Disaster recovery

From Wikipedia, the free encyclopedia

This article is about business continuity planning. For societal disaster recovery, see emergency management.
For other uses, see DRP.

Disaster Recovery is the process, policies and procedures of restoring operations critical to the resumption of business, including regaining access to data (records, hardware, software, etc.), communications (incoming, outgoing, toll-free, fax, etc.), workspace, and other business processes after a natural or human-induced disaster.

To increase the opportunity for a successful recovery of valuable records, a well-established and thoroughly tested data recovery plan must be developed. This task requires the cooperation of a well-organized committee led by an experienced chairperson. [1]

A disaster recovery plan (DRP) should also include plans for coping with the unexpected or sudden loss of communications and/or key personnel, although these are not covered in this article, the focus of which is data protection. DRP is part of a larger process known as business continuity planning (BCP).

Introduction

With the rise in information technology and the reliance on business-critical information, the importance of protecting irreplaceable data has become a more visible business priority in recent years. This is especially evident in information technology, with most companies relying on their computer systems as critical infrastructure in their business. As a result, most companies are aware that they need to backup their digital information to limit data loss and to aid data recovery.

Most large companies spend between 2% and 4% of their IT budget on disaster recovery planning; this is intended to avoid larger losses. Of companies that had a major loss of computerized data, 43% never reopen, 51% close within two years, and only 6% will survive long-term.[2]

The current data protection market is characterized by:

Rapidly changing customer needs that are driven by data growth, regulatory issues and the growing importance to access data quickly by retaining it online.
An ever-shrinking time frame for backing up data, which is burdening conventional tape backup technologies and leading to an increase in disk-based backup, data mirroring and high-availability systems.
As the disaster recovery market continues to undergo significant structural changes, the shift presents opportunities for companies that specialize in business continuity planning and offsite data protection such as SunGard Availability Services, IBM BCRS, Recall, Switch Communications, Symagio, NetMass, Cygem and Onyx Group Ltd.

Disaster recovery strategies

Prior to selecting a Disaster Recovery strategy, the DR planner should refer to their organizations business continuity plan which should indicate the key metrics of Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for various business processes (such as the process to run payroll, generate an order, etc). The metrics specified for the business processes must then be mapped to the underlying IT systems and infrastructure that support those processes.

Once the RTO and RPO metrics have been mapped to IT infrastructure, the DR planner can determine the most suitable recovery strategy for each system. An important note here however is that the business ultimately sets the IT budget and therefore the RTO and RPO metrics need to fit with the available budget. While most business unit heads would like zero data loss and zero time loss, the cost associated with that level of protection may make the desired high availability solutions unpractical.

The following is a list of the most common strategies for data protection.

Backups made to tape and sent off-site at regular intervals (preferably daily)
Backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk
Replication of data to an off-site location, which overcomes the need to restore the data (only the systems then need to be restored or synced). This generally makes use of Storage Area Network (SAN) technology
High availability systems which keep both the data and system replicated off-site, enabling continuous access to systems and data
In many cases, an organization may elect to use an outsourced Disaster Recovery provider (such as SunGard Availability Systems or IBM BCRS) to provide a stand-by site and systems rather than using their own remote facilities.

In addition to preparing for the need to recover systems, organizations must also implement precautionary measures with an objective of preventing a disaster situation in the first place. These may include some of the following:

- Local mirrors of systems and/or data and use of disk protection technology such as RAID
- Surge Protectors, to minimize the effect of power surges on delicate electronic equipment
- Uninterruptible Power Supply (UPS) and/or Backup Generator to keep systems going in the event of a power failure
- Fire Preventions — more alarms, accessible fire extinguishers
- Anti-virus software and other security measures