Best Practices in Disaster Recovery and Business Continuity

Best Practices in Disaster Recovery

Hope for the best, prepare for the worst, and expect to be surprised. While that bit of proverbial wisdom certainly isn’t new, it seems almost tailor made for anyone dealing with disaster recovery (DR) in the modern world of business IT.

Ensuring business continuity in the face of a natural or man-made disaster may seem like a daunting task. Luckily, today’s cloud-based computing platforms are particularly well suited to meet the DR needs of most businesses. However, the versatile, decentralized nature of the cloud is wasted in the absence of a proper, well tested DR plan and the ability to adapt to changing, often unforeseen circumstances. So in the following article, we’ll take a look at some best practices for utilizing the cloud to develop your own DR plan in order to help maintain business continuity during a disaster.

1. Understand The Difference Between Backups And DR

When it comes to disaster recovery, having current backups of your company’s data is essential. But it’s important to understand that simply scheduling regular backups is not enough. It’s merely one component of a much larger process. After all, what good is backup data if you have no means to access it when it’s urgently needed? It’s like having an empty fire extinguisher or a parachute with no ripcord.

If and when a disaster strikes, you need a well-tested process in place to quickly retrieve and restore your company’s backup data. Otherwise, you might as well not make backups at all.

2. Identify Critical Data And Utilize Cross-Regional Backups

As mentioned above, regular backups are a crucial component of any disaster recovery plan. But as with most things in the IT world, there are always trade-offs between time and money (more on this later). That’s why it is extremely important to identify mission-critical data and applications when crafting a backup strategy as part of your larger DR plan, and choosing how your data will be stored (snapshots, machine images, etc.). This option varies depending on what service you are using (AWS, Azure, etc.), so some research will be required to figure out the best fit for your business.

While choosing what data to prioritize and how it will be stored is critical, choosing where this data is to be stored is equally important. Storing your backups in close geographic proximity to your primary production environment defeats the entire purpose since there’s a chance a large-scale disaster would knock everything offline, leaving you with zero options. To better protect your data, it’s essential to utilize the global reach of cloud computing. Larger providers such as Amazon Web Services (AWS) and Microsoft Azure offer storage in various geographic regions around the world, so make sure your backups are being kept well out of harm’s way.

3. Determine Your RTO & RPO

Speaking of time vs. money, it’s also of critical importance to determine your company’s recovery time objective (RTO) as well as its recovery point objective (RPO). Your RTO is the maximum length of time the disaster recovery process can take without inflicting unacceptable monetary losses on your bottom line. In other words, ask yourself how long your company can be offline before it starts hemorrhaging unacceptable amounts of cash.

On the other hand, your RPO is the maximum amount of data loss you are willing to accept as measured in time. The answer to this question determines how often you are willing to pay for backups. For example, if the idea of losing five hours of data due to a disaster gives you a panic attack, you need an RPO of less than five hours (perhaps much less). But if losing five hours worth of data isn’t the end of the world, an RPO of five hours or more might be a good fit. At the end of the day, it’s up to you to run the numbers and see what makes the most sense for your organization.

4. Choose A Specific Disaster Recovery Method And Test For Weaknesses

Now that you’ve determined the specific DR needs of your company, it’s time to decide which specific DR recovery method makes the most sense. While there are many options depending on your preference for saving time or money, here are some of the most common methods listed from slowest/cheapest to fastest/most expensive:

  • Backup and Restore: a simple, straightforward, cost-effective method that backs up and restores data as needed. Keep in mind that because none of your data is on standby, this method, while cheap, can be quite time consuming.
  • Pilot Light: This method keeps critical applications and data at the ready so that it can be quickly retrieved if needed.
  • Warm Standby: This method keeps a duplicate version of your business’ core elements running on standby at all times, which makes for little downtime and an almost seamless transition.
  • Multi-Site Solution: Also known as a Hot Standby, this method fully replicates your company’s data/applications between two or more active locations and splits your traffic/usage between them. If a disaster strikes, everything is simply rerouted to the unaffected area, which means you’ll suffer almost zero downtime. However, by running two separate environments simultaneously, you will obviously incur much higher costs.

In the end, even the best DR plans may run into trouble when faced with the unforeseen problems of the real-world. So once you’ve settled on a disaster recovery method and have everything up and running, it’s extremely important to test its effectiveness. Fortunately, the fact that cloud platforms allow users to create duplicate production environments means testing your DR plan against various scenarios has never been easier. The more you test and retest your DR plan, the better prepared you’ll be in the event of an actual crisis. Remember, an ounce of prevention is worth a pound of cure.

5. Consider The Potential Benefits Of Disaster Recovery As A Service

While disaster recovery is often handled in house, more and more businesses are turning to third parties to implement and maintain their DR plans. Just as insurance policies allow businesses to mitigate the risk of property damage and financial loss, treating disaster recovery as a service (DRaaS) allows companies to focus on core issues while at the same time having the peace of mind of knowing their data is safe. So it’s no surprise that surveys have shown IT professionals who utilize DRaaS are significantly more confident about their company’s DR plans than those who do not. And while utilizing a third-party vendor for DRaaS might not make sense for all businesses, it’s certainly an option worth exploring.

By David Gildea

Data Fallout.png
Twitbook.png
Data Bed.png
It’s Magic
James Corbishly
Teams Sprawl in the Remote Workspace As working from home has become the new everyday norm, with more employers embracing the remote-work model as a new and likely permanent fixture of the employment world, there ...
MIT
Smart Manufacturing Startups AI and machine learning's potential to drive greater visibility, control, and insight across shop floors while monitoring machines and processes in real-time continue to attract venture capital. $62 billion is now invested ...
Threat Security
Azure Red Hat OpenShift: What You Should Know What Is Azure Red Hat OpenShift? Red Hat OpenShift provides a Kubernetes platform for enterprises. Azure Red Hat OpenShift permits you to deploy fully-managed OpenShift clusters in ...
Tiago Ramalho
More equitable future for food distribution with AI At best, only 70% of food gets used in the United States. The rest goes to waste. Although devastating, the good news is this massive waste of ...
Rakesh Soni
5 Common Myths About Cloud Computing Cloud computing has offered new horizons to businesses embarking on a digital transformation journey. However, no matter how appealing, it’s also a reason to worry. With cloud computing, businesses ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.