The data recovery market used to be built squarely around natural disasters and power cuts that shut off access to enterprise IT systems, prevented personnel from being on-site or blocked users from being able to visit websites and other systems.
Systems and processes evolved to combat such events, provide a framework for recovery and help the organization to get systems operating again with as little lost time and lost data as possible.
These days, natural disasters have been relegated in importance behind cyber attacks, as they are more likely to bring down the network. The scope of such events has been steadily magnifying in recent years. Let’s look at the trajectory of large cyber attacks over the last decade or so.
Initially, virus infections were all a company had to worry about. Then malware was added into the mix. Things ramped up significantly when distributed denial of service (DDoS) attacks proved themselves able to crash servers and bring down websites. Hacking groups operating out of eastern Europe managed to shut off the internet to an entire Baltic nation not so long ago.
Of late, ransomware is grabbing all the headlines. It has caused entire pipeline networks to grind to a halt, sent meat prices spiraling by shutting down a nation’s largest meat processing firm and in general, caused havoc across the government, health care, education and the financial services sector. Thus, it is recovery from cyber attack rather than disaster that is currently in the spotlight and is the main market driver.
“Recovering from a cyber attack rather than a natural disaster can be quite challenging and requires special features, such as immutable data, recovery from long-term retention or multiple recoveries to determine a clean retention point,” said Michi Schniebel, principal product manager at Sungard Availability Services.
But regardless of whether the cause of downtime is malware, cyber attack or natural disasters, the same basic principles apply — and that’s where the field of data recovery comes into its own. The goal is to be able to recover all, or nearly all, organizational data as quickly as possible, minimize the disruption to the business, achieve a continuance of vital revenue streams and get everything back to normal.
The scope of data recovery
Data recovery encompasses a great many facets. It spans all the way from being able to find and restore a deleted document to the recovery of an entire data center and related applications due to some kind of natural disaster or other major event. Floods, hurricanes, power outages, tornadoes, civil disruptions, riots, tsunamis, earthquakes, system crashes and cyber attacks can take applications, systems or entire data centers offline in an instant. The entire field of data recovery is there to ensure the disruption is contained and that normality can be resumed as soon as possible.
Two of the primary metrics used in data recovery are recovery time objective (RTO) and recovery point objective (RPO). They each have a different emphasis but are often used together.
RPO is about how much data a business is willing to lose before real harm results. For example, a financial services firm that processes millions of transactions every day could lose a fortune if the RPO was one day. In that case, it is generally willing to spend big to ensure the RPO is as close to zero as possible.
RTO, on the other hand, is how much time an application, system or process, can be down for without the business suffering real damage. Again, this is all about lost revenue and reputation. The website of a small business might get away with being down for a few days, whereas an airline can’t afford to have its systems down for more than a few minutes without devastating consequences. Southwest Airlines, for example, had to cancel hundreds of flights due to some IT systems being down. The company lost millions.
Data recovery technology is all about being able to satisfy RTO and RPO goals. It is accomplished in a variety of ways.
See more: Guide to Database Management
Data recovery methods
Backup is one of the basic tools of data recovery. Organizations make a copy of their data and transfer it onto tape, retain it on disk or ship it off-site to the cloud or to a tape repository. It is done according to a pre-set schedule, such as daily or weekly. Full backups can be done or incremental backups occur that only backup new files or those changed since the last backup.
Mirroring or replication of data is another approach. The company retains one set of data on-site and another set either in the cloud or at a separate company data center or at a colocation facility. The basic idea is to have the data existing at another point, often in a different region, to afford broader protection against natural disaster incidents. If one data center goes down, the company can rapidly switch to the other one without much delay.
Some companies operate duplicate data centers that contain all the same equipment, applications and data as the primary data center. But this is expensive. In many cases, they keep key systems available at another location as well as mission-critical data. Those systems can then recover fast while IT labors to bring up other less critical systems over the coming hours or days.
Companies that operate mainly in the cloud tend to use an alternate cloud provider as a source of data recovery. If one cloud goes down, they can bring their systems and data up in the other cloud.
Data recovery features
The scope of data recovery is wide. At a high level, the features enterprise can users expect include:
- Automation: There is too much data, too many systems and too much configuration required for IT to be expected to recover everything from scratch. If they had to do so, a great deal of time would elapse before business could return to normal. Therefore, automation is an essential element. Tools are available that can recover data automatically, such as: automatically synching data between two locations or data centers; automatically failing over to the secondary site in the event of a disruption; and automatically moving user data from one virtual system to another.
- Platform integration: As a complement to automation, data recovery speed is accelerated by consolidating systems and platforms. If IT has a highly heterogeneous IT environment, complexity rises and integration issues multiply. The ideal situation from a business continuity perspective is to achieve a single view across the enterprise and that is easier when the same cloud or software platform predominates.
- Replication/failover: A core function is being able to continue functioning if one data center or server room goes down. Some software helps companies seamlessly failover to another facility. Others use replication, so the data is mirrored to another location.
- Backup: Backups must exist, must be verified regularly as complete and must be easily available to be used as a key part of any data recovery event. When a hurricane took out New Orleans a few years back, one company had its backup files in a cabinet in a high-rise building that they couldn’t get to for days due to flooding.
- Testing: Anyone who fails to test their data recovery strategy before disaster strikes is asking for trouble. Testing invariably unearths shortfalls and points of failure in any disaster recovery plan. Wonderful recovery plans have faltered as no list of employee phone numbers could be found for many days. Testing helps to eliminate such risks.
- Managed services: Data recovery is difficult for many organizations. Options include managed service providers that take care of the function as well as the many disaster recovery-as-a-service (DRaaS) providers that have recently popped up. These providers go a step behind backup to provide a fast way to recover systems.
“Companies should review and test their disaster recovery (DR) plan as well as their backup and restore capabilities in a cyber attack scenario,” Schniebel said.
“Organizations without the bandwidth or skills to perform a cyber recovery should look to enlist a third-party service provider with managed service offerings.”
Data recovery benefits
Some of the key benefits of data recovery include:
- The ability to declare and execute a recovery rapidly
- Recover your entire environment, regardless of the type of disaster or cyber attack
- Protect your reputation and business with minimal downtime
- Confidence through automated testing and white-glove application recovery
Data recovery market and drivers
The global data backup and recovery market is predicted to be worth as much as $15.2 billion by 2027, according to ReportLinker. That’s up from an estimated $8.4 billion in 2020.
The U.S. market is worth about $2.3 billion and is the largest single market. But China isn’t far behind and is growing faster at 11.6% per year. By 2027, the Chinese market should be worth $3.2 billion.
Data replication is the largest and hottest segment, with 8.8% annual growth and accounting for about half of the total market. By 2027, it is expected to be worth $7.8 billion.
The data retention segment is worth much less. The U.S., Canada, Japan, China and Europe combined comprise the bulk of the global market. Yet, combined they amount to less than $1 billion. With an annual growth rate of almost 9%, that number should rise to $1.7 billion by 2027.
Data recovery vendors
There are a many companies operating in this space. These include:
- Sungard AS
- Recovery Point