While many organizations have a tendency to focus on the most complex aspects of disaster recovery, the fact of the matter is that disaster recovery starts with the basics, and ends with them. You can get into all the complexities that you want, but if you don't understand the basics, your disaster recovery plans will be severely flawed.
In a day and age where natural disasters and acts of terrorism are almost an annual occurrence, it has become critical for organizations to carefully consider their disaster planning strategies. If your enterprise is like most today, you are dependent on data which is stored on computers.
If the data that is stored on your computers isn't secure, you're putting your organization at great risk. If a disaster strikes, and your company is directly in the center of it, the recovery plans that you've developed can mean the difference between the survival and the extinction of your enterprise. While the measures that one company takes may differ from another, there are a number of rules and guidelines that you will want to follow when it comes to the establishment of disaster recovery plans.
Disaster Recovery Survival
Rule 1: The very first rule of disaster recovery is to locate the processes and areas of your enterprise which are the most vulnerable. This includes the software, hardware, the departments that handle them, and the networks which are connected to them. Your disaster recovery plan should include a method of quickly restoring these vulnerable areas in the event of a disaster.
Rule 2: The second rule of disaster recovery is to maintain a complete duplicate of data which you deem to be critically important. This data includes the OS that your applications run on, the applications that are the most important, and the data itself. There are a number of federal guidelines that have been established for disaster recovery, and you should familiarize yourself with them.
Rule 3: The third rule of disaster recovery is to always have instant access to carbon copies of hardware that are necessary for running the data duplicates you have. Having the best back up tools in the world means nothing if you don't have hardware which is capable of running it. When it comes to disaster recovery, speed is everything. The longer it takes you to recover, the more likely it is that you won't recover, or you will lose a great by the time you finally do.
Rule 4: The fourth rule of disaster recovery is to create a list of clear procedures to follow for recovering the digital duplicates via the hardware. The documentation that you produce for this should not be stored on-site. You won't be able to depend on your IT staff to be available once the adverse event occurs. The fourth rule of disaster recovery, and one of the most important, is to test your recovery plans on a regular basis. You should create a consistent schedule for when the tests will be conducted, and you must always be on schedule. The longer you go without conducting the tests, the greater the chances that your recovery plans will fail in the face of a disaster.
Rule 5: The fifth rule of disaster recovery is to make a large separation between the locations for daily operations and those for digital duplicates. Because of the intensity of some disasters, it may not be efficient to keep the digital duplicates in the same city where the daily operations are carried out.
Rule 6: The sixth rule of disaster recovery is to quickly respond to risk conditions which are high. For example, if you receive notice that a hurricane is heading toward your city, this should be a warning that you need to start taking precautions in order to protect your business.
Communication is very important, and during a disaster, the normal lines of communication may be cut. Therefore, it is critical that organizations have secondary lines of communication. Dependent on the location of your company, secondary lines of communication may be difficult to come by. The best remedy for this situation is to carefully study your area in advance to determine what alternate forms of communication and data transmission can be utilized. If it is necessary, and you have the resources for it, you may want to consider satellite up-links, though these are highly expensive.
It will be necessary for you to store your duplicate data at a specific site, and this specific site will need to have very high levels of security. This means you may need to employ guards, extremely powerful firewalls, procedures for lock down, and structures which are resistant to fire, wind, earthquakes, and water. Because black outs can occur during many natural disasters, having your own alternative back up power devices can prove to be extremely important. Electric power generators can be very useful for this purpose.
Here is very good Disaster Recovery: Best Practices white paper discusses an approach for creating a good disaster recovery plan for a business enterprise. The guidelines are generic in nature, hence they can be applied to any business subsystem within the enterprise.
I will be discussing more about Disaster Recovery, Disaster Recovery Planning and how it affects in the next articles.