Disaster Recovery/Business Continuity Planning: Not Just IT’s Job
June 16, 2008
In recent years, disaster recovery and business continuity are getting increased attention not only from CIOs and IT Directors but also from CEOs and CFOs. The reason for the increased importance and awareness is the need to protect valuable data and information.
In business, a computer disaster equals an event that halts the normal operation of day-to-day business activities. The result of such a disaster is that business stops–orders cease to be placed, accounting activities freeze, data is unavailable, electronic communications halt, and the company has no access to decision-critical information. All of these events cost companies revenue and may result in unrecoverable damage. Also, events like Katrina, fires in Southern California and other parts of the West, tornadoes in Midwest and the hurricanes in Florida have made data protection, disaster recovery and high availability high on the priority list of many financial institutions.
Companies that do not have a proper disaster plan pay dearly through lost productivity and financial loss. As corporate data continues to grow exponentially, so too does its value. Loosing access to critical data for even an hour can cost a company millions of dollars. The Meta Group reports that the downtime cost for each company in the Energy Industry is $2.8 million/hour; in the Telecom Industry $2.0 million/hour; and for Financial Institutions, $1.4 million/hour. The National Archives & Records Administration reported that 93% of the companies that lost their data center for 10 days or more filled for bankruptcy within one year of the disaster. 50% of businesses that found themselves without data management for this same time period filed for bankruptcy immediately. And anyone who watches nightly television should be aware that disasters could occur anywhere.
The question to ask is if CFOs are paying enough attention to disaster recovery and business continuity. Is the task being handled only by CIOs and IT department? It is imperative that the top management in every company and especially the CFO should pay proper attention to protect their key servers and systems. The financial well being of a company depends a lot on their key systems being up and running all the time.
Microsoft Environment
Microsoft Exchange, SQL and Windows servers are being increasingly used for corporate communication, for storing data and documents. Microsoft Windows Servers and Exchange Servers are ubiquitous in any organization big or small. SQL Server is also being increasingly used with enterprise class applications. But many organizations do not use the proper process for backup and recovery and in particular disaster recovery of Microsoft Servers.
The explosive growth and popularity of Microsoft Servers in general and Exchange Servers in particular presents a challenge to administrators all over the world. This growth coupled with exponential growth in associated data volume makes it difficult to manage, protect and administer the servers. Hence it is imperative to have proper disaster recovery processes in place to protect Microsoft Servers.
Common Mistakes
The biggest mistake typically made by people is thinking that since they are taking backups, they are assured of recovery in case of a disaster or system crash. Based on statistical data, 30-40% of the data stored on tape can never be recovered. Also, most of the tools available today focus on backup, not on recovery. So it is imperative that IT Administrators give enough thought not only to backup, but also to recovery.
Depending on the criticality of the environment, and the needs of a particular organization, it is always a good idea to take more frequent backups.
How to Protect Your Data
First of all, companies have to decide how critical their data is. Organizations also have to determine their Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
RTO defines the tolerable maximum length of time that a business process can be unavailable, while RPO defines how much work in progress can be lost.
Also, companies have to decide whether to go for a tape backup or a disk-to-disk backup, or a combination of both. Tapes are the traditional way of doing backup, but when it comes to recovery, they’re not very reliable. Disk-to-disk backup is fast, reliable, and the data can be recovered immediately. The best approach will be to back up the data to disk regularly and archive it to tape every week, every month, or every three months based on the criticality of the data.
Disaster Recovery Plan
The best way to prepare for a disaster is to avoid the disaster. Therefore, look for any potential problems you can find, and correct them. You should address those issues that you can solve and which will provide benefit. Regardless of the cause, fast and effective recovery of your IT environment is essential. You must be able to quickly implement your recovery plan–which must be tested and well documented before problems occur.
Developing a disaster recovery plan for your systems in general, and databases in particular, is tedious and time consuming. If you can automate the entire process through configurable templates, then the process can be completed within a short period of time, saving time and resources. Also, one should focus not only on backup, but also on recovery. When a disaster occurs, it can take hours, if not days, depending on the complexity of the situation, to have all your systems and databases up and running. Users should look for applications that will help them to recover to the point of failure, or to a point in time quickly without the need to write any script or code.
Companies can create a cost-effective disaster recovery site by simply investing in standby servers. They provide a high level of data protection and fast recovery if the primary server fails. Standby solution bridges the gap between a highly expensive failover clustering solution and native backups. The standby server can even act as a read-only device during normal operations. The extra server generally costs much less than buying extra peripherals or services.
Unlimited budget does not guarantee total protection. In fact, in today’s environment, even the most profitable company with lots of cash will think twice before spending money on unnecessary or redundant projects or tools. As explained before, RTO and RPO will determine the type of plan and systems that need to be put in place. Companies should have a clear understanding of their requirements, and then design/implement a disaster recovery and business continuity plan.
Before jumping on to implementing a plan or an application, it is imperative that users properly think through all the different scenarios and the impact a particular disaster will have on their business. With proper planning, even companies with highly mission critical data and information can implement a plan within a reasonable budget. Of course, what is reasonable is always subjective.
Disaster Recovery Strategy
Today every company, big or small, depends on its network for virtually all its activities. Any downtime in terms of server crash or system failure will result in enormous productivity and financial loss. Hence what can organizations do to mitigate the losses? Many smaller companies do not have the trained staff to do extensive planning or can afford to take on major activities that have no immediate payoff. Furthermore, most disaster recovery software and services are aimed at large companies with sophisticated computer systems, in-house expertise, and large budgets. What about a typical small company with one or two IT people and the usual Microsoft software and Intel servers?
