Online Reading | China Data Replication and Disaster Recovery White Paper, Chapter 1

Driven by the wave of digital transformation, data has become the “new oil” of the 21st century, greatly promoting social and economic development. Against this backdrop, how to efficiently and securely manage, replicate, and protect data has become the key for enterprises to stand firm in global competition. To address this challenge, Info2soft, together with the Beijing Information Disaster Recovery Technology Industry Alliance and the Yangtze River Delta Institute of Financial Technology of East China Normal University, has released the China Data Replication and Disaster Recovery White Paper. Through detailed data analysis and industry cases, this white paper demonstrates the important role of data replication technology in key scenarios such as disaster recovery, backup, and restoration. At the same time, it explores the data protection needs in industries such as finance, healthcare, and energy, and how innovative technologies can address the diverse challenges of different sectors. In addition, the white paper closely aligns with national policies, analyzing policy support in the fields of data security and independent controllability, as well as its role in promoting the development of data replication and disaster recovery technologies. With the acceleration of domestic substitution, the white paper focuses on the development path and future prospects of domestic data replication technology. This serialized publication will delve into each chapter of the white paper, exploring the latest developments and industry applications of data replication and disaster recovery technologies—especially how technological innovation can enhance enterprise business resilience and ensure steady progress and readiness for future challenges in the process of digital transformation. 1.1 The Golden Age of Data On February 14, 1946, at the University of Pennsylvania, John W. Mauchly and J. Presper Eckert invented the world’s first general-purpose computer, ENIAC, opening the gateway between the physical world and the information world. On November 15, 2021, the website of the British magazine New Scientist reported that IBM announced it had developed a quantum computer “Eagle” capable of running 127 qubits—the largest superconducting quantum computer in the world to date. This marked a new step forward in humanity’s computing power for massive amounts of data. On November 30, 2022, five years after AlphaGo defeated then-world number one Go champion Ke Jie 3:0, the U.S.-based company OpenAI released the natural language processing tool ChatGPT. Beyond its powerful contextual understanding and QA generation capabilities, it is the hundreds of billions of parameters and robust pre-training system of the GPT series models that serve as the foundation for it becoming a superstar in the world of artificial intelligence.

In these epoch-making milestones, the enormous role of data—as the electronic material being processed and analyzed—is beyond doubt. In socio-economic activities more closely related to human life, such as disease prevention and control, medical institutions can analyze and mine large amounts of clinical data, genomic data, imaging data, and more to build more accurate and personalized disease prediction models, providing new ideas and methods for clinical diagnosis and treatment. Evidently, from the early “ENIAC” to “ChatGPT,” with the rapid development of information technology, communication technology, and intelligent technology, as well as the significant improvement of data collection capabilities, the amount of data that human society can collect, store, and process is growing explosively. As a key resource running through different eras—from computers to the internet to artificial intelligence—data is moving from the era of the Big Data explosion into the Golden Age of Data. Given its importance, on March 30, 2020, the Opinions of the CPC Central Committee and the State Council on Building a More Complete System and Mechanism for the Market-Based Allocation of Factors was issued, setting out reform directions for five key production factors: land, labor, capital, technology, and data. This was the first time that China had included data as a production factor, emphasizing its importance in the economy. On October 25, 2023, the National Data Administration was officially inaugurated, with main responsibilities including coordinating the advancement of fundamental data systems, integrating and sharing data resources, promoting data development and utilization, and overseeing the planning and construction of Digital China, the digital economy, and the digital society. Subsequently, provinces and cities across the country responded quickly, establishing or inaugurating provincial-level data administrations. Data refers to any record of information in electronic or other forms, which may include numbers, text, images, sounds, and so on. “Data only has value when it moves.” At the Digital City Sub-Forum of the 5th Digital China Summit, Academician of the Chinese Academy of Sciences and President of the China Computer Federation Mei Hong stated that in the era of big data, value is realized through the collision, integration, sharing, and circulation of diverse data. In addition, according to the Data Factor Value Chain Model (2023) proposed by Zhao Lifang, Lin Li, Li Jinpu, and others, data circulation is also a fundamental requirement for the development of the data factor value chain. The industry consensus is that data that can be replicated, circulated, and utilized is truly a form of wealth; otherwise, it may become a burden for enterprises. As a key technical means in data circulation, exchange, sharing, protection, integration, computing and analysis, and management, data replication plays a crucial role in maximizing data value. Data replication is the process of copying a set of data from one data source to another one or more data sources. According to the Open Systems Interconnection (OSI) model, depending on the level at which the data source resides within the system, data replication can be mainly divided into three categories: storage hardware-level data replication, operating system-level data replication, and database-level data replication. The process of data replication mainly consists of three stages: data capture, data transmission, and data restoration.

