Click to learn more about author Don Boxley.
With the COVID-19 pandemic showing few signs of slowing, together with virtually every reputable health authority warning of a second wave this Fall, most industries are reevaluating their data protection, availability, and disaster recovery (DR) strategies. Not surprisingly, healthcare is chief among those taking a hard look at what updates must be made in order to ensure they are able to fully safeguard data today and into the future.
DR in the cloud offers an ideal approach for many organizations, but especially healthcare, which has both business and patient data to worry about. DR in the cloud can not only ensure business continuity but save time and money. Its primary advantage is the ability to utilize offsite backups, which are invaluable should a man-made or natural disaster affect data on company premises. Consequently, DR in the cloud also helps to keep IT costs down and eliminate the complexity that would otherwise be required to manage DR sites onsite — both fundamental considerations for healthcare organizations.
When utilizing cloud-based DR, many organizations still rely on a virtual private network (VPN). Yet VPNs have a number of sharp disadvantages when it comes to security and DR, starting with the fact that they are very complex to configure and increase a healthcare organization’s risk by requiring everything from dedicated routers to access control lists and firewall policies. VPNs also create frightening security vulnerabilities that healthcare companies can ill-afford since users basically have access to a slice of the network, which produces an unprotected attack surface. There is also no ability for VPNs to decrease these attack surfaces since networks are less protected without application-level segmentation.
A safer and more cost-effective alternative that bypasses these inherent VPN limitations is software-defined perimeters (SDP). SDP enables the healthcare industry to maintain low overhead and store data cheaply, saving money by not requiring the maintenance of physical infrastructure. In other words, SDPs allow healthcare firms to take advantage of cloud DR while leveraging both onsite and cloud-based deployments.
SDP achieves this with a few key features, starting with micro-tunnels at the application level that decrease the threat of network attacks. SDP solutions achieve this by setting strong limits on remote users, which allow them access to only specific needed services. And SDP does not necessitate the management of access control lists or firewall policies.
Another way that SDP beats out VPN is that its gateways communicate with one another using the User Datagram Protocol (UDP). With UDP, secure connectivity is attained by using randomly generated non-standard UDP ports for the on-demand micro-tunnel communications. This needs just one UDP message channel between gateways, unlike with VPNs. This helps secure servers with no open ports, effectively eliminating any surfaces that could be vulnerable to network attacks.
If you are considering cloud-based DR, there are also free capabilities that budget-conscious healthcare professionals may already be entitled to and have yet to take advantage of. As Kevin Farlee wrote on Microsoft’s SQL Server Blog on June 29, 2020, it’s possible to unlock your free Azure replica for SQL server license in the cloud for DR. This is because of licensing benefits that were recently announced, and as Farlee notes, a third-party offering can facilitate this process for configuration setup.
“Availability benefits for SQL Server Software Assurance customers now include up to three free SQL Server licenses for secondary replicas, including high availability, disaster recovery, and disaster recovery in Azure,” Farlee writes, adding that free Azure replicas for DR helps organizations relocate their backups offsite to promote easy recovery in the event of a disaster — a necessity given the sensitive nature of healthcare data for both organizations and customers.
Farlee further notes that SDP is “a better way” than VPN to connect onsite primary backups to secondary backups in Azure.
Healthcare organizations that are ready to evaluate and take the next step towards moving their DR to the cloud should learn more about this Azure benefit.