A new way to boost business continuity: DR with smart endpoints and a software-defined perimeter (SDP)

Published: Monday, 17 February 2020 14:07

The benefits of the cloud as the prime location for disaster recovery backups are well known and accepted by many organizations, but what is often missed is the associated reliance on VPNs, a technology that’s not really designed for the cloud says Don Boxley…

The focal point of business continuity is being prepared before a disaster occurs that disrupts your operations. Having effective disaster recovery (DR) in place is thus key to effective business continuity planning. And today, the best DR is achieved in the cloud rather than on premises, for several reasons.

When backups are offsite in the cloud, they remain safe if a physical disaster occurs that would otherwise threaten data loss. Doing DR in the cloud also eliminates the high cost of on-premises DR maintenance.

Saving money on storage is a big reason that the cloud has become so popular for safeguarding sensitive backups—who needs the added expense of physical infrastructure when you can keep data safer without it? There’s a caveat to all of this, though, when it comes to disaster recovery, which is that when you use the cloud to house data off premises, enterprises are only as effective as their ability to link their cloud targets with their source systems on-premises.

Replacing the VPN model

For this vital connection, organizations have more than one option. Yet the fallback solution for many businesses is technology that’s not really designed for the cloud: VPNs, or virtual private networks. Originally conceived to join remote physical locations together, VPNs still can achieve this goal. It’s when you try to shoehorn VPN into cloud settings that the wheels come off.

You don’t have to take my word for it—a simple glance at the headlines in any given week reveals that data breaches have become ubiquitous and commonplace—a sign that VPNs, which worked just fine for on-premises situations—are insufficient where the cloud is concerned.

Fortunately, the VPN model has a more effective alternative when it comes to the cloud. SDPs, or software defined perimeters. This is a ‘smart endpoint’ approach that overcomes VPN deficiencies and limitations in the cloud, helping businesses enjoy cloud-based disaster recovery.

Let’s talk more about what has led VPNs to become outdated and a hindrance to business continuity when it comes to cloud DR. First, think about today’s environment. You’re much more likely to see hybrid and multi-cloud deployments. Yet VPNs expose large swaths of a network due to their traditional ‘castle drawbridge’ approach. Lateral network attacks become much more likely in such scenarios, allowing uncredentialed interlopers to potentially access information that they shouldn’t. Even if you use firewalls and access control lists, you aren’t necessarily doing enough to ensure true security - not to mention the extensive needs for IT maintenance. There are configuration complexities as well. All of these drawbacks begin to derail the agile connections needed to optimize business value and business continuity for disaster recovery.

Switching DR from VPN to SDP

When you compare SDPs to VPNs, you’re looking at polar opposites. While VPNs can be characterized as high maintenance, resource intensive, and network revealing, SDPs are flexible, dynamic, and fast -in other words, they’re smart endpoints. SDP software is configured in such a way that lateral attacks are mitigated. With SDP enhanced-DR software, there are only perimeters between the pair of application endpoints rather than the entire network, diminishing the potential attack surface.

The quick configuration of SDP also is the opposite of VPN, which is why the former approach works so well in hybrid/multi-cloud scenarios. After the necessary connections happen, the ports transmitting data between apps become hidden, eliminating any potential attack surface for a cyber criminal.

As SDP enhanced-DR software become the new standard for disaster recovery and VPN maintenance costs become a thing of the past, SDP enhanced-DR software is poised to disrupt the current market. These adaptable smart endpoints will improve business continuity in hybrid and multi-cloud settings. Downtime will be reduced in the event of a physical disaster, and recovery time will be accelerated. By blending cloud DR software with SDP, cloud deployments can morph from unpredictable to reliable.

The author

Don Boxley is a DH2i co-founder and CEO. Prior to DH2i, Boxley has spent more than 20 years in executive management positions for leading technology companies, including Hewlett-Packard, CoCreate Software, Iomega, TapeWorks Data Storage Systems and Colorado Memory Systems.  Don earned his MBA from the Johnson School of Management, Cornell University.