The future of disaster recovery lies in a future without the public internet

Disaster recovery has become a primary source of value for enterprises who are not only pursuing cloud adoption, but who are also building out hybrid- or multi-cloud strategies.

disaster recovery plan ts

What is it that’s driving enterprises to the cloud?

That’s a long list: Web-based storage, stability, easier remote access and reductions in maintenance and associated costs are a few of the most frequently cited reasons. But, the number one application on organizations’ minds when they’re mapping out cloud migration strategies is disaster recovery (DR). Consequently, disaster recovery has become a primary source of value for enterprises who are not only pursuing cloud adoption, but who are also building out hybrid- or multi-cloud strategies.

But, what are the building blocks of an effective DR strategy? And, with cyberattacks like ransomware and DDoS escalating at an alarming clip, how can enterprises implement a DR strategy that’s able to keep pace with this threat?

The growing problem of DDoS, flooding and ransomware

DDoS perpetrators had their best year yet in 2016. Unfortunately, 2017 will only see this trend get worse, with DDoS attacks predicted to grow 70 times bigger this year alone. This is alarming in its own right, as the ripple effects and repercussions of a single DDoS attack are now growing more pronounced and widespread than ever before. But what makes this especially concerning is that it comes at a time when enterprises are increasingly moving more of their workloads from on-premise sites into the cloud.

The more that companies shift their business-critical data and services into the cloud, the more they put themselves at risk of being cut off from those mission-critical assets in the event that a DDoS attack carried out across the public internet floods the enterprise’s connections to the cloud.

It’s not just DDoS. We’ve seen an alarming 250 percent rise in ransomware attacks in just the opening months of 2017, which are wreaking havoc on enterprises all over the world. The WannaCry attack might have been an especially prolific example of this kind of attack, but it was just one in an avalanche of ransomware strikes that are becoming progressively more adept at digitally locking up essential corporate data behind ransom demands (and with no guarantee of release even if the ransom is paid).

Multi-cloud is just a band-aid on a bigger problem

Multi- and hybrid-cloud models have become cornerstones of DR strategies today. If one cloud is suffering downtime because of provider slowdown or a DDoS attack, the enterprise can access its workload via another cloud.

But, the hub-and-spoke design of these models — where shifting workloads from one cloud to the next requires moving them through the enterprise first, and doing so over the public internet — makes the strategy itself into a key vulnerability. If DDoS attackers are flooding out that enterprise’s connections to the cloud, then the workload can’t be moved from, say, Microsoft Azure to Google Cloud. And, in that increasingly common scenario, the benefits of the multi-cloud strategy are rendered entirely moot.

Building cloud-based disaster recovery on a public internet bypass

If we can accept that DDoS and ransomware attacks are only going to get worse, then we should accept another truth about them as well: That as long as enterprises rely on the public internet for business-critical services, they are opening opportunities for DDoS and ransomware attackers to impede their critical traffic or lock out their mission-critical data. That means cloud access — and access to business-critical workloads being kept in the cloud — can be dismantled at any given time.

As these scenarios become more and more prevalent, we have to wake up to the fact that relying solely on the old era of multi-cloud and that approach to disaster recovery can be a disaster in and of itself. In 2017, an effective DR plan has to rely on the next generation of a multi-cloud strategy.

A truly modern multi-cloud DR strategy needs to be built on the principle of bypassing the public internet entirely. Creating private, reliable connections with multiple cloud platforms — both public and private alike — that can be activated quickly will allow enterprises to move forward in a cyber landscape besieged by escalating DDoS and ransomware threats.

No one can put the genie back in the bottle when it comes to DDoS and ransomware. Instead, enterprises need to look at crafting cloud and disaster recovery strategies that aim to cut the public internet — and with them, DDoS and ransomware attacks — out of the equation altogether.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2017 IDG Communications, Inc.