buchachon - Fotolia

Disaster recovery in Russia: Critical sectors play it safe

Disaster recovery methods in Russia span tape backup to cloud disaster recovery, but for businesses in the most critical sectors in-house provision is the favoured method

In recent years, many Russian companies have recognised the importance of data protection and disaster recovery schemes. And in some sectors of the economy, especially finance and telecoms, they place a special emphasis on the issue.

Today, most companies' preferred method is still to duplicate their entire server estate, while more contemporary methods such as the tools in server virtualisation environments are not yet commonly used.

However, there are providers that offer more advanced disaster recovery systems.

"Based on our experience and customers' requests, the most popular service is disaster recovery as a service [DRaaS]," says Maxim Berezin, head of cloud computing practice and director of virtual datacentres at IT company Croc.

"The idea of the service is the replication of copies on several separate clusters of a cloud platform, which helps to quickly move data from one location to another in case of a disaster.

"Tape backups are still used by many companies, too, as they are relatively cheap and can be physically moved from one data processing centre to another," he adds. "Their main drawback is that they are not intended for automatic transfer to a backup data processing centre."

Meanwhile, many companies prefer to run disaster recovery schemes in-house rather than outsource them, and talk about using locally developed systems, which might be in line with government officials' recent statements about lowering dependency on imported software.

Disaster recovery testing is standard procedure at Uralsib Bank

Uralsib Bank, which is in the top 25 in terms of assets, has its own disaster recovery scheme. The scheme comprises several components based on products from various suppliers, with software from IBM, HP and Symantec.

"The risk of losing data is there all the time," says Alexander Shestakov, senior executive director for IT at Uralsib. "Data is regularly lost as a result of equipment malfunction and due to users' mistakes.”

Read more about disaster recovery

  • In this guide, we look at the process of disaster recovery planning, from risk assessment through development of concrete plans to maintenance and continuous improvement.
  • Why the disaster recovery planning process requires rehearsal and IT leaders must establish levels of criticality when setting application restore times.

At Uralsib, the disaster recovery scheme uses regular backups to separate servers, as well as traditional tape backups.

"We receive data recovery requests on a regular basis, roughly one or two times a week," says Shestakov. "In most cases, those requests concern technological system updates and users' requests for recovery of online data.

"Using software from several vendors allows the bank to flexibly use the advantages of different products for different tasks," he adds.

The disaster recovery scheme at Uralsib is regularly tested for its operability and integrity of backup copies. Tests are implemented as part of existing standard procedures, as well as during updates of banking systems' technological data, for instance by means of recovery from a backup copy to a test environment or a development environment.

"By doing that, two tasks are implemented simultaneously," says Shestakov. "On the one hand, the test environment or the development environment is being updated. On the other hand, integrity of backup copies is tested and staff disaster recovery skills are also tested."

However, he says testing the integrity of backup copies cannot be achieved in all cases. “For example, a NAS device doesn't have a test environment and there is no need to update it.”

Vimpelcom classifies recovery data according to backup frequency

At Vimpelcom, one of Russia's top three mobile phone operators, data recovery is also handled in-house by a department focused specifically on that task, says a company spokesperson.

All data is divided into four recovery classes – Class 1 to Class 4 – and for each class there is a backup procedure. Class 1 data is backed up every two hours, and to two backup platforms. Class 4 data is backed up once a day, with a second platform being optional.

Disaster recovery tests are run regularly for Sarbanes-Oxley-critical systems, with each system being tested once a year.

RusHydro enhances disaster recovery capabilities for the future

RusHydro, a major hydroelectricity company with branches in the country's far-flung regions, has a complex, multi-level system for data storage and disaster recovery which has been in operation since 2005 and is outsourced to an IT provider.

It is constantly updated, based on the size and content of data in storage, and has been developed using products from Hewlett-Packard.

"Over the past 10 years there have been all kinds of situations, including malfunction or failure of the equipment, and we have had to restore the system's functionality quickly," says Garald Bandurin, director of the IT department.

The most recent problem occurred when a storage subsystem malfunctioned, but data was restored quickly.

"Overall, the system was designed is such a way that we haven't had any fatal case of data loss in all these years, and disaster recovery is a regular procedure built into it," says Bandurin.

But, although the existing disaster recovery scheme has worked well, the company is looking to improve and develop it in-house as RusHydro begins to use new applications, such as SAP, which is to roll out in test mode in July 2015.

Another reason to set up an in-house data storage and recovery scheme is a new project aimed at multi-dimensional modelling and designing of power facilities.

According to Bandurin, the new scheme is to be based on local products that have begun to arrive in the market. A test ground for new systems is currently in place.

"In-house development doesn't mean we are going to be goofing around, breaking existing rules for information system design or stealing work from systems integrators," says Bandurin.

"We have a very traditional approach, but at the same time we want to be at the same level as leading companies,” he says. “Sometimes we have to deal with tasks that no one has yet implemented. We have to look for our own solutions when it comes to information systems and design," he adds.

Bandurin is confident about the new scheme and in-house handling of disaster recovery. "I believe that in three years' time we won't have a single critical part in our distributed IT infrastructure, the disappearance of which from the operative IT scheme could lead to disaster," he concludes.

Read more on Disaster recovery