• Data capture refers to identifying and extracting changed data from the production side, requiring fine-grained identification with minimal impact on the production system.
• Data transmission refers to segmenting, reassembling, encrypting, compressing, and otherwise processing the data to achieve accurate, efficient, and secure transmission.
• Data restoration refers to receiving and writing data at the target end, with the core goal of ensuring fast writes while maintaining data consistency and availability.

The Three Principles of Data Replication

1. Compliance – including data security, data consistency, encrypted transmission, data classification and grading, compliance with cybersecurity protection standards, and archival management.
2. Timeliness – including real-time or periodic data replication, rapid recovery, and meeting RTO and RPO compliance to ensure availability and supply requirements.
3. Diversity – including diversity in data formats, as well as multi-layer data replication covering the system layer, database layer, and storage layer, to meet the multi-region, multi-platform, multi-function, and personalized needs of user production environments.

1.2 Three Major Industry Applications As one of the fundamental application technologies after data collection, data replication can be applied across various platforms, architectures, systems, and networks, helping enterprises and organizations in all industries achieve data transmission, disaster recovery, archiving, management, sharing, and utilization. From an application domain perspective, data replication covers a wide range of technical scenarios. It can be used independently in distributed scenarios such as storage replication, file replication, block replication, and database replication, or in combination to enable data movement between different platforms and media. From a commercial market application perspective, it can be summarized into three categories: data compliance applications, big data aggregation and distribution, and data synchronization and system migration.

