Understanding backup and disaster recovery
What is backup?
Backup is the process of making one or more copies of data to protect against loss or corruption. Backup solutions store copies locally, remotely, or both, enabling recovery when data is accidentally deleted, overwritten, or corrupted.
Local backups restore faster; remote backups offer greater resilience through geographic redundancy. Backups are typically stored in a compressed state on low-cost, low-performance storage, as speed of restoration is not their primary design goal.
What is disaster recovery?
Disaster recovery refers to the plan and processes for quickly restoring access to applications, data, and IT resources after a disruption. This typically involves failing over to a secondary or recovery site, a redundant set of servers and storage, until the primary environment is operational again.
Failover is not automatic; it is triggered by an authorised team based on a deliberate decision. Disaster recovery solutions can also restore applications from a previous point in time, making them effective against ransomware encryption, database corruption, and misconfiguration.
Backup vs. disaster recovery: key differences
How to choose between backup and disaster recovery
Backup and disaster recovery are not mutually exclusive. Most organisations need both, applied selectively based on the criticality of each application. Consider three key factors:
Purpose
Backups are best for recovering specific files or data objects, long-term archiving, and compliance-driven data retention. Disaster recovery is the right choice when you need to restore fully operational applications after an IT disruption with minimal downtime.
Speed of recovery
Backup restoration is slow by design. Disaster recovery solutions replicate critical workloads and enable rapid failover, achieving RTOs of minutes and RPOs of seconds. Backup solutions cannot meet these SLA requirements.
Resource allocation
Backups are stored on low-cost, compressed storage. Disaster recovery requires a secondary site with live or near-live infrastructure ready to accept a failover at any time, which demands a greater resource investment. However, the public cloud significantly reduces this cost.
What is the business impact of poor disaster recovery?
The financial, reputational, and compliance consequences of inadequate disaster recovery can be severe:
- Direct financial loss from downtime of revenue-generating applications and customer-facing systems.
- Indirect financial loss when customers abandon your service for a competitor after prolonged unavailability.
- Reputational damage that can take years to repair, a single extended outage can permanently erode customer trust.
- Compliance breaches. It defines frameworks including SOC, PCI, and HIPAA require documented disaster recovery plans. Some specify minimum physical distance between source and recovery sites.
Note that the business impact of a disruption can vary significantly by timing. A payment system outage during the peak retail season (October to December) carries far higher costs than the same outage in a quieter period.
How to define recovery objectives: RTO and RPO
Before selecting a disaster recovery solution, define the Recovery Time Objective (RTO) and Recovery Point Objective (RPO) for each application. These metrics are agreed upon by all stakeholders and drive both technology selection and costs.
Recovery Time Objective (RTO)
RTO is the maximum acceptable time from disruption to full-service restoration. A lower RTO requires more sophisticated and typically more expensive infrastructure.
Recovery Point Objective (RPO)
RPO is the maximum acceptable data loss, measured in time. An RPO of zero means no data can be lost; an RPO of 24 hours means up to one day of data loss is tolerable.
Common RTO and RPO standards by application tier
Why use the public cloud for disaster recovery?
Public cloud services from providers such as Microsoft Azure and AWS have transformed the disaster recovery market. The elasticity and pay-per-use model of cloud infrastructure enables workload replication at low cost and activates full compute resources only when a disaster occurs.
Advantages of public cloud disaster recovery
- No hardware investment. You pay for compute resources only when you use them during an actual failover. This eliminates capital expenditure and avoids duplicate resource provisioning.
- Reduced software licensing costs. Most software vendors do not require duplicate licences for standby systems, meaning you can sync servers to cloud storage without running active licences.
- Lower infrastructure costs. Replicate applications into low-cost cloud storage and scale up compute only at the moment of failover, eliminating the ongoing cost of maintaining a fully provisioned secondary data centre.
- Advanced automation. Cloud disaster recovery platforms reduce manual maintenance through automation, minimising conversion time between environments and the human effort required to execute a failover.
Putting it all together
Not every application needs the same level of protection. A business impact analysis for each workload, weighing downtime costs, compliance obligations, and SLA commitments, will determine whether it requires a cost-optimised backup solution or a full disaster recovery capability.
Once those requirements are defined, the public cloud offers a compelling way to meet RTO and RPO targets while keeping the total cost of ownership low. The combination of pay-per-use pricing, geographic redundancy, and built-in automation addresses the key limitations of traditional on-premises recovery sites.
Need help planning your disaster recovery strategy? The Baltic Amadeus cloud engineering team can assess your current setup, define appropriate RTO and RPO targets, and design a cost-effective recovery architecture on Azure or AWS. Get in touch with our team.
Frequently asked questions about backup and disaster recovery
What is the difference between backup and disaster recovery?
Backup is the process of creating copies of data to protect against loss or corruption. Disaster recovery is the broader plan and set of processes for restoring full application functionality after a disruption. Backup preserves data; disaster recovery restores operations.
Can backup replace disaster recovery?
No. Backup alone cannot restore business operations after a major IT disruption. Restoring data from a backup does not mean your applications are running. Disaster recovery solutions replicate entire workloads and enable rapid failover to a secondary site, meeting the tight recovery time objectives that backup cannot achieve.
What do RTO and RPO mean?
Recovery Time Objective (RTO) is the maximum acceptable time an application can be unavailable after a disruption. Recovery Point Objective (RPO) is the maximum acceptable amount of data loss, measured in time. For example, an RPO of one hour means you can tolerate losing up to one hour of data.
Is the public cloud suitable for disaster recovery?
Yes. The public cloud's elasticity, scalability, and pay-as-you-use pricing make it an ideal disaster recovery site. Cloud providers such as Microsoft Azure and AWS allow you to replicate workloads into low-cost storage and spin up compute resources only during an actual disaster, dramatically reducing capital and operating expenditure.
