Migration to Recovery

When Atayo first engaged with the customer, the primary objective was a full lift-and-shift migration to AWS. However, the customer's existing disaster recovery posture presented an equally urgent problem. Their third-party DR service replicated on-premises servers to a co-location data center — but required at least 24 hours advance notice before launching a failover. Worse, the customer had never been able to conduct a live DR test, meaning they had no confidence their recovery solution would actually work when needed, or how much data they would lose.

The customer needed a unified solution that would:

• Support a full lift-and-shift migration of all 75 servers and databases to AWS
• Eliminate the 24-hour failover notification requirement
• Enable regular, non-disruptive disaster recovery testing
• Provide resilience against a wide range of IT disruptions — from weather events to cyberattacks
• Assign defined RPO and RTO targets across nine workload criticality tiers

Without addressing these gaps, the organization faced an untested DR posture, potential data loss in any recovery scenario, and no ability to validate their business continuity plan.

Atayo recommended a migration and recovery strategy built on AWS Elastic Disaster Recovery (AWS DRS), which continuously replicates source servers into an isolated staging area on AWS — enabling fast, point-in-time recovery with minimal downtime and data loss.

Atayo's engagement included:

• Workload classification across nine criticality tiers with defined RPO and RTO targets for each
• AWS Control Tower landing zone to establish a secure, governed multi-account AWS foundation
• AWS Elastic Disaster Recovery for continuous replication of all 75 servers into an isolated staging subnet
• Microsoft Windows Server and SQL Server workloads replicated with full fidelity, including SQL Server availability groups and failover clusters
• Non-disruptive DR testing enabled by the isolated staging environment — without cross-pollinating the production environment
• Post-recovery modernization using Amazon RDS, Amazon FSx for Windows, and AWS Security services to improve resiliency and security posture

The isolated staging area proved critical: it was locked down to only allow the AWS DRS replication agent — no other ports or protocols — meaning threat actors could not reach it.

A few months into the migration, the customer was hit by a ransomware attack. The customer first noticed connectivity issues to their on-premises environment in the early morning hours, followed by a ransom demand from the threat actor. They immediately engaged Atayo alongside their insurance carrier and federal authorities.

Atayo's team identified the breach, contained it, and worked with the customer's forensics team to determine clean recovery points — selecting timestamps from before the threat actor entered the environment while minimizing data loss. Using AWS Elastic Disaster Recovery, Atayo launched uncompromised versions of all 75 servers on AWS in minutes.