1. Data Compliance Applications These include disaster recovery (DR), backup, archiving, encryption, data masking, classification and grading, and cybersecurity protection, with disaster recovery and backup being the most widely used. Disaster recovery and backup, collectively referred to as disaster recovery (DR), is one of the typical application scenarios of data replication, used to ensure data security and business continuity. The performance metrics for DR systems are RPO (Recovery Point Objective) and RTO (Recovery Time Objective). Depending on RTO and RPO values, DR systems can be divided into scheduled backup systems and disaster recovery systems, with the capability of data replication fundamentally determining RPO/RTO—and thus the overall capability of the DR system. Cloud disaster recovery has emerged alongside the continuous development of cloud computing technology and applications. Compared to traditional DR strategies, cloud DR shifts its protection target from local systems to cloud-based systems and applications. With the ongoing growth of ecosystems such as Kubernetes, Docker, and cloud-native applications, DR technologies are gradually extending into these areas. Info2soft is among the earliest companies in China to develop DR technologies for cloud environments, launching DRaaS-based products such as i2yun.com and i2CloudCDM. However, compared to overseas markets, China’s DR SaaS market has been less successful, as users tend to prefer private or hybrid cloud deployments for DR protection. Regardless of the approach, data disaster recovery, as the last line of defense for data security, is receiving increasing attention and has gradually become a top-level management priority. The true driving force behind the sustained development of the DR industry is enterprises’ need for secure development. In the process of digital transformation, data security is a critical issue—one that can have far-reaching consequences, potentially impacting business operations and reputation, and even leading to data loss and revenue decline. Globally, information security threats are worsening, posing serious risks and challenges to enterprise survival and growth. According to NTT Security Holdings’ 2024 Global Threat Intelligence Report, ransomware and extortion incidents surged by 67% in 2023, with small and medium-sized enterprises facing the greatest challenges—over 50% of ransomware victims had fewer than 200 employees, and 66% had no more than 500 employees. Additionally, SonicWall’s 2024 Cyber Threat Report revealed that cryptojacking incidents increased by 659% in 2023, reaching 1.06 billion recorded attempts. Sophos reported that 66% of surveyed enterprises and organizations were affected by ransomware in 2023, with threats continuing to evolve—adopting intermittent encryption, vulnerability-only targeting, and advanced evasion techniques, making detection and prevention more difficult. In terms of industries, healthcare remains the most severely targeted. Corvus Insurance’s Q1 2024 Ransomware Report showed ransomware attacks in Q1 2024 increased by 21% compared with the same period in 2022, marking the highest first-quarter figure on record. Attacks against the healthcare industry rose 38% from the previous quarter—the largest increase among all sectors. Other heavily impacted industries include IT services, construction, manufacturing, retail, and government. In China, data security challenges come from multiple fronts. Beyond frequent natural disasters and platform failures, domestic cybersecurity companies have reported that large overseas attack organizations have been conducting organized and targeted cyberattacks against China for over a decade—especially targeting aerospace, research institutions, the oil industry, major internet companies, and government agencies. However, in terms of DR infrastructure—particularly in core business disaster recovery for large data centers, cross-region DR backups, and dual-active configurations for local critical data—there is still a gap compared with the global average. In recent years, China has introduced a series of laws and regulations, including the Cybersecurity Law, Data Security Law, Critical Information Infrastructure Protection Regulations, and Cryptography Law, to strengthen DR capabilities. In September 2023, six ministries—including the Ministry of Industry and Information Technology, the Cyberspace Administration of China, the Ministry of Education, the National Health Commission, the People’s Bank of China, and the State-owned Assets Supervision and Administration Commission—jointly issued the High-Quality Development Action Plan for Computing Power Infrastructure, which set a target for 2025 that 100% of core and important data in key industries must be covered by disaster recovery. With the growing importance of data security, the DR industry is expanding rapidly, and the broad DR market is growing accordingly. According to Zhiyan Consulting, China’s DR industry market size grew from RMB 10.82 billion in 2015 to RMB 29.07 billion in 2020, with an average compound annual growth rate (CAGR) of 21.86% over the past five years. It is expected to maintain high-speed growth, reaching RMB 51.84 billion by 2025. IDC data shows that China’s DR market revenue will grow from RMB 5.69 billion in 2023 to RMB 9.27 billion in 2028. In terms of downstream industry demand for DR, according to the IDC China Data Replication and Protection Market Overview, 2023, the largest DR spending in 2023 came from government, finance, and telecommunications, followed by manufacturing, transportation, education, public utilities, healthcare, energy, media, services, property management, internet, and construction—with the top three sectors accounting for more than 60% of the market share. 2. Big Data Collection Applications These include data collection, transaction, storage, processing, analysis, services, and security—core stages in various economic activities. They can be summarized as applications in data collection and processing services, data analysis services, data governance services, data exchange services, and data security within the big data service industry. With the development of big data technologies and the integration of multi-platform heterogeneous environments, data replication software is now widely used for data collection, aggregation, distribution, and management across different regions and platforms. For data to deliver value, it must go through multiple stages: collection, processing, and analysis. As the first stage in the big data lifecycle, data collection and preprocessing are prerequisites for unlocking data value. Data replication software can capture and collect massive amounts of data from various platforms in real time, synchronizing them to designated big data platforms, development platforms, and database targets—or distributing them to departments in need. This enables real-time, secure, and reliable data for simulation, queries, transactions, analysis, decision-making, and risk control. As massive data is increasingly used in marketing decisions and large AI model applications, big data replication is shifting from scheduled collection to real-time collection—ushering in a new wave of growth. Additionally, the synchronization and migration of large-scale data between databases and storage systems is driving demand for big data replication. According to IDC, the global big data software market reached RMB 481.36 billion in 2020. IDC also predicts that in China’s big data market, the software segment’s share will rise annually, with over 30% of spending going to software—around RMB 51 billion—by 2025, with a 26.7% CAGR over the next five years. However, big data faces significant challenges—particularly in ensuring data consistency, security, and availability in heterogeneous environments, as well as in maintaining the stability of tools and products. Compared to DR technologies, big data replication is more complex and requires higher R&D investment, making it difficult for ordinary independent software vendors to sustain product upgrades and iterations. 3. Data Synchronization and System Migration Applications These include scenarios such as data center relocation, system upgrades, cloud migration, cross-cloud migration, and migration between old and new resource pools—involving the synchronization and migration of data, files, applications, networks, and operating systems. With the rapid development of cloud computing and intelligent computing industries, data center construction and upgrades are accelerating. Traditional migration scenarios are shifting toward virtualization and cloud environments, with increasing data volumes and expanding migration targets to include cloud-native applications, cloud databases, and object storage. Cloud tenants can use data replication and migration tools to transfer data from source servers to local or cloud target servers—with or without downtime. After completing system migration and data replication (including incremental data), the system can be switched over quickly within the planned downtime window, allowing the new production server to take over operations—helping organizations achieve rapid business recovery and ensure business continuity. Data synchronization and system migration cover a wide range of industries, users, and departments, characterized by decentralization and fragmentation. The abundance of open-source migration tools makes unified market statistics difficult, and there is currently no clear segmented market data. However, system migration remains a rigid demand—from large-scale data center resource pool relocations to smaller website or file migrations. Data replication tools can be applied at different OSI layers, and migration vendors include database providers, storage vendors, and third-party migration providers. With the increasing diversity of IT infrastructure brands in data centers, heterogeneous platform migration will become the norm, and migration services are expected to grow vigorously in the future.

