What your DR plan should protect


This article can also be found in the Premium Editorial Download "Storage magazine: What to do when storage capacity keeps growing."

Download it now to read this article plus other related content.

Classify applications and data. For electronic records, divide your data into a few broad categories such as structured, unstructured and semistructured data. Identify applications that support key business processes or have clear legal and regulatory requirements for retention and protection. For example, production OLTP applications like order entry often need high levels of protection and short timeframes for RPO and RTO. But don't neglect records that can tolerate longer RPO and RTO service levels. They must still be appropriately protected. For example, some scanned document files may serve as backup copies of vital paper records--and the organization will need those copies if a disaster causes the destruction of the paper originals.

Evaluate data importance. Importance is only partly measured by the immediate impact of data loss (or delayed recovery) on the organization's operations, costs and reputation. You should also consider the potential long-term impact of data loss, recognizing that data importance doesn't always decline over time. According to the traditional scenario, file accesses decline over time. Accesses to a document or a customer transaction file may be frequent for the first 30 days, then less frequent for a few months and very rare for anything older than 12 months. But some documents and files, such as contracts and agreements, remain quite valuable for longer periods, and may play a critical role in resolving

Requires Free Membership to View

disputes or preparing for legal action even years after they were first recorded and stored. Even though the RPO and RTO may seem undemanding for historical reference data, you must provide adequate protection and recovery throughout the specified retention periods.

Assess the risk. Now that you know which data sets you need to protect and recover, assess the risks to that data. Consider various failure scenarios, including local server or storage hardware failures, site-wide outages due to fire or flood, and regional disasters such as earthquakes or power grid failures. Assess the potential impact of each scenario on the availability, integrity and confidentiality of each data class. For example, what if the order-entry system shut down for 48 hours? What if the supporting documents for critical financial transactions were lost, making the company unable to pass an audit or satisfy a regulatory examination?

This was first published in June 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: