T‑Mobile offers new strategies for disaster recovery and data security

A popular saying in the IT world goes that people are divided into those who use backups and those who eventually will. This also applies to the business sector, where neglecting data security can have severe and costly consequences. How can you protect yourself from them? Technological progress has lengthened the available solutions, making our data safer than ever before.

We often realize the importance of data protection after the fact, when valuable data is lost due to a cyberattack, failure, or human error. Besides reputational damage, this also results in costly downtime for the business. How can such a situation be avoided?

Procedurally, this issue is described by the PN-ISO/IEC 27001 standard and the ITIL best practices developed over 30 years ago for building and managing IT organizations. Initially used mainly by British government agencies, ITIL, based on the Deming cycle (PDCA—Plan-Do-Check-Act), has become a common response to contemporary business requirements related to the IT sector through subsequent updates.

Regardless of standardized norms and recommendations, the most common solution for data security is creating backups. Experts recommend applying the 3-2-1 rule. What does each digit mean?

"3" indicates that data is safe in three copies – one original and two backups. "2" refers to the principle that data should be placed on two different media, which protects against the failure of one of them. "1" is the recommendation that one copy be stored in a different location, safeguarding against local threats – from break-ins to natural disasters or various kinds of accidents.

The 3-2-1 rule, though seemingly combining ease of implementation with effectiveness, does not solve all problems. For businesses, it is not just about data security but also availability. Disaster recovery addresses this issue. How does it differ from a regular backup?

While a backup is simply a copy of data, disaster recovery is not an alternative but a supplement: it ensures access and the ability to read the backup. This is important because, in the event of a failure, a backup can be time-consuming. While it secures data, it requires prior restoration of the infrastructure if it is damaged.

When downtime plays an important role, the solution is to build an infrastructure that allows for the simultaneous running of two identical environments. In the event of one failure, this allows for an immediate switch to the other and the continuation of work, simultaneously ensuring High Availability (HA) functionality.

In practice, this means the necessity of creating Disaster Recovery Centers (DRCs)—additional, geographically diverse data centers with their own infrastructure. This solution is efficient and reliable but requires significant resource commitment.

Fortunately, there is a cost-effective alternative – a service offered by T-Mobile, among others, called Disaster Recovery as a Service (DRasS). What does this solution involve?

DRasS is not just about recovering data but also ensuring the continuity of IT systems offered as a service. It uses an external specialized provider's hardware and cloud technology, equipped with the necessary expertise, a team of specialists, and a robust infrastructure. In the event of a failure, cyber attack, or natural disaster, this ensures high data protection and business continuity.

In practice, this service should be understood as a backup data center, allowing for the emergency restoration of your IT environment on external infrastructure or a public cloud. T-Mobile offers it in a dedicated infrastructure model (Private Cloud) or shared (Virtual Data Center or Microsoft Azure).

Ordinary data restoration and local IT environment recovery may not be sufficient for services requiring particularly high levels of security and reliability. When the highest priority is maintaining work continuity, another T-Mobile service—Metrocluster—becomes the proper solution.

This service extends the functionality of the Virtual Data Center. It involves the simultaneous, exactly mirrored replication of resources to two separate arrays located in different, geographically distant data centers.

This ensures the highest level of security while guaranteeing service continuity and zero (or close to zero) RPO (Recovery Point Objective), describing the frequency and point in time backups are made. This solution is significantly more effective than, for example, traditional backups, where the last performed backup is also the restore point.

In case of any problems, one of the data centers can take over the functions of the local infrastructure, ensuring full, uninterrupted access to resources. This brings the second key parameter – RTO (Recovery Time Objective)- close to zero downtime caused by the need to restore data from backups.