Some of the information in this } has and might not be reliable. It should be checked for inaccuracies and modified as needed, ''''''.
is the process of regaining access to the data, hardware and software necessary to resume critical business operations after a Natural or Human-induced Disaster . A disaster recovery plan (DRP) should also include plans for coping with the unexpected or sudden loss of key personnel, although this is not covered in this article, the focus of which is data protection. DRP is part of a larger process known as Business Continuity Planning (BCP).
With the rise in information technology and the reliance on business-critical data, the landscape has changed in recent years in favor of protecting irreplaceable data. This is especially evident in Information Technology , with most large computer systems backing up digital information to limit data loss and to aid Data Recovery .
It is believed that some of the companies spend up to 25% of their budgets on disaster recovery planning; this is intended to avoid larger losses. Of companies that had a major loss of computerized records, 43% never reopen, 51% close within two years, and only 6% will survive long-term.Jim Hoffer, "Backing Up Business - Industry Trend or Event", Health Management Technology, Jan 2001 {Link without Title}
The current data protection market is characterized by:
- Rapidly changing customer needs that are driven by data growth, regulatory issues and the growing importance to access data quickly by retaining it online.
- An ever-shrinking time frame for backing up data, which is burdening conventional tape Backup technologies.
As the disaster recovery market continues to undergo significant structural changes, the shift presents opportunities for next-generation startup companies that specialize in Business Continuity Planning and Offsite Data Protection such as Recall, Switch Communications, Symagio, NetMass, SunGard Availability Services,Cygem and Onyx Group Ltd.
See Also: Data loss
There are many different risks that can negatively impact the normal operations of an organization. A Risk Assessment should be performed to determine what constitutes a disaster and which risks a specific company is most susceptible to, including:
- Backups sent off-site in regular intervals
- --- Includes software as well as all data information, to facilitate recovery
- Create an insurance copy on Microfilm or similar and store the records off-site.
- --- Use a Remote Backup facility if possible to minimize data loss
- Storage Area Networks (SANs) over multiple sites are a recent development (since 2003) which make data immediately available without the need to recover or synchronize it
- Surge Protectors — to minimize the effect of power surges on delicate electronic equipment
- Uninterruptible Power Supply (UPS) and/or Backup Generator
- Fire Preventions — more alarms, accessible extinguishers
- Anti-virus software and other Security Measures
Disaster recovery planning falls into the realm of Business Continuity Planning , as well as Risk Management . The planning process consists of the following steps:
- Assess business impact and risk. This should include an assessment of the business unit's function and, preferably, a business impact analysis (BIA). The purpose of the assessment is to determine the business unit's relative contribution to the larger organization (monetary and functional).
- Develop a Disaster Recovery framework. Data should be categorized by importance. Two measures of importance are used, RTO and RPO. Recovery Time Objective (RTO) is the acceptable amount of time between the disaster and the post-disaster resumption of function (how long can we wait to restore data?). Recovery Point Objective (RPO) is the acceptable data roll-back (how current does the data have to be?).
- Develop a recovery strategy and then a written Disaster Recovery Plan. That written plan should address at a minimum: response, recovery, and resumption of services detailed tasks.
- Adjust information systems to make Disaster Recovery easier. This includes consolidating servers and data, perhaps with a Storage Area Network or other archival storage method.
A good plan takes into account many different factors. The most important are:
- Communication
- --- Personnel — notify all key personnel of the problem and assign them tasks focused toward the recovery plan.
- --- Customers — notifying clients about the problem minimizes panic.
- Recall backups — If backup tapes are taken offsite, these need to be recalled. If using remote backup services, a network connection to the remote backup location (or the Internet) will be required.
- Facilities — having backup hot sites or cold sites for larger companies. Mobile recovery facilities are also available from many suppliers.
- Prepare your employees — during a disaster, employees are required to work longer, more stressful hours, and a support system should be in place to alleviate some of the stress. Prepare them ahead of time to ensure that work runs smoothly.
- Business information — backups should be stored in a completely separate location from the company
- Testing the plan — provisions, directions, frequency for testing the plan should be stipulated.
|
