WHI T E PA PER
HOW TO SELL
DISASTER RECOVERY
TO SENIOR MANAGEMENT
11:11’s market-leading Disaster as a Recovery Service (DRaaS).
D IS ASTER R ECOVE RY
RETHINK CONNECTED
Copyright © 2022 11:11 Systems. All rights reserved.
CONTENTS
Executive Summary
01
Having Trouble Selling DR to
Senior Management?
02
Capture the Attention of Senior Execs
Should You Perform IT Recovery In House
or Outsource?
04
07
How 11:11 Can Help
11
Summary/Conclusion
12
Discover the 11:11 Difference
15
WHI T E PA PER
01
If you’re like many organizations, you have an inadequate
disaster recovery (DR) program that leaves you vulnerable
to risks, such as loss of revenue or penalties and fines,
not to mention the potential for negative impact to
your business reputation due to downtime or data loss.
Despite these risks, you’re likely having a difficult time
justifying an adequate investment in DR to your senior
management. You may feel like the only way you can
attract management’s attention to this issue is to manually
pull the plug on your data center on a regular basis.
This white paper gives you strategies for getting on the
same page as senior management regarding DR.
These strategies include:
• Striking the use of the term “disaster” from your vocabulary,
making sure management understands the return on
investment (ROI) of IT Recovery
• Speaking about DR the right way—in terms of risk mitigation
• Pointing management towards a specific solution
We will then offer guidance on the best way to implement
DR by migrating to the cloud and provide insight into 11:11’s
market-leading Disaster as a Recovery Service (DRaaS).
RETHINK
CONNECTED
Copyright © 2022 11:11 Systems. All rights reserved.
WHI T E PA PER
HAVING TROUBLE SELLING DR
TO SENIOR MANAGEMENT?
One reason relates to common attitudes towards risk. While
people are risk-averse and willing to pay to mitigate risk, they do so
only when their own money is at stake. When company money is
on the line, they’re far more willing to take risks. As a Senior Analyst
at Forrester Research said, “Organizations are willing to accept far
more risk than I would have ever thought possible.”
Another reason for this challenge is that organizations, like yours,
believe that they have a comprehensive DR program when, in fact,
their program is incomplete. Organizations often install backup/
recovery hardware and software but fail to consider the processes
necessary to implement a DR solution. This includes:
• Mapping business processes to all the supporting applications
and IT systems so the DR plan protects the entire business
process rather than isolated applications
• Developing complete recovery processes to ensure that the data
center is fully recoverable
• Fully testing DR plans with end user and application stakeholder
involvement
• Pre-configuring and validating end user access
• Using the results of testing to optimize recovery plans
• Implementing comprehensive processes for change
management to sync recovery processes to changes in IT
systems
• Categorizing business criticality with application tiering
• Educating and collaborating with management on tiering
structures for better RTO and RPO outcomes and the business
impact
RETHINK
CONNECTED
02
WHI T E PA PER
HAVING AN INADEQUATE DR PLAN
CAN NEGATIVELY IMPACT YOUR
ORGANIZATION, LEADING TO:
• Interrupted service. During Hurricane Dorian in 2019, data
centers throughout the Southeastern U.S. and Canada
experienced interruptions due to flooding.
• Lost sales and revenue. In 2019, American Airlines confirmed
there was an issue with the Sabre flight reservation and booking
system, used by several major airlines—including WestJet, Alaska
Airlines, and JetBlue. Any type of downtime can cause millions of
dollars in lost sales and revenue.
• High costs. 93% of companies without Disaster Recovery who
suffer a major data disaster are out of business within one year.
• Potential supply chain disruptions. Disruptions to one partner
can cause problems for partners up and down the supply chain,
which means that a company may not be able to deliver product
due to events that occur around the world
• Loss of reputation due to bad press about an outage.
For example, on February 7, 2019, Wells Fargo tweeted, “We’re
experiencing a systems issue that is causing intermittent
outages, and we’re working to restore services as soon as
possible. We apologize for the inconvenience.” Many customers
returned with tweets bashing the bank that affected Wells
Fargo’s reputation and ultimately their business.
Despite these risks, many IT organizations continue to face
significant challenges in persuading senior management to
provide the budget necessary to implement comprehensive DR
programs.
RETHINK
CONNECTED
03
WHI T E PA PER
CAPTURE THE ATTENTION
OF SENIOR EXECS.
So how can you get your executives to pay attention
to DR so you can protect your organization from data
center interruptions?
