A Q&A with Zeb Ahmed of iland
While most companies seem to understand that preparation is necessary for worst case scenarios, there’s often confusion about what backup services can and can’t do, says Zeb Ahmed of iland. I asked Zeb about the differences between backup and disaster recovery and how organizations can determine which service they might need.

How does backup differ from disaster recovery?
It’s common for people to mix up the two and think that backup services will encompass disaster recovery. In my mind, backup is typically just a copy of data without any restore automation and predefined Recovery Time Objective/Recovery Point Objective (RTO/RPO). If something happens and the server gets corrupted, you will still have access to your data, but the amount of time it takes to recover and back online could vary based on where the backed up data resides and which application needs to be restored. Disaster recovery is something you need to cover the span of your whole environment with predefined business RPO/RTO and automation of the failover or failback process. It allows you to have a duplicate environment with all of the associated infrastructure up and running while keeping the business RPO/RTO in line. Typically Disaster Recovery does not focus on retention of data, as it normally focuses on getting the business up and running with the latest copy of non-currupted data.

When would someone need backup and when would they need disaster recovery?
Key differentiators are data retention and definition of RTO/RPOs. A backup is generally geared toward customers with longer retention and file level recovery needs, such as legal firms, who might need to restore data from nine, 12, 15 years ago, whether it’s a single file, a mailbox or something much bigger. A Backup solution will also provide more features around how the data is retained and copied, such as daily backup vs. monthly or annual backups. Moreover, in most cases backups do not focus on how quickly a business needs to be up and running again and RPO/RTO are undefined.

If the goal is to stay within predefined RTOs/RPOs—leveraging automation to ensure that goal is efficiently achieved—disaster recovery would be the best route to go.

In case of data breach, loss, corruption or a natural disaster, not having a copy of the data can be catastrophic for a business.

Can you give us a hypothetical example of what could happen during a data breach event if the organization does not have a backup service?
In case of data breach, loss, corruption or a natural disaster, not having a copy of the data can be catastrophic for a business. Studies show most business do not recover from these situations. Having processes in place for both data protection and data redundancy is crucial. As a Solutions Architect, I see that these scenarios are the biggest backup and disaster recovery conversation initiators. Working for iland, which is a leader in Disaster Recovery as a Service (DRaaS), I speak to customers on a daily basis in similar circumstances. Recently, I spoke to a customer in the healthcare space that had encountered an internal data breach and data loss. Not only did business suffer financially, but it also created legal issues for the company. We helped them define their data redundancy requirement while keeping their business objectives in mind and establish a backup as well as a geographic disaster recovery solution to meet their business needs.

What does iland’s backup service entail?
Not only is iland a leader in the disaster recovery as a service, but we also lead the pack in providing backup as a service. We have partnered with the best enterprise backup solution provider on the market, Veeam, to provide offsite backup services via its latest software feature Veeam Cloud Connect. This solution fully integrates into the customer Veeam console where the end user has the ability to manage onsite/offsite backups and restores. It provides customers with the ability to encrypt, compress and de-duplicate data to ensure data sovereignty while keeping the data footprint as small as possible. The solution also eliminates the need for the VPN, as all encrypted backups happen over the WAN. It also provides a built-in WAN acceleration ability, ensuring data gets transferred as efficiently as possible.

iland also provides its Enterprise Cloud Services (ECS) customers with automatic seven-day backup, and teams can easily access and restore files via iland’s industry-recognized ECS portal—a single interface that enables customers to manage and analyze all of their global iland cloud operations, spend and recovery.

What are the pros and cons of backup services?
Backups are the most economical way of accomplishing data redundancy and establishing some piece of mind, as teams know there is another data copy available in case of data loss. Backup solutions have the ability to keep multiple point in time snapshots of data, such as daily, monthly and annual backups, as well as rich feature sets, such as encryption, data de-duplication, file level recovery and data retention. That said, generally, a backup solution does not focus on business RPO/RTO and automation for failover. If the business is focusing on recovery from an event – whether it be a natural catastrophe or smaller-scale incident – and ensuring minimal downtime, disaster recovery solution may be the route to go.

In Summary…
We thank Zeb for his insight and concise explanations of these important topics. Both backup and recovery are vital to mitigating first-party risk exposures such as business interruption due to a loss of systems, network and/or data. This issue warrants the attention of risk managers in companies large and small, across all sectors—with the only possible exception being a roadside stand selling fruits and vegetables. Even then, that business might have a website and might need to think about having solutions in place.