Escaping Disaster – A Deep Dive into DRaaS

April 16, 2021

In our ever-connected world, where the need for 24x7x365 business application availability is expected and business data is more valuable and sensitive than ever, a catastrophic loss of either could spell disaster for your company. Worse still, a disaster can strike at any time, making the need for a disaster recovery plan (DR plan) vitally important. Unfortunately, as important as it is, developing one, setting it up, and maintaining one yourself in-house is incredibly complicated and prohibitively expensive for most businesses. Or at least, it used to be. With Disaster Recovery as a Service (DRaaS) growing in popularity and with being made readily available from professional service providers at a much more manageable cost, it is now considerably easier to plan, test, and implement a DR plan for an organization of any size. Here we will cover everything you need to know about DRaaS, what it is, why it’s important, and how to implement it into your organization.

Understanding Disaster Recovery

In simple terms, Disaster Recovery, or DR for short, is the act of investing in computing hardware and software, as well as backing up of your data, specifically for use in the event of a disaster that renders your primary computing infrastructure inoperable and/or including a partial or total loss of your data.

In nearly all cases, this hardware and software is stored in an off-premises location in order to keep it safe from any disaster that would affect your organization. This could include anything from natural events to cyber-attacks and hardware failure. The simplest form of DR is a data backup. However, this provides minimal business continuity at best because your infrastructure itself isn’t backed up, only your data is. As such, it can be ignored for the most part. To ensure business continuity, it is vital that both your data and infrastructure are backed up.

Building a Successful DR Plan

Setting up an effective DR plan is critical for any business. However, in order to do so, there are a few key elements that need to be addressed.

Core DR Team: You will first need a group of specialists who will be responsible for creating, implementing, and managing the DR plan. You will need your brightest minds for this, those who have in-depth knowledge of the operations of your company. They will also be capable of working well with the executive management and should be well versed in how to communicate with each other, employees, vendors, and customers.

Evaluating the Risks: Risks can come from various sources and understanding what measures and resources will be needed to resume business in the event of a disaster is key to a DR plan. This can include everything from a cyber-attack to a natural disaster. This is further complemented by a Business Impact Assessment.

Business Impact Assessment: In order to develop a good DR plan, it is vital to get a deep understanding of your systems, applications, data, and other resources and the level of impact they have on your business. This is, in fact, the most vital part of your DR plan and this is also where a Business Impact Assessment (BIA) comes in. It will help you identify those business processes and IT systems that are the most critical for business continuity. You also need to analyze and figure out the total downtime that your organization can tolerate for each of these mission-critical business processes and systems before the business itself fails. This will eventually give you the proper scope of your DR plan.

Your Recovery Targets: Once you have completed your BIA, you will have a pretty good idea of what needs to be backed up or relocated, how frequently it needs to be done, and how quickly it needs to be recovered to minimize the impact of a disaster and to ensure business continuity. This is all the information you need to set out your Recovery Point Objective (RPO) and Recovery Time Objective (RTO). The former is the outlines the maximum amount of data loss that you are willing to incur before it causes unwanted damage to your business. This also determines the frequency at which your data will be backed up. The RTO however outlines the maximum period of time you can allow before your applications and systems will need to be operational again to ensure business continuity. Once these limits have been established, you will get a much clearer idea of your goals for your strategy as well as the kind of DR that would best work for your organization.

The 3-2-1 Rule: All the best organizations in the world employ the 3‐2‐1 rule when it comes to backing up data. It would benefit any organization to accommodate for this if possible. Here is how it works:

  • Keep 3 copies of data: 1 primary, 2 backups
  • Use 2 different types of media
  • Keep 1 set in the cloud in DRaaS or BaaS (backup as a service)

Testing and optimization: Even after your DR plan is in place and everything has been established, the job of the DR team is not done. The world of technology is constantly evolving and with it, new threats and business requirements will come in. It is the job of the DR team to consistently be testing and optimizing their security and data protection strategies to adapt to these new requirements and ensure the organization is ready for any type of disaster situation.

Types of DR

Now that you have most of your DR plan in place, it’s time to select the type of DR that is a good fit for your organization. This is where the three primary types of DR come in – Hot Site, Cold Site, and Warm Site.

