olly - stock.adobe.com

Tip

DRaaS vs. BaaS: Compare 2 data protection options

While DRaaS and BaaS can simplify data protection operations, they aren't right for all IT shops. Learn the differences between the two technologies -- and the potential risks.

IT admins interested in as-a-service data production products must carefully assess which offerings will best meet their needs.

The IT industry, overall, has shifted to an as-a-service delivery model -- and the backup and disaster recovery markets are no exception. Like other as-a-service offerings, backup as a service (BaaS) and disaster recovery as a service (DRaaS) refer to tools and technologies that a vendor delivers to users over a network -- usually the internet. This means enterprise IT teams do not need to locally install or maintain the technologies within their own data centers. Managed services can also be a component of DRaaS and BaaS offerings.

With so many options in the market, it's critical to understand the key differences between DRaaS and BaaS, their unique use cases and their relative benefits and drawbacks.

What is BaaS?

BaaS products provide data backup and operational recovery to a specific point in time. Typically, BaaS suits use cases in which some degree of downtime and data loss can be tolerated. Some BaaS products are simple backup applications hosted in the public cloud that require admins to directly manage protection jobs. Others are managed services that include a variety of deployment options and enable IT teams to offload protection jobs to the BaaS provider. BaaS venders include Acronis, Carbonite, NetApp and Veeam.

Initial adoption of BaaS has typically been among smaller companies with limited IT staff and budget that need to deploy backup environments quickly, and scale fluidly as they grow. However, BaaS has also found its way into enterprises as a means to protect point applications like Microsoft 365, and to protect the growing number of edge sites and IoT ecosystems.

Top BaaS offerings compared

What is DRaaS?

In contrast to BaaS, DRaaS addresses more stringent protection service levels, as well as business continuity for mission-critical workloads. Simply put, DRaaS refers to offloading disaster recovery facilities and operations to a service provider. These include failover, failback, replication and data migration.

DRaaS services can, and increasingly do, use the cloud as a secondary failover site, as opposed to a secondary or colocation data center.

The typical DRaaS user has been large enterprises that need to protect complex IT environments. These organizations have mission-critical workloads that require continuous uptime and cannot tolerate data loss. The cloud has made DRaaS more accessible to smaller shops as well. DRaaS enables organizations to test DR capabilities regularly -- as easily and efficiently as impossible -- to improve confidence in recoverability. Some DRaaS vendors are IBM, Recovery Point Systems, Expedient and TierPoint.

Benefits of BaaS and DRaaS

BaaS and DRaaS offer a range of benefits to IT teams -- and those benefits vary based on how the service is hosted, and whether it's managed by the provider. Services that use a cloud-hosted delivery model eliminate the need for IT teams to buy and maintain on-premises data protection infrastructure; this enables a shift from Capex to Opex costs. Managed services offload the hassle of managing day-to-day protection operations. Admins can deploy and scale cloud services quickly, and also support remote access, a capability that's become especially important during the COVID-19 pandemic.

BaaS can offer an accelerated path to protect SaaS applications and other resources, such as Microsoft 365 and Salesforce. Increasing and more sophisticated cyberattacks, such as ransomware, as well as compliance requirements, mean that no application can be left unprotected.

Drawbacks of BaaS and DRaaS

There are also some potential downsides to DRaaS and BaaS. If IT teams adopt these offerings alongside an existing data protection implementation, they must be careful to not create additional silos of data and tools. This is especially important within environments that have long-established backup tools and processes that tenured IT staff are used to working with.

Additionally, the cloud can be slow in terms of backup and recovery speeds, and it can be expensive, with a variety of complex variables going into the cost model. Finally, enterprise IT should be aware of what happens if a provider fails to meet service-level agreements (SLAs). Understand what the service provider commits to, in terms of recovery times and recovery points, and what the repercussions are if those SLAs are not met.

Dig Deeper on Disaster recovery planning and management