Fortunately, there are solutions that are reasonably priced and easy to implement. Companies can use a combination of disk and tape backup solutions to protect their systems. The best strategy nowadays is to back up your data to disk regularly and then archive it to tape every so often depending on how critical it is. Be sure to test tape recovery; it is a notoriously fickle and uncertain operation. A trial run now will avoid big problems later.
Companies of all sizes must take backup and disaster recovery seriously. Who knows what can happen? In recent years, information and data has become a vitally important corporate asset essential to business continuity all around the world. The ability to recover critical data quickly after a disaster is a fundamental requirement of economic viability. Microsoft SQL, Exchange and Windows Servers are being increasingly used in mission critical environments and hence recovering them from a disaster is crucial for business continuity.
It is very important to have a disaster recovery plan that is easy to follow, well documented, and known by employees. Relying on one employee or on a process that is not documented will only leave a company vulnerable, especially in disastrous scenario. It is imperative to have proper processes and software implemented and tested to recover quickly from a disaster. Top management in companies especially the CFO must devote sufficient time and energy to protect the systems and data from potential disasters. The CFO should work hand in hand with the CIO and make disaster recovery and business continuity as a priority.
About Dr. Vas Srinivasan: Dr. Vas Srinivasan is the Vice President of Marketing at Sonasoft. Vas has over 20 years of experience in technology, manufacturing and research areas. Vas played a key role in introducing new technologies and products in High-Tech and Manufacturing industries. Before joining Sonasoft, Vas was responsible for the Supplier Relationship Management (SRM) Solution at Commerce One.
Prior to Commerce One, he was at US Steel, where he managed relationship with Big Three automakers and was instrumental in introducing new technologies in the automotive industry. Prior to that, Vas worked in the Crash Safety Group at Ford Motor Company and helped the automaker meet Federal Government safety standards for cars and trucks. He also worked on the Light Combat Aircraft (LCA) being developed for the Indian Air Force.
Vas holds a Bachelors of Technology in Aeronautical Engineering from Anna University, Chennai, India, Masters of Engineering in Aerospace Engineering from Indian Institute of Science, Bangalore, India, Ph.D. in Mechanical Engineering from University of Miami and M.B.A. from University of Michigan, Ann Arbor.
Image courtesy of Everaldo.com.
Comments
8 Responses to “Disaster Recovery/Business Continuity Planning: Not Just IT’s Job”
Got something to say?
Around the Net: October 5 to 9
Big IPOs Due this Week from Verisk and Santander: Read More at Market Watch…
Banks Building Business Intelligence: Read More at eFinancial Careers…
Heavy Lifting: Read More at Information Management…
Finding Your Niche in On-Demand BI: Read More at IT World Canada…
British Telecom Picks Jaspersoft for Analytics: Read More at CNET…
E-Medical Data valuable to Healthcare Industry: Read More at InformationWeek…
Pervasive Business Intelligence: Read More at PC Quest…
--Carl Weinschenk
Disaster recovery and the need for it applies to small businesses as well as large ones. The cost of a computer crash might not be in the $ millions/ hour but $1000/ hour is just as destroying.
Preparation is the name of the game here, protect your computers and peripherals against surges, lightning and viruses and backup EVERYTHING every day.
A disk backup system for small businesses is fine and the boss can take the days disk home every night!
This is a fine and meaningful article.
Steve Coleman
[...] Monday, we posted a story written by Dr. Vas Srinivasan, the Vice President of Marketing at Sonasoft, on disaster recovery/business continuity [...]
[...] Disaster Recovery/Business Continuity Planning: Not Just IT’s JobThe best approach will be to back up the data to disk regularly and archive it to tape every week, every month, or every three months based on the criticality of the data. Disaster Recovery Plan. The best way to prepare for a disaster … [...]
[...] Disaster Recovery/Business Continuity Planning: Not Just IT’s JobThe best approach will be to back up the data to disk regularly and archive it to tape every week, every month, or every three months based on the criticality of the data. Disaster Recovery Plan. The best way to prepare for a disaster … [...]
Disasters also include the entire business building housing all servers, printers and computer equipment burning down - with the total loss of everything except the previous night’s backup tape taken home by the designated employee. What then?
[...] Vas Srinivasan, Disaster Recovery/Business Continuity Planning: Not Just IT’s Job Comment RSS Feed Email a [...]
Very good article, It is essential for any business to have a continuity plan.
All you need to do is set up a failover site, this could be in a hosted data centre, or on one of your other sites. Through replication and failover technology your systems will be mirrored on the other site, so if the building did blow up, or be destroyed! You have a second site to work from until the first site is backup and operational.
Recommended solution for this is the SonaSafe solutions, there are other solutions in the maerket for this but they transfer viruses to the DR site and replicate everything which is not always good.
The reason we decided to go with SonaSoft is because it is very application specific, which mean’t we could be flexible on the data we replicate over to teh standby servers.
Good job with the new email archiving software too SonaSoft, i wouldnt know what to do with out it - no more PST files ahhh!!!!!!
storage area networks…
If your IT department is being squeezed by the downturn in the economy but still needs to add let’s say a storage area network (SAN) then why not do it yourself (DIY)….