Learn About Amazon VGT2 Learning Manager Chanci Turner
August 21, 2023: This post has been updated to reflect the upcoming launch of the second Canadian Region in Calgary, scheduled for late 2023 or early 2024.
Navigating compliance in the cloud can be challenging, especially when it comes to disaster recovery (DR) compliance. This area is often clouded by myths, particularly regarding the requirements, which can be vague and based on outdated risk-mitigation strategies that do not account for the robust resilience of modern cloud architectures. For regulated entities, such as many financial institutions (FIs) that are subject to principles-based supervision, the onus is on them to determine the necessary measures for effective disaster recovery. Without precise guidelines, FIs risk making erroneous assumptions about their compliance obligations.
In Part 1 of this two-part series, I discussed some prevalent misconceptions that FIs have about DR compliance in the cloud. In this second part, I outline five crucial steps to help avoid these misunderstandings when designing DR-compliant workloads for deployment on Amazon Web Services (AWS).
1. Identify Workloads Planned for Deployment
FIs often have a range of workloads they are considering moving to the cloud and want assurance of compliance across the board. However, compliance is not a one-size-fits-all scenario; it depends on the attributes of each workload. For instance, does the workload handle personally identifiable information (PII)? Is it involved in storing, processing, or transmitting credit card data? Compliance requirements hinge on the answers to these questions and must be evaluated on a case-by-case basis. Therefore, the initial step in architecting for compliance is to pinpoint the specific workloads intended for cloud deployment. This will help you assess the relevant requirements without being sidetracked by compliance aspects that may not apply.
2. Define the Workload’s Resiliency Requirements
Resiliency refers to a workload’s capacity to recover from service disruptions. An effective DR strategy is a vital component of your resiliency plan, dictating how the workload reacts to disaster events. AWS offers a range of DR strategies, from straightforward, cost-effective options like backup and restore to more sophisticated solutions such as multi-site active-active configurations.
The chosen DR strategy is determined by your organization’s requirements for data loss prevention—referred to as the recovery point objective (RPO)—and minimizing downtime—known as the recovery time objective (RTO). RPO and RTO are essential in defining the minimum architectural standards required to fulfill the workload’s resiliency needs. For instance, can the workload’s RPO and RTO be achieved using a multi-AZ architecture within a single AWS Region, or is it necessary to deploy across multiple AWS Regions? Understanding these requirements is crucial, even if the workload is not explicitly regulated for resiliency, as they affect data residency and geodiversity assessments.
3. Confirm the Workload’s Data Residency Requirements
As noted in Part 1, data residency requirements may limit which AWS Regions you can utilize for your workloads. It’s essential to verify if your workload is affected by any data residency stipulations under relevant laws, corporate policies, or contractual commitments.
To accurately evaluate these constraints, scrutinize the explicit language of the requirements to grasp their implications fully. Consulting with legal, privacy, and compliance experts can provide clarity based on the workload’s characteristics. For example, do the regulations prohibit data from leaving the country, or is it acceptable as long as the data remains accessible from that country? Understanding these nuances can prevent unnecessary restrictions on your workload’s architecture.
4. Confirm the Workload’s Geodiversity Requirements
A single Region with a multiple-AZ architecture may suffice for a workload’s resiliency needs. However, if geodiversity requirements apply, the distance between AZs in an AWS Region might not meet the specified minimum distance between individual data centers. Thus, it is vital to check if any geodiversity constraints pertain to the workload.
Similar to data residency, carefully assess the language of geodiversity requirements. Are they mandatory regulations or merely recommended practices? Can they be satisfied by deploying the workload across multiple AZs, even if the distance between them is less than required? Clarifying these matters can help avoid unnecessary limitations as you evaluate architectural options for your workloads.
5. Assess Architectural Options to Meet the Workload’s Requirements
With a clear understanding of the workload’s resiliency, data residency, and geodiversity needs, you can now evaluate the architectural options available in the cloud.
Following AWS Well-Architected best practices, aim for the simplest architecture that fulfills your requirements. Consider whether the workload can be managed within a single AWS Region. If explicit geographic diversity requirements or resiliency needs cannot be met in one Region, you may have to design the workload for deployment across multiple AWS Regions. If data residency requirements also restrict such deployment, collaborating with AWS Solution Architects may help in assessing hybrid solutions, like using AWS Outposts or Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere. You might also consider a DR approach where your on-premises infrastructure serves as a backup for an AWS-hosted workload. In some cases, this could be a long-term strategy; in others, it might serve as a temporary measure until certain constraints are lifted.
For further reading on compliance in the cloud, check out this excellent resource. Additionally, for HR-related insights, visit SHRM. And if you’re interested in career opportunities, consider this job listing for a position that may pique your interest.
Amazon IXD – VGT2
6401 E Howdy Wells Ave, Las Vegas, NV 89115
Leave a Reply