Each year, billions of dollars are invested industry-wide on IT Disaster Recovery (DR) as part of Business Continuity (BC) planning. Even with large monetary and time investments, well-created and tested DR plans remain one of the primary challenges facing businesses.
Surveys with companies reveal that only about 50-60% of enterprises have disaster recovery plans. Even worse, those plans only cover a few applications. Very often, these plans are neither maintained to reflect continually changing infrastructure nor are they tested. Yet application downtime lasting more than 2-4 hours translates into lost revenue, decreased employee productivity and potential damage to the corporate brand.
There are several best practices for implementing a successful DR/BC strategy:
- Plan for Success / Begin with Risk Analysis – The first step in DR planning should be Risk Analysis. Risks run across the spectrum; whether by a natural disaster, power outage, hardware or human failure, analyzing risk is the initial priority. Assign a likelihood of occurrence to the list of potential risks/disasters. Next, define your plan for mitigating these risks. The third piece of your initial planning will be to set rigorous standards for recovery service levels that are cost efficient. Risks, Mitigation Strategy, and Procedures must be well documented, detailed and up-to-date.
- Virtualization / Cloud – While Virtualization or Cloud usage is not required to have a robust DR plan, both the Cloud and Virtualization simplify it by providing well-rounded, reliable and secure platforms. Both these should be used to isolate applications and operating systems from their underlying hardware. This significantly reduces the complexity of implementing and testing your DR/BC plan. Virtualization provides the ability to port applications from one location to another, while the Cloud “pay-as-you-go” model gives an affordable offsite option in which you do not need to build a second data center or rent expensive co-location space.
- Automation – The backup and recovery process will decrease in reliability the more that human intervention is required. Automation significantly reduces the need for human intervention and potential errors. It also enables the continual changes in the primary data center to be mirrored to the backup location (whether this be a second data center, co-location space or in the Cloud)
- Cost Efficiency – Many DR/BC plans contain drastically overbuilt architecture with premium solutions applied across the board. This creates sticker-shock, impacts the architecture of both primary and secondary sites and may lead to a pass on necessary funding. Maintain cost-efficiency by classifying the necessary protection for both primary and secondary sites separately. Your secondary site does not need to be an identical replica of the primary location. To help control cost, the secondary site should have the correct levels of protection to allow your business to continue functioning at agreed-upon levels in the case of a disaster.
- Test-Often!! – Not only should you have a robust plan for a broad range of potential failures, but you also need to TEST your plan – OFTEN! Analysts report that many organizations never test their DR/BC plans, or test them so infrequently that they are ineffective or obsolete. With the frequency of changes to infrastructure and data, testing should be done at least once a quarter. The more frequent you test, the higher the probability of a successful recovery.
Get to the point where you have the confidence to say that you have a comprehensive Disaster Recovery Plan as part of your Business Continuity Process. Let everyone know that risks are mitigated and that your Business Continuity process is built on a strong foundation. Whatever the needs of the company are, or the technology of choice, Disaster Recovery, and Business Continuity planning must become part of the day-to-day activities in running your business.