you to stand apart from your competitors.

Benefits to Your MSP business

With a DRaaS solution that's built specifically for MSPs, you'll be able to meet all of your clients' failover needs smoothly and efficiently from a single management console, helping you to:

●        Drive more revenue by complementing your existing backup offering with a new cross-selling opportunity.

●        Retain clients who need both backup and failover systems — because if you don't, they'll soon go elsewhere.

●        Stay competitive by enriching your portfolio with a more rounded data-protection offering. That way, you'll be able to meet evolving client expectations from MSP services and continue to attract new business.


DRaaS isn't right for every business. So it's important you identify the right clients for your service.

For example, if a client needs only a very basic failover system, they may have sufficient in-house expertise to implement their own solution. Others may not even need a failover mechanism — owing to the nature of their business and their IT systems.

However, one thing is for sure.

It's only a matter of time before one of your clients finds themselves in a disaster situation. They need to be prepared more than ever before. They also need to recover quickly, as the entire future of their business is at stake.

So make sure you include DRaaS in your MSP portfolio. That way, you'll be in the perfect position to exploit opportunities presented by the many clients who need it.

Acronis’ DR solution, Advanced Disaster Recovery for Acronis Cyber Protect Cloud, enables you to protect your clients’ workloads when disaster strikes by instantly spinning up systems with cloud-based recovery and restoring them anywhere. When you add Advanced Disaster Recovery to Acronis Cyber Protect Cloud, you can easily extend the cloud recovery services your clients need.

Acronis' powerful disaster recovery solution also makes it possible for you to roll out a profitable disaster recovery as a service (DRaaS) solution for your clients' tier one applications for the fastest possible cloud recovery services in the event of any disaster — whether it’s a natural disaster, cyberattack or human error. Watch a demo of Acronis Advanced Disaster Recovery, or try it free for 30 days!

More from Acronis