The following strategies can help you achieve
this goal:
Strike the term “disaster” from
your vocabulary.
When people think about disasters, they imagine
low probability events, such as widespread regional
outages caused by floods, earthquakes, and acts
of terrorism. Yet most downtime is caused by
mundane events, including hardware failure, severe
weather, human error, or power outages. In addition,
there has also been a rise of malicious employeebased incidents and external security events causing
havoc on IT environments. Senior management is
far more likely to pay attention to high-probability
events.
By excising the word “disaster” from your
vocabulary—and referring to this challenge as IT
Recovery—you can prevent senior management
from seeing DR as something necessary only for
unlikely events.
RETHINK
CONNECTED
04
WHI T E PA PER
Refer to IT recovery in terms of risk
mitigation.
C-level executives understand the concept of risk and
are comfortable thinking in terms of risk mitigation.
Talk about the risk of losing thousands to hundreds of
thousands of dollars in revenue due to the interruption
of a mission-critical application. One way to approach
this would be:
• Identify all the risks.
• Prioritize them by probability and business impact,
which is defined as the hours of downtime multiplied
by the cost per hour of downtime. Remember that
costs can vary seasonally. The cost of downtime may
be greater when the organization is working on endof-year financials or during peak holiday seasons.
• Ask executives to identify the risks they’re willing to
mitigate versus the risks they are willing to accept
(leave unmitigated).
• Work with executives to develop a program that starts
with mitigating the highest-probability, highest-impact
risk, but that then evolves over time to address lowerprobability events
Explain the benefits of IT Recovery.
Make sure management understands the benefits
they can achieve from IT recovery, including:
• Get a competitive advantage. A customer
experiencing one frustrating event can easily move
their business elsewhere.
• Generate more revenue. At the most basic level,
faster recovery means your mission-critical, revenuesupporting applications stay, well, up. But you can also
turn IT recovery into a revenue-generating mechanism.
RETHINK
CONNECTED
05
WHI T E PA PER
For example, an outsourcing customer charged one
price for hosting an application-as-a-service and a
higher price for recovering that application.
• Address supply chain demands. When your
organization is part of a supply chain, your customers
may demand to know what will happen if you go
down. By implementing an IT recovery program, you
can respond to these customer demands.
• Meet regulatory and compliance requirements.
Many laws and regulations require organizations to
implement risk mitigation policies, practices, and
procedures. An IT recovery program allows you to
meet these requirements.
• Fulfill service-level agreements (SLAs). Many business
agreements include SLAs that specify penalties for
noncompliance or non-performance. An IT recovery
plan helps organizations avoid these penalties.
• Meet fiduciary responsibilities. C-level executives
have a commitment to implement practices and
programs that protect their business. CFOs must be
responsible stewards of their shareholder’s assets.
C-level executives can go to jail or receive personal
fines if they don’t comply with these requirements.
This is why C-level executives’ roles require them to
think about IT recovery.
Point Management to a
Specific Solution.
It may work best to not simply focus on the fact that
management needs to spend more on IT recovery but
rather to recommend which applications require an
active recovery plan. To simplify implementation, think
about cloud IT recovery just as you would any other
business process.
RETHINK
CONNECTED
06
WHI T E PA PER
07
SHOULD YOU PERFORM IT
RECOVERY IN HOUSE OR
OUTSOURCE?
Outsourcing can play a key role in
implementing your IT recovery process.
To help you determine whether this is the
appropriate course for your organization,
ask yourself the following questions:
Q
Q
Q
Do you face any
regulations that
would prohibit
outsourcing?
Even if such regulations exist, you may be able to outsource
strategically. Look at your organization and determine
whether you have any tasks that you are permitted to
outsource. By offloading these tasks, you can focus internal
resources on areas that are highly regulated.
Do you fear
loss of control?
By employing an outside party to provide IT services, you
may be concerned that you are letting another group of
individuals access your data and systems. To mitigate this
risk, make sure that the outsourced service provider has
safeguards to protect information against unauthorized
access or false manipulation during creation, transmission,
storage, and retrieval operations involving third parties. Also,
be sure the outsourcer understands and addresses your
compliance requirements.
Are you concerned
about increased
risk?
Some cloud service providers are viewed as taking control
away from your organization’s IT department, which may
cause concern about whether you are truly protected.
If you are concerned with loss of control, select a cloud
service provider that operates as an extension of your IT
organization under your guidelines.
