Feb 17 2020

5 Questions to Ask When Selecting a DRaaS Provider

As they develop plans to prevent data disasters, K–12 IT leaders should also weigh key questions about recovery services.

K–12 districts collect massive amounts of data — and face countless threats against it. Complete data loss would be a true disaster. In addition to a disaster recovery plan, Disaster Recovery as a Service can help ensure continuity of operations. Here are key questions to ask when choosing a DRaaS provider.

1. What’s the total cost?

K–12 schools, particularly rural ones, often lack the IT staff to manage disaster recovery in-house. Despite burgeoning tech budgets for many school districts, there’s increasing pressure to demonstrate a significant return on investment. Administrators should ask providers for total cost estimates that include setup fees, monthly pricing and any additional features, such as legacy application protection.

2. Where are data backups stored?

Recovery locations should be far enough away to avoid local disasters, but close enough to limit latency. Always ask where providers store their data, if they have multiple storage sites available and what typical delays between data transmission and access look like.

MORE ON EDTECH: Read more about what K–12 school districts should know about DRaaS. 

3. How is information secured?

Evolving student privacy regulations demand careful data handling, regardless of where information is stored. Potential providers should employ both robust encryption and secure transfer protocols to ensure data is effectively defended at rest, in transit and in use.

4. Who has access?

If audited, schools must be able to show who accessed protected data, when, and for what purpose. Look for a provider that leverages zero-trust policies around information access — only authorized personnel from your school should have the permission necessary to move or modify data.

5. When (and how often) are DR services tested?

Ask prospective DRaaS providers about their disaster recovery testing practices. They should regularly evaluate the ability of their systems to handle disaster events at scale and continually monitor operations to make necessary improvements that increase overall resiliency.

EvgeniyShkolenko/Getty Images