Hot Site: In a hot site, an organization’s entire IT environment is backed up in as close to real time as required at a secondary site. This includes maintaining servers and other components at the same release and patch level as their primary counterparts. Hot Sites like these offer the best recovery times but are significantly more time-consuming and expensive to set up.

Cold Site: This is effectively just a secondary site with basic enough infrastructure to allow for business continuity in the event of a disaster. However, this type of disaster recovery doesn’t accommodate for data recovery and can sometimes take days or even weeks before operations can get underway. They are, however, significantly cheaper to setup than a hot site.

Warm Site: As the name implies, this is somewhere between a hot site and a cold site where data may be backed up but not necessarily as often and the systems and hardware may not be kept up to date. It can take days to restart operations at a warm site but it’s quite a bit cheaper than a hot site and you won’t necessarily lose all your data.

Given the time, cost, and complexity, good DR options such as proper hot sites used to be out of the reach of most businesses, with only the largest being in a position to afford them. This is exactly what DRaaS was designed to change.

What is DRaaS

Disaster recovery as a service (DRaaS) is a rapidly growing cloud‐based service where a third-party vendor takes care of the replication and storage of your business-critical systems, applications, and data. DRaaS service providers do this by leveraging their own data centers to provide cloud-based infrastructure that is far less expensive to the end-user than on‐premises systems. Furthermore, the service provider also handles all the complex back‐end management, proving the customer with a simple user interface for setting up and managing their DR solution. The ability for the solution to scale and share cloud resources is another great benefit that keeps costs low. As with most other cloud-based “as a service” solutions, DRaaS follows a pay-as-you-go model, with the total cost purely based on a combination of storage, bandwidth, RAM, compute cost, and licensing fees for the backup software, wherever applicable.

The Three Types of DRaaS

While you may already have a DR plan in place, choosing the right disaster recovery software or service is just as important. In fact, this vital decision could mean the difference between success and failure for your business continuity plans. For DRaaS, there are three types to choose from.

Self-service DRaaS: With self-service DRaaS, you effectively buy the solution from a vendor and run it using your in-house team. This includes everything from planning, testing, and management of disaster recovery. If you already have the infrastructure needed in a remote location, together with the necessary expertise in place to manage it, this this could be a more cost-effective solution.

Assisted DRaaS: If on the other hand you have the infrastructure but lack some of the expertise to run DRaaS software, or if you prefer to maintain some aspects of your disaster recovery plan, Assisted DRaaS is a good choice. It’s a middle ground option between self-service DRaaS and a fully managed solution, where you purchase the solution from a vendor or service provider and run it on your own infrastructure but are supported by said vendor to maintain and optimize the solution.

Managed DRaaS: With Managed DRaaS, the service provider takes over complete responsibility of the DR Solution. This includes assisting with drawing out your DR plan, backing up whatever is required, as well as all testing, optimizing, and maintenance. It comes as no surprise then that this is by far the most popular option amongst the majority of businesses. Especially so, as most DRaaS service providers also provide other useful services such as Software as a Service, Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).

How Does DRaaS Work?

Assuming that you have your DR plan now in place, you have selected your service provider, and have backed up the required infrastructure, systems, apps, and data via physical or virtual servers at the service provider’s data center, we can now look at how DRaaS actually protects your system. Broadly speaking, DRaaS involves three key processes. They are as follows:

Replication: The very first step is the actual replication of data and systems as required. Data from your primary site will be synced and replicated at the service provider’s data center. The frequency of the replication and the data and systems to be replicated are determined by the RPO and RTO outlined in your DR plan. Regardless, in most cases this data is replicated on both virtual and physical servers.

Failover: This is the process of shifting the end-user’s access over to the secondary site hosted by your service provider. There are basically two types of Failover – Planned and Unplanned. As the name implies, Planned Failover is a deliberate switch that is either part of a test or to cover for an instance when certain systems on your primary site will be going offline. The Unplanned Failover occurs during the time of an unforeseen disaster that makes your primary server go offline. In such an instance, the secondary server will automatically take over and all access will be switched automatically.

Failback: This is the process of moving your company’s environment back over to the primary site. The failback can occur back to the original site or to an entirely new one if required. However, this is also a temporary state as with failover, and can be reverted back to a failover state if required. In order for it to be permanent, it needs to be “committed” and the replication process needs to be restarted.