V isit us at 1 1 1 1 S YS T E M S .CO M
WHI T E PA PER
Q
Do you want to
lower your total
cost of ownership
(TCO) for your IT
recovery program?
08
With traditional on-premises DR solutions, you need to
purchase hardware, software, and other infrastructure
according to a 1:1 scale for your production data center,
and then you will need to purchase more as your data
grows. The overall TCO for an outsourced DR solution—
including the program, hardware, and recovery software—
is significantly lower than for in-house solutions. Lower
hardware and software costs result from the outsourced
provider’s ability to achieve economies of scale when
acquiring technology for use by a large number of
customers as well as specialized expertise in implementing
and maintaining these solutions. Outsourced service
providers reduce program costs by investing in automation
technologies, including libraries and templates of runbooks
and procedures, that dramatically reduce the time it takes
to develop. At the same time, the expertise, pre-developed
procedures, and automation that service providers deliver all
work together to make IT recovery programs more effective.
RECOVERY TCO:
ANNUAL
HARDWARE COSTS
PROGRAM
COSTS
DR SOFTWARE
COSTS
• Space
• Application Mapping
• Backup Software
• Power
• Procedure Development
• Servers
• Test Planning and Execution
• Backup Software
Maintenance
• Storage
• Post-Test Analysis
• Backup Appliances
• Networking equipment
• Recovery Lifecycle
Management
• Disaster Recovery
• Security
• Production Costs
• Management and
Monitoring
• Hardware Maintenance
Management
and Monitoring
• Production Costs
• Network
• Backup Space and Power
RETHINK
CONNECTED
Copyright © 2022 11:11 Systems. All rights reserved.
WHI T E PA PER
DO YOU REALLY WANT
TO FOCUS ON IT
RECOVERY INSTEAD
OF BUSINESS STRATEGY?
Many organizations find that having in-house staff
perform IT recovery diverts valuable IT resources from
supporting the organization’s core business activities.
Faced with the high costs and substantial staff necessary
to design and implement an IT recovery plan, many
organizations are turning to managed service providers to
perform these tasks rather than do so in-house.
With considerable expertise specifically devoted to IT
recovery, cloud service providers can help you achieve
the following:
• Speed: DRaaS provides much faster, automated, and
more reliable recovery options than traditional DR
approaches with years of DR expertise.
• Lower cost and improvements to reliability: Many IT
services traditionally performed on premises are now
available as-a-service, eliminating the additional costs to
invest in infrastructure and capital expenses.
• Improved administration: Lowers the administrative
burden placed on IT and frees up team members to
handle tasks that provide greater business value.
• Seamless redundancy and scalability: Provide peace
of mind with no loose ends to chase or worry about.
Services provide cost-effective redundancy for all critical
business information systems but also enable routine
validation testing.
• Global standardized solution: One provider, one
technology, and one solution can give you global
accessibility from one interface.
RETHINK
CONNECTED
09
WHI T E PA PER
ARE YOU CONFIDENT THAT
YOUR SYSTEMS AND DATA
ARE RECOVERABLE?
Given the risks you have identified, can you prove to
your board of directors that you can recover when
you need to? Usually, the best way to provide this
proof is through regular testing or third-party audits
(for companies in highly regulated industries).
Testing is essential to ensure a DR plan works
properly, but it can take days to manually adjust
and retest, shutting down both production and
recovery sites. Businesses can take about 50 hours
for test planning, on average. Setting up and
tearing down the test environment takes anywhere
from 80 hours for a small organization to 768 hours
for a large enterprise.
Testing also requires a sizable team for test
planning, startup testing, ongoing testing, and
setup and teardown of the environment. A test
team for a small business includes about 13
engineers. A large enterprise can need as many as
103 engineers.
