Top 5 criteria to consider in a data protection provider

Your organization’s data is money unaccounted for on the balance sheet, and it must be protected. A secure production site with no single point of failure goes a long way, but disaster recovery is the insurance that keeps you running in case of a fire, cyber attack, or accidental database wipe. Many factors, most importantly cloud economics, have been a driving factor in the growth of disaster recovery, making it imperative to business continuity.

You need simple data protection. There are a few things to look for, including a provider whose economy of scale and economy of knowledge you can leverage. What else should you look for in a provider?

As a technical architect, I’ve had a lot of experience working with different technologies and understanding what clients need to keep their operations running. Below is what I think is the most important criteria when evaluating potential hosting providers.

1. Transparency and visibility into maintaining SLA around RPO and RTO: Perhaps what is most important is the Service Level Agreement between you and your provider. What is it, and does it meet the needs of your applications? More importantly, does it meet the needs of your users? You can only afford a certain amount of downtime, and you need a clear understanding of your provider’s ability to recover and restore your operations within the timeframe that works for you.

2. Will you have enough reserve resources? When disaster strikes, you never know what will happen. What if you experience an outage during peak user times? You and your provider need enough compute and memory resources, disk space, network connectivity and bandwidth to handle the production stack failure and the surge in user activity. Ask your provider what their offerings are and get resources dedicated specifically for you.

3. Expert staff: Outsourcing is done for a reason – you don’t have the time, people or resources to manage your stack. That means you need someone who has knowledge of how your applications are configured and what they need to run smoothly while making sure they stay in sync with each other. If your provider doesn’t understand that, they can’t architect a solution to fit your needs, and your site may not be replicated properly. You don’t want to find that out in the middle of a failover.

4. Clear process: In line with the above point, you also need dedicated, expert staff to coordinate the failover process should you need to move to your recovery site. You’re hiring someone to be physically present when your equipment fails, so be sure they’re actually there. Do they also have a clear and detailed process for failing back to your production site when it is ready? You’ll need the same knowledge and expertise of your infrastructure, network configuration, hardware and software at your production site as you do with your recovery site.

5. Testing, testing: The status of your recovery site should be available in real time and easy to understand. Does your provider offer simulated and live testing? Do they handle all testing for you, or can you test yourself? Find out how often you can test. You should test at bare minimum once a year, preferably more often. Don’t ignore this critical part of your DR plan.

When it comes to hiring the right data protection provider, nothing can be overlooked. If you pick someone who offers more than just Disaster Recovery as a Service (DRaaS), you’ll save money and many hours scrambling to contact your other vendors when you suddenly need extra resources for your stacks. If you follow each of my considerations, at the end of the day, you’ll find yourself with a true business partner, not just a data protection vendor.