Gartner Highlights 5 Questions for a Possible DRaaS Provider

Disaster recovery is something that you won’t want to look past when it comes to your business. To sidestep unexpected costs, and ensure your implementation goals will be met, it’s important to ask potential vendors pointed questions when it comes to your Disaster Recovery as a Service (DRaaS) platform.

Research analyst Gartner released a report that highlights five questions to ask a provider, if you’re currently in the research phase and looking to implement a new tool. Some key takeaways from the report include that DRaaS adoption has increased, especially for small to mid-sized businesses. But the amount of vendor choices DRaaS can be cumbersome. Providers range from those who have a collocation focus to those that focus more on pure-play cloud brokers, Gartner reported.

The report also noted the following recommendations:

• Do not make price the deciding factor.
• Highlight what the service contract guarantees, don’t look at marketing recovery time objective and recovery point objective claims.
• Ensure the provider has the ability to satisfy both regional disasters where many customers could be impacted, along with where the provider itself is stationed. If the provider is affected, will you get the help you need? If yes, get it in writing.
• Get details on the on-boarding process. You want to make sure the solution is the right size for your needs and that the vendor offers an automated disaster recovery playbook.
• Choose a vendor that will match enterprise capabilities.

And that’s not all. The report also highlighted that there’s been a 77 percent increase in inquiries about a DRaaS solution and Gartner predicted that the market as a whole has the potential to triple in the next three years. By 2019, the space is expected to be at a revenue point of $3.4 billion. The competition among vendors is also growing; according to the report, the number of DRaaS providers ballooned by 40 percent in the last two years.

Here are the five questions to ask a potential DRaaS provider, suggested by Gartner:

1. RTO and RPO Service Levels

It’s important to learn about the RPOs and RTOs when establishing a disaster recovery plan. RPOs refers to how much data you can afford to lose, and that is likely very little, while the latter refers to the amount of time it will take for a system to recover.

Question from Gartner: “Explain how RTO and RPOs are guaranteed with your service, as well as how they and/or other SLAs are defined, measured, tracked, enforced and credited if missed.”

2. Onboarding Process

Gartner reported that 18 percent of organizations said DRaaS vendors need to improve their on-boarding efficiency. Make sure the provider knows their process inside and out. You’ll also want recovery assurance.

Question from Gartner: “Describe the service on-boarding process — timing, deliverables, the user acceptance test (UAT) process, training for IT staff in the use of its service, and to what extent the provider facilitates recovery assurance and the creation of an automated disaster recovery playbook via the portal.”

3. Service Provider’s Restore Experience

Make sure real-life disaster recovery experiences are completely separate from underlying technical capabilities.

Question from Gartner: “Please describe the last five disaster declarations and your resulting performance — including details about the problem itself, to what extent each incident included a hybrid (mix of physical and virtual infrastructure) architecture, lessons learned, and how long it took to restore initial functionality and to then also failback operations post disaster. Please also include references.”

4. Guarantee of Resources When Needed

Hurricane Katrina was a regional disaster that reminded organizations that their DRaaS tool should be available at all times. A vendor should be able to help themselves and their clients in the event of a natural disaster or widespread outage. Make sure your DRaaS provider has a business continuity plan in place.

Question from Gartner: “What guarantees are provided that ensure the required capacity and associated services will be available when needed? Please include details as to ability to serve multiple customers following a regional disaster (concurrent customers that factor in compute, storage and network needs), and the business continuity plan associated with the ability to provide services when your enterprise is impacted.”

5. Security

Some say that security is less vital for disaster recovery environments than production. In fact, a 2015 Gartner Research Circle survey reported that less than 50 percent of enterprises are checking their backed-up data for malware, and hackers know it. Even if you test often, malware can still go undetected. Another recovery outlet may be necessary, and Gartner predicts that by 2020, 30 percent of enterprises attacked by a cyber criminal will spend more than two months cleansing their backup and that usually means delayed recoveries.

Question from Gartner: “Describe the security attributes included in your service related to prevention, detection and remediation. In doing so, provide details regarding the degree of isolation, encryption, monitoring, logging and remediation capabilities — including whether another recovery site will be available during a cyberattack investigation or whether another site will be available in the event a parallel disaster event occurs.”

Click here to see the entire report and to learn what answers to listen for. 

And don’t forget to check out our buyer’s guide that includes an overview of the market and top vendor profiles.