Disaster Recovery (DR) is the core of business continuity: it’s about ensuring services survive a crisis or are restored within a predetermined timeframe (RTO/RPO). The biggest threat today isn’t just fires or floods, but above all ransomware. The key to survival is proper backups, their immutability, and regular testing.
Why we need Disaster Recovery today
DR is part of the business continuity strategy and focuses on the IT infrastructure and the workloads that keep the company running. The goal is to keep services operational or restart them quickly according to predefined RTO (how quickly to restore) and RPO (how much data can be lost) objectives. These parameters should be based on real business needs, not ideals, and they directly influence the choice of technologies and the budget.
There are many threats, from human error to natural events, but the greatest pressure today comes from ransomware. Attacks demand ransoms in the millions, and those are only the reported cases; the costs of downtime are often even higher. If you can restore data reliably and quickly, the pressure to pay the ransom drops dramatically. DR is therefore not a luxury, but insurance against the costliest kind of outage — unplanned silence in your services.
Backups, the 3-2-1 rule, and the immutable copy
Backups are the heart of DR, and the classic 3-2-1 rule advises having three copies on two types of media, with one kept off-site. A modern add-on is the “+1”: at least one copy must be immutable. Don’t confuse this with an “air-gap” approach; a disconnected storage system is not automatically immutable. An immutable copy must be protected against deletion or overwriting for a chosen period so that it withstands even a compromised account.
There are several ways to achieve this. Physical tapes with WORM mode offer “natural” immutability, ideally in a secure off-site archive, but they require discipline and management. Object storage using the S3 protocol supports time locks and retention; it works in the cloud and on-premises, with on-premises helping meet strict security policies (e.g., deploying the open-source MinIO). Immutability can also be addressed at the file system level: for example, read-only snapshots (ZFS) sent to remote storage, or using XFS with immutability flags combined with a “hardened” repository in selected backup solutions. It’s important not to leave snapshots on the same server — with compromised root access they would lose their protection.
Choosing methods, replication, and DRaaS services
In an ideal world there’s a dedicated DR team; in reality it’s often a single “admin.” That makes it all the more important for leadership to understand the value of IT, otherwise the budget won’t stretch to a reliable plan. Start by identifying critical assets (not everything is equally important), performing a risk analysis based on your environment, and clearly setting RTO/RPO. These will then determine the right mix: from fast immutable backups to asynchronous replication and secondary sites.
In a virtualized world, replication at the hypervisor level (VMware vSphere, Microsoft Hyper‑V Replica) or third‑party solutions is available. Beware of permanently linking the DR site with production: with ransomware, the infection can spread there too unless you have isolation or immutable restore points. Whatever you choose, the rule is: test at deployment and continuously, keep a clear recovery “runbook,” and regularly train the responsible people. If you lack capacity or expertise, consider a managed DRaaS model, where the provider takes over planning and operations.