  1.4 Opportunities and Challenges in Development 1.4.1 Industry Development Opportunities

The 14th Five-Year Plan for the Development of Software and Information Technology Services calls for strengthening core software capabilities, enriching backup, disaster recovery, and industrial control system protection software products and services, and supporting innovation in key technologies such as high-performance data collection, heterogeneous data management, and real-time monitoring of sensitive information. The 14th Five-Year Plan for the Development of the Big Data Industry calls for accelerating the aggregation of large-scale data, encouraging enterprises to upgrade information systems to collect data across the entire R&D, production, operations, and service lifecycle, and strengthening technological innovation in key areas such as data generation, collection, storage, processing, analysis, security, and privacy protection. Subsequent national policy releases have included:

• The Opinions on Building the Data Basic System and Better Leveraging the Role of Data Elements (“Data 20 Articles”) issued by the CPC Central Committee and the State Council
• The Overall Layout Plan for Building Digital China issued by the CPC Central Committee and the State Council
• The Guiding Opinions on Promoting the Development of the Data Security Industry jointly issued by 16 ministries including MIIT, CAC, NDRC, and MPS
• The Interim Measures for Data Security Management in Accounting Firms (Draft for Comment) issued by the Ministry of Finance
• The Three-Year Action Plan for “Data Elements x” (2024–2026) issued by the National Data Administration

These policies create a favorable environment for the rapid development of data replication software companies and greatly promote the adoption and deployment of such solutions in business systems across industries.

On March 4, 2016, 24 domestic entities specializing in core software and hardware technologies jointly founded a non-profit organization named the Information Technology Application Innovation Working Committee (“Xinchuang Committee”), marking the beginning of China’s independent and controllable development journey. According to the 2024 China Xinchuang Industry Research Report by First New Voice Research Institute, the Xinchuang industry mainly covers infrastructure, basic software, application software, and information security, and aims to address China’s “lack of core and weak soul” in the information industry, build a complete domestic information industry chain, enhance competitiveness, and ensure national information security. After three years of rapid growth, the Xinchuang industry has shifted from “scaled promotion” to “deep deployment.” Government Xinchuang adoption is moving from provincial/municipal to district/county levels, and financial Xinchuang adoption is expanding from general systems to core business systems. Beyond the “2+8” industries, pilot projects in tobacco, logistics, manufacturing, and other sectors are increasing, further opening up the Xinchuang market with promising prospects. In market terms, according to iiMedia Research’s 2024 China Xinchuang Industry Development White Paper, China’s Xinchuang industry reached RMB 20,961.9 billion in 2023 and is expected to reach RMB 37,011.3 billion by 2027. Demand for Xinchuang products and solutions driven by national information security requirements will continue to deepen across industries. The security software submarket—covering data security software, identity authentication and access management, endpoint security software, software security gateways, security analytics, and threat intelligence—was worth about RMB 26.1 billion in 2023. In terms of adoption pace, as core systems in government and finance are replaced, replacement in telecom, power, and healthcare is also gradually progressing. According to market development patterns in the IT industry, once a stable foundational hardware and software environment is established, an open and innovative industrial ecosystem becomes essential for sustainable growth. This will attract more upstream and downstream domestic software and hardware vendors to join the innovation effort, enabling China’s information industry to achieve independent and controllable development through channels such as government procurement.

