Even if things are running smoothly in your data center, it's likely that you might be wondering what would happen in the event of a real-life disaster to your organization. In other words, if the lights go out, will there really be anyone home?
This tip is the first of a series that analyzes not only disaster recovery technologies, but also an emerging era of convergence between two, often-disconnected disciplines: Business Continuity Planning (BCP) and IT Disaster Recovery (DR).
With ever-increasing complexities in today's data centers, today's businesses need to make this important paradigm shift in how they view and incorporate IT disaster recovery efforts within their company's overall efforts toward business continuity planning.
To help set the stage for this analysis, take a look at the following, top-ten list of essential BC elements required for today's IT infrastructure. We'll discuss each of these elements in more detail in upcoming tips.
Top ten elements in a business continuity-focused IT infrastructure:
1. Formalize executive commitment to business continuity and disaster recovery. Establish BCP/DR as a critical business process and ongoing corporate objective. Without executive sponsorship, DR becomes the proverbial 'hot potato' of data center operations, and BCP becomes a secondary function of human resources.
2. Identify business critical processes and supporting IT systems. Once you identify core business processes, you must also classify the applications, databases, and supporting infrastructure for data protection, availability, and business-continuity planning.
3. Perform a business impact analysis of mission-critical systems. Due to the cost of implementing and supporting a legitimate DR solution, every business must analyze operational losses as they equate to system downtime. Such costs can then justify expenditures for availability, recoverability, and security infrastructure.
4. Classify restore 'priority levels' for mission-critical and non-critical business systems. In the event of an enterprise-recovery or data-transfer event, bandwidth, time and technical resources are just a few of the critical factors. Key systems and application environments should be put first in line during enterprise recovery.
5. Examine application dependencies. Now that you know the core applications, analyze all application dependencies from a data-source perspective. Considerations for DR/BCP should include the lower profile, yet critical, components of an application infrastructure.
6. Test critical restore procedures in a real-time environment with the participation of your end-user community. While backup is a mundane component of operations, restore can become a harrowing experience when archived data has to go back into production.
7. Train staff to perform IT recovery without key personnel. Cross-training key management, storage administrators, system administrators and database administrators is a time-consuming business. Yet, this is a key component of preparing and planning for unplanned outages and overall business continuity.
8. Review contracts with disaster-recovery vendors. Review service level agreements on facilities and equipment contracts to confirm an accurate reflection of current infrastructure and business needs. If vendor coverage is insufficient, consider alternative strategies such as vendor RFP's or in-house hot-site development.
9. Demand "restore performance" from disaster recovery vendors. On a very limited scale, consider staging a surprise "Disaster Recovery Audit" of your disaster-recovery vendors. The purpose of this exercise would be to exercise business-continuity plans on a limited scale, to prepare your staff for emergency procedures and, ultimately, to test the mettle of your DR contract providers. As in every other endeavor, practice paves the way to perfection.
10. Identify single points of failure in your IT infrastructure. Analyze your IT infrastructure for fundamental design weaknesses. As a long-term objective, employ mainframe-style redundant design metrics for such areas as: power, networks, servers, cooling, system design, operating systems, databases, middleware, applications, telecommunications and personnel.
About the author:
John Merryman is an independent consultant, specializing in infrastructure and storage technology analysis, planning, management and disaster recovery/business continuity planning. Please feel free to contact him via email: at [email protected]
FOR MORE INFORMATION:
Teamwork, diversity key to business continuance plan
Quick steps to constructing a disaster recovery plan
Business continuity in the finance and healthcare sectors