RETHINK
CONNECTED
10
WHI T E PA PER
HOW 11:11 CAN HELP
Organizations must address IT recovery by creating a
comprehensive program that encompasses people,
processes, and technology. 11:11 Disaster as a Recovery
Service (DRaaS) delivers the complete set of essential
services your organization needs for effective testing
and recovery. Based on more than 25 years of
recovery expertise, 11:11 DRaaS can mitigate the root
causes of your recovery challenges by systematically
helping you manage every stage of the process, so
your organization can be confident it hasn’t missed
a critical step in recovery procedure development,
implementation, or operation. This includes:
• IT recovery test planning and execution so you can
demonstrate recoverability as well as any post-test
analyses of gaps
• Actual execution of the recovery at time of test or
actual disaster, which reduces the number of IT staff
who will need to travel away from your primary site
where they are most needed
• The ongoing lifecycle management of your recovery
program, including change management (ensuring
that changes to your production environment are
reflected in the recovery environment)
• Unified management from the 11:11 Cloud Console
to provide you with visibility across your recovery
environment (and all of your 11:11 cloud services)
• A single point of contact and expert consultants that
can work with you to handle your unique business
needs
RETHINK
CONNECTED
11
WHI T E PA PER
SUMMARY/CONCLUSION
Following the strategies outlined in this paper will
allow you to justify the investment in IT recovery
to senior management. Checking into a cloud
solution provider can make it easier for you to
point management to a specific, proven, and
comprehensive solution.
By choosing 11:11 DRaaS, you can empower your
IT organization to dramatically reduce the TCO for
your recovery needs, test recovery frequently, and
have confidence that your IT environment is fully
recoverable, all while focusing on your business
priorities.
12
WHI T E PA PER
13
DISCOVER THE
11:11 DIFFERENCE
BaaS
11:11 offers cloud-based backup to adhere to your goal of 3-2-1
resiliency. Leveraging encrypted communication and application
trusted tunnels, this off-site, “air-gapped” version of your backup
will be available to you if something were to happen to your local
recovery. You can recover entire virtual machines, applications or
files directly from the cloud.
DRaaS
With DRaaS, 11:11 enables organizations to meet their disaster
recovery needs without requiring a secondary data center,
additional hardware or even additional staff. With industry
leading disaster recovery software and very tight RTO and RPO
available, you can be assured that in any disaster (ransomware
included) you can bring your environment online quickly with
virtually no disruption.
IaaS
Organizations running their workloads in the 11:11 Cloud
have peace of mind that security and compliance are always
our priority. We uphold a variety of global certifications and
standards. So, no matter what industry and region you work in,
we have ensured that the proper controls are in place. Coupled
with built-in security reporting around vulnerability, network
intrusion, malware and virus scanning, you can rest assured that
the 11:11 cloud environment is as robust as your own.
RETHINK
CONNECTED
Copyright © 2022 11:11 Systems. All rights reserved.
WHI T E PA PER
14
Object Storage
Seamlessly extend your on-premises storage to the cloud
and eff iciently secure and manage your data for long-term
retention of business and mission-critical data. Built for
resilient digital businesses, 11:11 Cloud Object Storage offers
industry-specif ic security and compliance, guaranteed
availability and all-inclusive pricing. Managed through the 11:11
Cloud Platform, 11:11 delivers an integrated experience with our
other data protection services such as DRaaS and BaaS for a
streamlined experience.
Microsoft 365
Your Microsoft 365 emails and documents are safe and protected
with 11:11 Cloud Backup for Microsoft 365. It directly integrates
with Microsoft 365 to provide flexibility in how you protect your
Exchange Online, SharePoint Online, and OneDrive data. You
can quickly restore your mailbox items directly to your Microsoft
365 mailbox by exporting them to a PST file, emailing them as
an attachment, or save them locally. This provides protection
from deletion and data loss, gaps in retention policy parameters,
Malicious insiders, and departing employees.
11:11’s world-class support is there with you for every step of
your journey. Our in-depth, consultative sales and onboarding
processes ensure that you are as comfortable with your new
cloud environment as you are with your own data center. 11:11
support is always included and available by phone or through the
11:11 Cloud Console. 11:11 engineers can help you with everything
from managing DNS to invoking backup recovery and DR.
RETHINK
CONNECTED
Copyright © 2022 11:11 Systems. All rights reserved.
THANK YOU.
About 11:11 Systems
11:11 Systems is a managed infrastructure
solutions provider that holistically addresses
the most pressing cloud, connectivity,
and security challenges of today while
preparing businesses for tomorrow. The 11:11
model empowers customers and partners
to “Rethink Connected,” by providing
fully integrated, fully automated services,
activities, and data, powered on a unified
platform, that ensures their applications
and data are always running, accessible,
and protected. 11:11 delivers increased
performance and savings to organizations,
while freeing up IT resources to focus on
the core business.
RETHINK
CONNECTED
North America:
UK:
Netherlands:
+1.800.697.7088
+44 20.7096.0149
+31 10.808.0440
Singapore:
+65 3158.8438
Australia:
+61 2.9056.7004
Learn more at 1111SYSTEMS.COM