For example, U.S. healthcare giant UnitedHealth Group lost USD 1.1 billion in early 2023 after a subsidiary suffered a ransomware attack. U.S. dental supply giant Henry Schein suffered two consecutive ransomware attacks, slowing its business recovery and leading to an estimated USD 493 million drop in 2024 revenue. Other incidents include a U.S. defense chip supplier whose multiple factories were forced to halt operations, global oil giant Halliburton facing operational shutdowns after an attack, and the July 19, 2024 incident in which a CrowdStrike software issue caused widespread Microsoft Windows blue screen errors and global outages—all illustrating the immense challenges enterprises face in countering cybersecurity threats. China has always placed great emphasis on protecting data security, recognizing it as a key component of national security. The Data Security Law of the People’s Republic of China, effective September 1, 2021, stipulates in Article 14 that the state shall implement a big data strategy, promote data infrastructure construction, and encourage and support the innovative application of data in various industries and fields. Provincial-level governments and above must incorporate digital economy development into their economic and social development plans and formulate corresponding strategies. The 14th Five-Year Plan and 2035 Long-Range Goals Outline, released in 2021, repeatedly emphasizes topics such as digitalization, the digital economy, national security, and foundational software. Data-related industries have become a key focus of China’s future development, with data security drawing significant attention. In terms of market scale, the Guiding Opinions on Promoting the Development of the Data Security Industry propose overall requirements for the industry and set development targets for 2025 and 2035. By 2025, the data security industry is expected to exceed RMB 150 billion in scale with a compound annual growth rate of over 30%; by 2035, it is expected to reach maturity. According to forecasts by China Investment Consulting, from 2023 to 2027, China’s data security product and service market will grow at a CAGR of about 23.12%, reaching RMB 33.69 billion in 2027. 1.4.2 Industry Challenges

1. Intensifying Industry Competition, Domestic and International Challenges Coexist
   In the Chinese market, the wave of domestic substitution has driven the gradual withdrawal of foreign companies, providing vast development opportunities for domestic vendors. However, this process is accompanied by fierce domestic competition. The homogenization of general-purpose technology products, low-price strategies, and disorderly competition have not only disrupted market order but also posed risks to product availability, stability, and profitability for users. In addition, the emergence of cross-domain competition and non-specialized functional demands has further intensified the challenges faced by professional vendors.
   In overseas markets, Chinese companies face a more complex competitive environment. In addition to direct competition with well-established European and American vendors, they must also address multiple challenges such as data compliance, legal differences, marketing network development, and staffing. As global technology companies increasingly focus on data security, foreign vendors are leveraging their advantages in product integration, talent, resources, and marketing to further consolidate their market positions. Therefore, when expanding internationally, Chinese companies must not only improve their product functions but also strengthen organizational structures and build localized service teams to enhance their overall competitiveness.
2. Slow Development of Core Technologies, Need to Strengthen Innovation Capability
   Data replication technology is a key technology that supports operating systems, databases, middleware, and hyper-converged storage. However, compared to the three major foundational software technologies, the development of data replication technology is relatively lagging. It must meet both the iterative upgrade demands of foundational software products and adapt to changes in user business needs. In addition, in the integration and application of cutting-edge technologies such as cloud computing and artificial intelligence, domestic data replication and security companies still lag behind their foreign counterparts. Therefore, domestic companies need to enhance their innovation capabilities and self-driven development to achieve breakthroughs in globally leading innovation.
3. Slow Progress in Enterprise Securitization, Need to Expand Financing Channels
   Enterprise securitization is an important way to improve brand awareness, secure funding to support technological innovation, and expand business. However, in the data replication industry, the process of securitization is relatively slow. In the Chinese market, apart from InfoPower (英方软件), no other data replication-related company has successfully gone public. This, to some extent, limits the potential for companies to access the capital market. Therefore, industry players need to seize opportunities, strengthen compliant operations, promote technological innovation, and expand the boundaries of their data-related business to enhance overall competitiveness and enter international markets. At the same time, they should actively seek alternative financing channels to support rapid enterprise growth.