Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Disaster recovery planning pays off
COLLABORATION

Disaster recovery planning pays off 

As a result of this disaster, businesses should be asking what they can do to protect themselves and how to continue operating in the wake of a catastrophe. Calamities, be they manmade or natural, can put a company out of commission for days, if not longer. During that time, a firm loses not only profits but suffers harm to its reputation as well, which might not have monetary value, although it can cause a great deal of damage. Disaster recovery planning is a business’ best tool to resume operations quickly and cost-effectively after an emergency situation.

The First Step: Create a Plan

In order to protect themselves, businesses need a disaster recovery plan. Critical business units, including the IT department, must be stakeholders in this process. 

Steve Rogers, senior recovery and continuity advisor, KingsBridge Disaster Recovery, explained the process of creating a disaster recovery plan. “Our primary step in assessing how to put together a plan is to determine threats to a business,” he said. Advisors assess all possible likely risks based on their clients’ geographic location and other factors. For example, firms located in Toronto will probably see a great deal of snow in the winter. The city is well equipped and experienced in dealing with this type of weather, so it will probably not cause businesses too many problems.{mospagebreak}Next, advisors evaluate a company’s key business processes. They analyze the impact on these operations if calamity strikes. “We ask, ‘what do you need to do right away in the event of a disaster? What do you need to do your job?” Rogers remarked. Part of this analysis involves meeting with the IT department to determine how quickly it can be operational after a tragedy. 

The other component of creating a disaster recovery plan is discovering the business’ single point of failure. This single point is what will cause the entire company to collapse during a disaster, Rogers noted. For many businesses, their single point might be their servers. Rogers urged firms to back up that single point of failure or find a way to eliminate the risk entirely. 

After the disaster recovery consultant has completed an assessment of the client, he or she will begin creating a plan to protect the company during an emergency. The arrangements will specify what components need to be backed up, and what steps must be taken within the first day, the first 48 hours, the first 72 hours, and the first week following a catastrophe. Rogers recommended appointing experienced employees to lead teams of key business units during such an event. Decision makers should also select a reliable second-in-command, in case the team leader is unavailable.

Peter Gladwish, business continuity and resiliency services executive, IBM, pointed out that the disaster recovery plan should include arrangements for alternate locations if employees cannot come to the office. Some disaster recovery consultancies offer a short term leasing service that allows their clients to operate their businesses from another property if theirs is inaccessible. A disaster recovery plan should also stipulate which employees should be on-site or at an alternate location, and which can work from home or remotely.{mospagebreak}Disaster Recovery and the Cloud 

Cloud computing technology has come to play a significant role in disaster recovery planning for businesses. The cloud allows firms to store important information remotely. It can also be less expensive for companies to store data on the cloud, because they do not have to pay to maintain a server and the associated staffing costs. 

Gladwish urged firms to move away from traditional back-up methods like tapes and shift towards the cloud. “A disaster recovery plan needs to be cloud oriented,” he said. If a company is still backing up its information on tapes, it runs the risk that those tapes could be lost or destroyed in the event of a disaster. 

Cloud storage represents a very good solution for businesses. However, it is not perfect. Joe Topjian, systems architect at Calgary-based Cybera, a non-profit technology accelerator, noted that firms choose their cloud service providers carefully. “Don’t put all of your eggs in one basket,” he commented. “Don’t rely on one company for cloud hosting. Deploy multiple servers in multiple data centres. Make sure your cloud service provider has more than one location, and make sure the storage is replicated to multiple data centres automatically.” Topjian added that businesses can be absolutely certain information has been backed up by replicating it themselves to multiple data centres.{mospagebreak}Disaster Recovery Planning: DIY or Outsource? 

The thought of developing a disaster recovery plan might sound overwhelming, especially for small businesses with limited resources. These companies might be tempted to bring disaster recovery planning in-house, instead of relying on an outside consultant. The analyst firm Forrester cautions against that approach, though. 

Forrester’s January 2013 report outlines the risks of do-it-yourself disaster recovery planning. Analysts surveyed companies that had decided to bring disaster recovery planning in-house, and they found that more than half of respondents felt this area lacked focus relative to other projects. Forty eight percent of those surveyed commented they did not test their IT infrastructure frequently enough to determine whether it would function during a disaster, and the majority of those who responded were dissatisfied with the outcome of those tests. Although companies might believe they can create their own disaster recovery plan for less cost than a consultant firm, they might lack the expertise and the resources to do so effectively, which will only hurt them in the event of an emergency. 

Gladwish counseled businesses to consider the true cost of disaster recovery planning. He noted that this should include reputational damage if a firm cannot become operational quickly after a catastrophe. A company’s chief financial officer would be able to provide figures to illustrate the negative effect of poor disaster recovery planning. 

The IBM executive also offered advice on what to look for in a disaster recovery consultant firm. “There are three main things you want to look for,” he said. Experience is an important factor in choosing a consultant, Gladwish explained. Businesses must also pay attention to the methodologies a disaster recovery consultant uses, and whether they are up to industry standards. The third thing to look for is the consultant’s reputation, Gladwish remarked. It might require a little digging on a business’ part to find out about a consultant, but it will be well worth it if a potential client discovers the firm cannot deliver what it promises. 

Related posts