“Most DR tools, even DRaaS, only protect fragments of the IT estate,” Gogia said. “They’re scoped narrowly to fit budget or ease of implementation, not to guarantee holistic recovery. Cloud-heavy environments make things worse when teams assume resilience is built in, but haven’t configured failover paths, replicated across regions, or validated workloads post-failover. Sovereign cloud initiatives might address geopolitical risk, but they rarely address operational realism.
“The biggest flaw in DR testing is the assumption that infrastructure equals service,” he said. “Most enterprises test [whether] systems can boot, data can be restored, and dashboards stay green. But that’s not recovery. It’s a static checklist. In a real disaster, systems may come online [but] users still cannot access them. Authentication loops, misrouted traffic, unclear communication, and panicked behavior all get in the way. What tests miss is the entropy created when 100,000 users act on partial information and internal teams scramble across fragmented processes.”
The problems with most enterprise disaster recovery strategies get even worse. A popular tactic is to leverage competing hyperscalers on the rationale that even if, for example, Google fails, what are the odds that Microsoft and AWS will also fail at the same time?
