MENU

Overcoming Business Continuity incidents – do a bit at a time, but do it now

March 11, 2010 • Opinion

Rajen Naicker, Overland Product Specialist at DCC

Companies should look more carefully at multiple recovery options. This is why a Business continuity (BC) or Disaster Recovery (DR) plan is a must, says Rajen Naicker, Overland Product Specialist at Drive Control Corporation (DCC).

We have all heard of “perfect storm” scenarios where a series of events lead to seemingly inconceivable disasters. The truth is most Business Continuity (BC) or Disaster Recovery (DR) incidents are not full blown natural disasters – hardware failure, human error, software errors and viruses all play a rather large role.

Getting started is easier than you think and an incremental approach to building a comprehensive plan will do just fine say experts at Overland Storage.

Given today’s 24/7 Web-based business world, excuses like ‘we’re too small for a BC plan’, ‘it won’t happen to us’, or ‘we don’t have the budget’, need to be re-thought. According to researchers, the primary causes of BC incidents are: hardware failure – 44%, human error – 32%, software and firmware errors – 14%, virus/security breach – 7% and natural disaster – 3%.

Today, just having the previous day’s business transactions backed up is not enough, multiple varieties of recovery are becoming necessary. A little planning and preparation can go a long way in making a BC plan successful. The best way to proceed is to break the problem down into smaller pieces so they can be more easily managed.

Overland’s three ‘Rs’ and six steps to building a DC plan will help asses your needs and put a plan into action.

The three ‘Rs”

RTO (Recovery Time Objective) defines how fast you need to find, access and retrieve required information. This will help determine the type of storage used for the backup solution: disk, tape or both. For RTOs of four hours or less, disk is required.

RPO (Recovery Point Objective) defines the point-in-time (PIT) that needs to be recovered. RPO is a measure of the tolerance for data loss, in other words, how many transactions or hours of work the company can tolerate losing. This solution requires disk-to-disk backup and is vital for protecting against virus and other data corruption issues.

RGO (Recovery Granularity Objective) defines how granular recovery needs to be: file level, block level or at a transaction level. At a file level, solutions like VTL are ideal and fast. For block level recovery, snapshots are the fastest and easiest. At a transaction level, CDP (Continuous Data Protection) is required to log each individual change.

Integrated, customized and cost effective storage and recovery solutions are available to suit any sized organization. The real challenge is in putting a DC plan together and actioning it, however.

Six steps to building a DC plan

Step 1: Define and Assess
What are the priorities of your organisation? Typically, the top items for small business are: first, keep revenue flowing; second, keep communications up (email/phones); third, keep customers engaged and happy (web site/service/shipping); and fourth, track the transactions (billing/accounting). Once you have defined what needs to be done (key applications and services), and how long you have to do it, (your Service Level Agreement), then the process becomes more manageable, budget friendly and executable.

Step 2: Research and Recruit
Now that you know what needs to be protected and the SLAs required, talk to your internal sponsors, suppliers and partners to find out what tools and options are available, then build a set of key data (equipment, services, budget) to help get ready for designing a solution.

Step 3: Design
Hit the whiteboard and map things out! Then bring in technical resources and business partners to test the impact and implications of the proposed plan.

Step 4: Implement
Now that you have a plan, process and budget, get the equipment and start implementing the BC/DR changes. Take a phased approach that reduces impact on production systems and addresses risk – and ensure it is supported by your business champions as well as the IT team.

Step 5: Validate
Once you have the first four steps implemented, validate your BC/DR plan. Systematically assess the impact of failure of hardware or the applications running on these devices and workshop the solution. This way, you clearly understand how failure affects users, the business and customers.

Step 6: Maintain
Make sure you have the tools and software in place to monitor the equipment and networks you need available for your BC and DR plans. Ensure that you have budgeted for on-site spares or the proper service contracts.

What BC shape are you in?

Here’s a short test should help you make a quick appraisal of your readiness for events that impact your business continuity.

Grade your company and/or IT department on a scale of 1-5 for each question:
5 = We have this nailed
4 = We have most of it
3 = Needs some work
2 = We are behind
1 = We have nothing

Do you have agreed-upon SLAs for all systems that drive revenue, operations and communications for your company?

Have you tested these plans in the last 6 months to make sure they work?

Do your business leaders know what are in the SLAs and what to expect in the
event of a failure?

Do you have on-site spares for key hardware components?

Do you have a Recovery Time Objective (RTO) for your storage systems?

Do you have a Recovery Point Objective (RPO) for your storage system?

Do you have a Recovery Granularity Objective (RGO) for your storage system?

Do you have a Recovery Distance Objective (RDO) for your business?

If you were gone could the team function with out you to recovery from a BC
event?

Do you have backup off-site incase of disaster? And have you tried a recovery to make sure it works?

Did this survey cause you to worry? Be honest.

How Did You/Your Company Do?
. 40-50 Outstanding, become a BC consultant!
. 30-39 You have most of your bases covered
. 20-29 You and your business are at risk
. 10-19 Time to raise the red flag
. Under 10 Time to work on the resume

Related Posts



One Response to Overcoming Business Continuity incidents – do a bit at a time, but do it now

  1. [...] Overcoming Business Continuity incidents – do a bit at a time, but do it now [...]

« »