Disaster Recovery – Vital For Business Continuity Planning
Disaster Recovery (DR) is a procedure or a process to resume business after an unexpected disruptive event. The disruptive event can be a natural catastrophe, terrorist attack, mechanical errors, human driven errors or due to computer malware. Disaster recovery is a division of business continuity planning.
In order to achieve Business Continuity, a plan is devised with a comprehensive approach by an organization to ensure that important business functions will be accessible to customers, suppliers, regulators and other entities during a disaster. The essential business continuity functions may include maintaining consistency in service, help desk and other project management related functions such as recoverability.
The concept of disaster recovery was developed from 1970s when most of the enterprise managers factually discovered the dependency of their organizations on computer systems. As a result, the concept of providing backup computer centers by Sun Information Systems was started.
As the awareness for IT disaster recovery grew in between the years 1980s to 1990s, the disaster recovery industry started to grow rapidly, as many organizations started to understand the benefits offered by this technology. Moreover, government laws were issued to mandate disaster recovery and business continuity plans for organizations in different sectors of the economy.
As Internet growth took place in late 90s and perpetuated into 2000s, this made organizations become further dependent on continuous availability of IT systems for their mission critical application needs. This increased the dependency on IT systems and also increased the awareness about large scale disasters and thus contributed for further growth of vendors providing DR solutions ranging from high availability solutions to hot-site facilities.
Categorization of Disaster
Disasters are of two types, as the first category is when a natural disaster take place like floods, earthquake….and the second category is when a disaster is man made disaster. Preventing occurrence of natural disasters is almost impossible, but measures such as good planning to reduce or avoid losses can be taken up to overcome it. The man made disasters which can be caused by infrastructure failure, hazardous material spills or cyber-war by terrorists. To prevent this situation, surveillance along with mitigation planning will be the best tools to avoid or reduce the losses to the business.
Significance of Disaster Recovery Planning
Every enterprise treats its IT infrastructure as critical and wants its business functions to be consistently functional and be highly available with the presence of a rapid disaster recovery plan. For this reason, preparation for business continuation has to be taken seriously. It involves monetary investments and time and is an arrangement to ensure minimal loss during disaster driven disruption.
Strategies employed for Disaster Recovery Planning
During a Disaster Recovery planning, Recovery Point Objective (RPO) and Recovery time objective (RTO) should be taken into consideration. A recovery point objective (RPO) is defined as a maximum acceptable period for data loss from an IT service due to a disaster. While a recovery time objective (RTO) is the duration of time and a service level within which the IT service pertaining to a business service restoration.
Some of the common strategies employed for data protection are tape backups taken at regular intervals, disk backups taken automatically, replication of data to an off-site location, cloud based backup, use of high availability systems which keep the data and system replicated off-site and other such strategies which paves way for availability of data even after disaster.
In addition to prepare for a disaster with a business continuity plan, an enterprise needs to implement precautionary measures like local mirroring of systems or data with RAID technology, use of uninterruptible power supply sources, use of power surge protectors, by planning for fire prevention/mitigation systems such as fire alarms and fire extinguishers and finally planning for security measures like using an antivirus software.