When we talk about business continuity and disaster recovery we should probably begin with some definitions as to exactly what do those terms mean. Business continuity plan from an IT perspective really is an organization’s ability to keep vital business operations or processes running at or near normal capacities in the event of infrastructure failure. This is similar to but stands in stark contrast to disaster recovery.
Business continuity can be described as the interruption of service but not a wholesale disaster and disaster recovery really is dealing with some of those larger catastrophic failures. There are Common mistakes that people make when evaluating or developing a business continuity plan. Let’s review some of those:
Focusing on Technology First and Business Process Priorities Second
One of the common mistakes that people make when they begin to develop a business continuity plan is focusing on the technology first and the business processes second. If we go back to the definition of business continuity, we really want to do is keep those business processes up and running at or near full capacity.
In order to really develop an effective BCDR (Business Continuity and Disaster Recovery) plan, we need to make sure that we go out and walk amongst the business units, find out what are the priorities, find out what processes absolutely must survive at all cost. Which can go down for short period of time and what processes can go down for hours perhaps in some cases even days.
The main thing and the mistake you would want to avoid is to think about the BCDR from the confines of the server room and not get out amongst all the various stakeholders. This could be your employees, they could be customers and it could be people who interface with various aspects of your technology both internally and externally.
That is who you really need to speak with and that is where you start to build the plan, because in the end hardware and appliance solutions must effectively support business processes otherwise they just don’t make sense economically and they won’t make sense where it really comes time to when you need them.
Focusing on the Wrong Causes of Business Continuity & Disaster Recovery
When the Strategic Research Corporation started analyzing the leading causes of BCDR incidents, they found that 44% are caused by hardware failures. Things such as servers, disk drives, switches and other core infrastructure type components. 32%, that’s right, 32% are caused by human error.
It has nothing to do with the technology but the operators, the people using the equipment. A lot of times it’s a mistake in the configuration setting or issuing the wrong command on a production system. It happens more frequently (as you might expect) right after new hardware or new systems have been installed.
Next on the list are software and firmware errors. These failures often relate to operating system errors, things like driver incompatibilities and the introduction of new applications to servers.
The last on the list, just 3%, have been found to be caused by natural disasters. Typically, when you speak to someone about BCDR what flashes through the mind or what undoubtedly comes up in conversation is the risk management perspective of the disaster recovery peace. Yet as we mentioned only 3%, just three percent evolved BCDR incidents come from natural disasters. From this big cataclysmic events which people like to talk about. But, the fact of the matter is that 70 – 90 percent of all system outages are due to planned downtime.
What do you Need to Look at when developing a Business Continuity & Disaster Recovery plan?
When you look at developing a Business Continuity & Disaster Recovery plan you really need to turn things upside down and look at the fact that how are you going to deal with the 70 – 90 percent of the planned outages, and how you are going to deal with the 7 – 25 percent that come from unplanned downtime. How are you going to prevent that.
Finally of course it’s important you want to plan for the natural disaster, but you really need to look at your systems and how are you going to maintain uptime day-in and day-out. That’s an absolute must that you look at that and have that as part of your plan.