Advantages of DRaaS

Although a relatively new cloud-based solution, it is fast growing in popularity, thanks to its cost savings over traditional DR solutions. This is especially true now after people have realized the importance of DR in light of the current pandemic. However, there much more to DRaaS than just cost savings. Here are some of the greatest advantages the technology can offer your business.

Disaster Survival and Speed

Easily the most obvious benefit. DRaaS ensures your DR plan is easily put into action in an off-site cloud hosting location that is sure to keep it safe and accessible in the event of a disaster that renders your primary site unusable. Moreover, with remote work as the new normal, an increasing number of devices reside outside the security of the company’s firewall. This makes them more susceptible to malware and ransomware, in turn increasing the threat level to your network.

Just as importantly, in the event of disaster, speed is critical. In fact, according to Gartner, the average cost of IT downtime is USD 5,600 per minute. However, because of the way in which different businesses operate, downtime, at the low end, can be as much as USD 140,000 per hour and as much as USD 540,000 per hour at the higher end. In fact, 98% of organizations claim that a single hour of downtime costs over USD 100,000 and 33% of those same enterprises reported that one hour of downtime costs their firms between USD 1-5 millions This is where the true benefits of a DRaaS really shine through since it has the distinct advantage of freeing you from the complex, time-consuming disaster recovery execution. With professionals handling the entire procedure and by operating on a cloud environment, the recovery is extremely quick when compared to other DR solutions.

Cost savings

As mentioned above it is quite clear that simply having a DR plan in place can save you hundreds of thousands of dollars and in some cases could actually mean the difference between a company surviving or going under. However, DRaaS takes savings one step further by removing the need for investing into any expensive off-site disaster recovery infrastructure. You won’t need to invest in the additional physical space, physical hardware, staffing, and cooling. DRaaS follows a simple pay-as-you-go system that scales with your requirements and is generally affordable, no matter what size business you have.


As your business grows, you would normally need to continually expand your IT infrastructure, adding servers and increasing storage capacity. Being cloud-based, DRaaS is inherently scalable and will grow side-by-side with your business. All you really need to do is update is your service agreement with your service provider.

Simplicity and Flexibility

Another great advantage of DRaaS is its flexibility. By its very nature, DRaaS you are not locked into any particular server, database, backup, or network technology, or even operating system. You are free to mix and match as you see fit. Moreover, DRaaS is capable of covering all endpoints regardless of where they are located. All they really need is a working internet connection. Moreover, since the entire system is cloud-based and backed by a team of experienced experts, the entire process of backing up your infrastructure and data is extremely quick and simple.

Visibility and Compliance

With DRaaS you are provided with a simple, user friendly GUI that allows you to freely monitor your data backups, as well as the state of your VM replicas and servers and more. Moreover, this allows you to show your auditors and regulators where your data is and who has control over it, greatly aiding in compliance requirements for your industry or market.

Competitive Advantage

What could possibly be more competitive than ensuring your customers and partners that your business is going to remain operational even in the event of a disaster? Moreover, if a disaster were to strike that would force your competitors out of service, the clients may be forced to turn to you instead.

Easier Testing

DR was always a complex system to setup in the past and testing and optimizing it, in some cases, was harder still. It was also a risky and time-consuming process that could even put your current system at risk. DRaaS however, is an automated system where testing is as simple as clicking on a command.


Our DRaaS solution is amongst the most comprehensive available in the country, giving your business the best expertise, hardware, and experience to prepare for any disaster. It not only supports your business continuity but also improves your compliance with good governance and audit requirements. All our plans include clearly defined RPO and RTO, allowing you to get your business up and running as fast as needed.

Our DRaaS solutions are designed to meet your specific needs.  We deliver an average savings of up to 30% Total Cost of Ownership (TCO) compared to an in-house solution. Even multiple DR zones can be setup for greater flexibility and protection, should you need it. Moreover, our clear, customized Service Level Agreements are backed by 24/7 customer support. Deployment is also extremely quick, easy, and fully controlled by the user. You are also offered a high level of flexibility with the option for shared or dedicated infrastructure choices, including interconnectivity between our KOM4 and DUQM Data Centers. So, don’t wait, get your business protected today and gain a competitive edge in the market while also ensuring business continuity for the foreseeable future.

So, don’t delay? Disasters can happen at any time, the earlier you protect your business the better. You can find out more about our products and services on our website or you can reach out to us via phone on +968 2417 1111 or email