The 3 Fundamentals of Disaster Recovery

Fundamentals of Disaster Recovery

Strategy, implementation, and maintenance combine to create a life cycle that can accommodate changes in the environment or infrastructure. Each stage is not independent of the others; they are intricately tied together with each one directly supporting the others.

Strategy

Creating a strategy is the first and most essential stage of disaster recovery. This is where threats and exposures are identified to understand their potential impact on business critical systems. Once potential threats are acknowledged, a simple cost-benefit is performed to determine the most appropriate financial and time investment requirements to protect the essential systems against financial loss caused by the disruptions. With this analysis in hand, it is easier to create a tiered or prioritized list of the systems and generate an effective strategy that is most cost effective.

Always consider:

  • system assets to protect (where and why)
  • “material” threats and risks, and their likelihood
  • costs of Disruption (long and short term)
  • recovery strategy & recovery site alternatives
  • actions required for the implementation of your plan
  • investment budget

Implementation

Once you have a strategy in place, it’s time to build the infrastructure, organization and plan required to support it.

There will likely be some time-consuming evaluation, selection and experimentation with recovery technologies. These may be extensions of your current processor, storage and network infrastructures, or totally new acquisitions. If so, additional time and effort will be required to configure, integrate and document their functionality. Technical verification of all recovery components individually and together should be attempted before finalizing and recording the detailed recovery procedures.

Start with a simple desktop walk-through until you are ready to do a full test (ideally on the weekend or outside operating hours to minimize the risk of disruption). When you are completely confident, perform a live switch over during a scheduled outage for the business, then, ultimately, during the workday to prove the success of the disaster recovery plan. This will help validate that your people and the advance decision-making you have done have actually paid-off.

Always consider:

  • proven recovery services and technologies
  • infrastructure that needs to be built & prepared
  • procedures that need to be put in place
  • organization & people responsibilities
  • approach & scheduling of testing processes
  • verification that needs to be performed

Maintenance

So now you have a solid strategy and a plan that you know works, in place and ready to go if you need it. But how are you going to keep it current?  Day to day workflow and procedures will need to be working to adapt to changes in business priority, systems, technology, or environment. The plan will need to change too (and be tested again) to remain current. An on-going verification processes should be in place to test and reveal problem areas and gaps in the protection.

Always consider:

  • changes to business and IT environment
  • day to day staffing and alterations to workflow
  • implementation of program management and change procedures to keep the plan current
  • on-going verification to be performed and ability to stand-up to external audit

A successful disaster recovery plan requires that the life cycle of strategy, implementation and maintenance be routinely revisited in the wake of any changes to systems or new exposures. It’s a work in motion, always evolving.

Steve Tower

With many years of professional IT experience, and training as a Certified Management Consultant, a Project Management Professional, a Professional Engineer and a Member, Business Continuity Institute, Steve Tower has the skills and abilities required to assist with even the most complex disaster recovery planning initiatives. Below, Steve discusses the necessary tools involved in setting up a disaster recovery plan and program.