Download Publication

Disaster Recovery as a Service (DRaaS) is a cloud computing service model that allows an organization to back up its data and IT infrastructure in a third-party cloud computing environment. This as-a-service model enables an organization to regain access and functionality to its IT infrastructure after a disaster. For the model to be effective, cloud service providers must supply backup and recovery that seamlessly ensures operational resilience in-line with the customer’s business and compliance requirements.

This document by the Security as a Service Working Group aims to increase awareness of recent changes in backup and disaster recovery services and technologies. We discuss the different DRaaS architectures, services offered, and security best practices, making it possible to regain access and functionality after a disaster.

Key Takeaways:

• The proper division of shared responsibilities between the cloud provider and the cloud customer for different DRaaS services
• The features, advantages, and disadvantages of four architectural models: one non-DRaaS model (in-house own data center no cloud) and three DRaaS models (in-house own data center with cloud, hybrid cloud, and multi-cloud)
• The types of backup and disaster recovery services
• Which best practice considerations should be addressed to ensure that DRaaS Services are secure, including usable checklists
• The most significant benefits of DRaaS services and why you should use them as part of your disaster recovery plan
• The definitions of different cloud architectures from multiple sources including NIST, ISO, and IBM

Who It’s For:

• System auditors
• System engineers
• System architects
• System administrators
• Cloud engineers
• Cloud architects
• Cloud administrators
• Project coordinators