Disaster recovery
From Wikipedia, the free encyclopedia
- This article is about business disaster recovery. For societal disaster recovery, see emergency management.
- For other uses, see DRP (disambiguation).
A Disaster recovery plan covers the data, hardware and software critical for a business to restart operations in the event of a natural or human-caused disaster. It should also include plans for coping with the unexpected or sudden loss of key personnel, although this is not covered in this article, the focus of which is data protection.
Contents |
[edit] Business
With the rise in information technology and the reliance on business-critical data, the landscape has changed in recent years in favor of protecting irreplaceable data. This is especially evident in information technology, with most large computer systems backing up digital information to limit data loss and to aid data recovery.
It is believed that some companies spend up to 25% of their budget on disaster recovery plans; however, this is to avoid bigger losses. Of companies that had a major loss of computerized records, 43% never reopen, 51% close within two years, and only 6% will survive long-term. (Cummings, Haag & McCubbrey 2005.)
The current data protection market is characterized by several factors:
- Rapidly changing customer needs that are driven by data growth, regulatory issues and the growing importance to access data quickly by retaining it online.
- An ever-shrinking time frame for backing up data, which is burdening conventional tape backup technologies.
As the disaster recovery market continues to undergo significant structural changes, the shift presents opportunities for next-generation startup companies that specialize in business continuity planning and offsite data protection such as Iron Mountain, Recall, Switch Communications, Symagio, NetMass, SunGard Availability Services, CyGem and others...
[edit] Reasons for Disaster Recovery Plans
There are many different risks that can negatively impact the normal operations of an organization. A risk assessment should be performed to figure out what constitutes a disaster and which risks a specific company is susceptible to, including:
- Natural disasters
- Fire
- Power failure
- Terrorist attacks
- Organized or deliberate disruptions
- System and/or equipment failures
- Human error
- Computer viruses
- Legal issues
- Worker strikes
[edit] Preventions Against Disasters
- Backups sent off-site, weekly; therefore at worst no more than one week's worth of data would be lost.
- Includes software as well as all data information, to facilitate recovery
- Use a Remote backup facility if possible to minimize data loss
- Storage Area Networks (SANs) over multiple sites are a recent development (since 2003) which make data immediately available without the need to recover or synchronise it
- Surge Protectors - to minimize the effect of power surges on delicate electronic equipment
- Uninterruptible Power Supply (UPS)
- Fire Preventions - more alarms, accessible extinguishers
- Anti-virus software
- Insurance on hardware
[edit] The Plan
A good plan takes into account many different factors. The most important are:
- Telephone Tree - to notify all key personnel of the problem and assign them tasks focused toward the recovery plan.
- Recall backups - If backup tapes are taken offsite, these need to be recalled. If using remote backup services, a network connection to the remote backup location (or the Internet) will be required.
- Customers - notifying clients about the problem minimizes panic.
- Facilities - having backup hot sites or cold sites for larger companies. Mobile recovery facilities are also available from many suppliers.
- Knowledge Workers - during a disaster, employees are required to work longer, more stressful hours, and a support system should be in place to alleviate some of the stress.
- Business Information - backups should be stored in a completely separate location from the company (Cummings, Haag & McCubbrey 2005.). Security and reliability of that data is key.
[edit] Business Continuity Planning
There are several software packages available to make the process of generating a disaster recovery plan easier. An example of this is "BCP Generator", an American software program which is based around MS Word and includes a template and guidelines which guide the managers through creating and implementing a disaster relief program.
[edit] Disaster Recovery Process
- Buy new equipment (hardware) or repair or remove viruses, etc.
- Call software provider and reinstall software
- Retrieve offsite storage discs
- Reinstall all data from back-up source
- Re-enter data from the previous week
[edit] Related Information
[edit] Technology
- Virtual Tape Library
- Synchronous & asynchronous replication over distance
- Replication storage technology
- Virtual PBX/hosted phone service
- Remote backup services
- Continuous data protector
[edit] Terminology
- Recovery Point Objective (RPO) is the point in time that the restarted infrastructure will begin to become evident. Basically, RPO is the rollback that will occur as a result of the recovery. To reduce a RPO it is necessary to increase the synchronicity of data replication.
- Recovery Time Objective (RTO) is the time that will pass before an infrastructure is available. In order to reduce the RTO, it is required for data to be online and available at another site.
- When a critical data loss occurs, without a preventive disaster recovery plan, the only option is to salvage the data.
[edit] External links and Citations
- Cummings, E., Haag, S., & McCubbrey D. (2005). Management Information Systems for the Information Age. McGraw-Hill Ryerson Higher Education
- Disaster Recovery World
- Disaster (Business Week) (registered only)
- The Disaster Recovery Guide
