Blog

High availability vs. disaster recovery

Written by Zack Link | October 20 2022

Redundancy, risk assessment, data loss prevention, disaster recovery, high availability — these terms are all part of the growing conversation about data resilience

But what are the differences among these different terms, and why are they important? Below, we’ll compare high availability with disaster recovery and explain how each plays a role in maintaining strong data resilience.

What is high availability?

High availability (HA) describes systems that can operate continuously at a high level without a single point of failure. To achieve high availability, companies may employ anything from a few spare servers to a fully redundant network infrastructure with automatic failure detection. 

High availability doesn’t prevent outages, cyberattacks, or other major events; it just ensures that critical operations can continue in the face of those events. It’s critical for medical systems, municipal operations, data centers, financial services, and any other organization that relies on access to their important data at all times. 

High availability is usually calculated as a percentage of uptime in a given year. Some common benchmarks are 99% (“two nines”), 99.9% ("three nines”), 99.99% ("four nines”), and 99.999% ("five nines”). While these percentages may seem high, it’s worth noting that 99% availability translates to over three days of downtime annually and nearly 15 minutes daily. 

As TDWI notes, even small amounts of downtime can harm critical data, impact customers and employees, and cause significant financial loss. With high availability, businesses are better able to protect against this kind of downtime and loss.

How is high availability achieved?

The more complex a system is, the more points of failure there are — and the more difficult it may be to achieve high availability. However, there are still lots of ways to promote high availability, including redundancy, automated systems, and detection and quick remediation of failures. 

One of the most important features of a system with high availability is clusters: groups of redundant servers that can detect issues and immediately reroute operations without requiring administrative intervention. This automatic rerouting process (a.k.a failover) allows users to transparently and seamlessly switch between broken and working nodes

High availability clusters rely on redundancy to eliminate single points of failure. They might include multiple network connections, redundant data storage, and even clustered pairs of load balancers that ensure that the rerouting process does not fail if a single load balancer goes down.

What is disaster recovery?

Like high availability, disaster recovery is an important component of maintaining business continuity. It’s the process by which a company regains access to and functionality of its IT infrastructure after major disruptions like natural disasters or cyberattacks. 

At its core, effective disaster recovery relies on maintaining redundant data and processes in a location not affected by the disruptive event. For instance, companies may store their backups in a different cloud than the one that hosts their main data, or they may use a secondary data center in another state or region. 

Disaster recovery continues to grow in importance. The last three years have seen significant disruptions to companies, including:

  • The rise of ransomware, thanks in part to the rapid growth of remote work.
  • Increasingly sophisticated phishing attacks and social engineering.
  • The growing threat of severe weather events and climate disruptions.
  • Geopolitical and economic instability, including nation-state threat actors.
  • A changing regulatory environment.
  • And even a lack of IT personnel on the premises due to pandemic lockdowns.

 Because disaster recovery involves complex systems and processes, a good disaster recovery plan will include a variety of elements. Below, we’ll dive into some of the most important elements.

A dedicated response team with clear communication

The first component of disaster recovery is a designated team that will create, implement, and oversee the company’s disaster recovery plan. Team members must communicate this disaster recovery plan clearly and know who is responsible for what, including customer and vendor outreach.

Data backups

Another key element of disaster recovery is maintaining regular backups via off-premises data centers, cloud storage, third-party Backup as a Service (BaaS) providers, or hybrid infrastructures. Based on the amount of downtime they can reasonably handle, companies will need to determine what data needs to be backed up, how often backups should be performed, and who should perform them.

A recovery timeline and RTO

With the help of a disaster recovery team, organizations can set goals and timeframes for when their systems and operations should be back up. Depending on your industry, you may be able to adopt a longer timeline, or you may need to be back to normal in mere minutes. 

One helpful metric is the recovery time objective, or RTO, which helps define the maximum amount of downtime you can experience before you complete your disaster recovery process.

Software solutions

Some companies may turn to third-party solutions to help facilitate smoother, quicker disaster recovery. For instance, Disaster Recovery as a Service (DRaaS) providers can move an organization’s operations to their own cloud infrastructure in the event of a disruption, allowing a business to continue working from the vendor’s location. 

Alternatively, virtualization solutions can allow companies to replicate their data, their operations, or even their entire computing environment with off-site virtual machines. These solutions may help some businesses speed up the recovery process.

Regular testing and risk evaluation

Finally, disaster recovery plans must be regularly tested to identify and fix gaps. Companies should also update their data security strategies regularly and assess new and evolving risks to their operations. To maintain business continuity, it’s crucial to prepare for the worst-case scenario and have a plan in place to navigate that scenario.

How do high availability and disaster recovery differ?

Both disaster recovery and high availability are essential for maintaining business continuity — but they’re not the same thing.

 High availability architecture is responsible for keeping critical operations running when a system fails or is attacked. As Cisco explains, HA architecture enables backup systems or components to take over, allowing users and applications to continue working without disruption. It’s what makes a company able to switch from a broken system to a working one without interruption. 

Disaster recovery, on the other hand, is responsible for bringing back the IT components and systems that suffered an attack, outage, failure, or other disruption in the first place. It’s a broader endeavor that requires recovering data, restoring system functions, and resuming operations — often in response to larger and more severe events. 

With high availability, an organization may be lucky enough to never need their disaster recovery plan. However, in the event of a major event that damages underlying HA systems, you’ll be glad to have that plan in place.

How we can help you maintain high availability and strengthen data resilience

Our patented Microshard™ technology operates transparently and in real-time to shred, mix, and distribute data across multiple customer-owned storage repositories. The result is strong data resilience in the face of tampering, deletion, outages, and ransomware. 

High availability and failover

We achieve high availability at multiple levels. First, each instance of ShardSecure is a virtual cluster that can be run on-premises or in the cloud.

Theoretically speaking, there is no limit on the number of nodes that you can add to a virtual cluster for increased throughput and availability. Practically speaking, though, we recommend capping the number at 11. In multi-cluster environments, we recommend placing them in separate geographic locations for on-prem deployments, or in different cloud regions or different cloud providers.

It’s also possible to put multiple instances behind a global load balancer. This means that companies can maintain their business continuity even in the face of ransomware attacks, outages, and more. 

Multiple data integrity checks

Using an automated control, ShardSecure’s data integrity checks respond to unauthorized modifications by reconstructing affected data to its earlier state in real-time. Your users will continue operating as if nothing has happened while we alert your SOC to the situation.

Ease of deployment

Microshard technology works across multiple clouds as well as in hybrid-cloud environments that use a mix of on-premises and public cloud services.

 

Contact us today for more information about maintaining high availability, recovering from disruptions, and strengthening your company’s data resilience with ShardSecure.

Sources