Disaster Recovery

The objective behind disaster recovery is to provide a means of restoring normal operations as quickly as possible if a disaster strikes. It attempts to minimize the impact by being prepared. A frighteningly high proportion of businesses that suffer a full-on disaster, such as total network loss or massive data corruption, go out of business permanently, and a percentage of these fail to recover from the disaster at all.

As an example, imagine a business selling computers and components on the Internet, a competitive business with several rivals. If the Web site becomes unavailable, then a potential customer is highly likely, with one swift click of the mouse, to move to a competitor's site. The sale is lost, and the chances of further business from the same customer are significantly reduced.

The most damaging factors for companies that suffer a disaster are negative cash flow, because even if they are insured for loss of business, they may not be able to afford to continue functioning until the insurance pays out. In the meantime, consumer confidence and stock prices could plummet, and customers could go elsewhere. A good disaster recovery plan could have the business up and running very quickly, even if it is in a degraded state, and capable of continuing its trading.

Types of Disasters

Disasters come in varied shapes and forms, not always how many would envisage them. Some of these are identified here, listed in no particular order of importance:

• Natural ”Also called "acts of God," these are the more obvious disasters, such as earthquake, flood, fire, hurricane , or tornado .

• Political ”This category covers terrorist attacks and espionage where a political motive might be designed to destabilize or harm the economy.

• Man-made ”This could include a toxic chemical spill caused by a road accident that forces the entire building to be evacuated, or a digger cutting through cables supplying power and communications resources to an entire block.

• Malicious ”In this case, a hacker deliberately tries to sabotage the business, infestation from a virus occurs, or a disgruntled employee seeks revenge .

• Human ”Here, a key member of staff resigns, taking years of experience with him that exist only in his head because they were not documented, or critical data is accidentally deleted.

• Criminal ”This involves the theft of critical computer systems or components, or the theft of critical data for financial gain (industrial espionage).

• Equipment failure ”Disaster here includes the loss of a major server, a hard disk crash, or the loss of communications between the systems and the Internet.

The Disaster Recovery Plan

In an ideal world, a disaster recovery plan would automatically be built in to any new computer system or network that was being implemented. This section deals with reality though, and the fact that, for the majority, this is not considered at the time of implementation. A new system is more likely to be included in an existing plan (if there is one) at the next review, which could be too late if something happens in the intervening period.

The system manager is someone who is heavily involved in strategy and is responsible for the provision of IT services to the business. It is highly likely that he might be the instigator of a disaster recovery plan for the IT systems, if one does not exist, because he has a good understanding of how a serious failure could affect the company as a whole, not just a particular section or department.

What Is It?

A disaster recovery plan is a survival strategy. It is a plan designed to return a company to normal operating capacity as quickly as possible following an interruption to services ”the disaster. The disaster recovery plan identifies key elements of the company and critical tasks that must be completed. It also identifies areas of high risk that need to be addressed to reduce risk.

The disaster recovery plan contains extensive contact information, something that could be very difficult to find in an emergency, and is kept in a central, accessible location. In fact, the plan is normally held at several key locations. Members of staff or external resources are assigned to various tasks. Their responsibility will be to instigate and implement the recovery of the company; because this has been planned and thought about in advance, it is less likely that bad decisions will be taken by someone in a state of panic.

A disaster recovery plan is a plan for recovery; it is a document, or a series or documents, that collectively comprise the survival strategy. However, it is not enough to merely have the plan safely in a cupboard. The task of building the plan is as important as the plan itself. It is the "doing" activity that provides familiarization, which in turn raises confidence levels. The process of creating the plan could also highlight areas of particular vulnerability in existing procedures that themselves could lead to an interruption to service. In this way, potential disasters of the future can be prevented.

Benefits of a Disaster Recovery Plan

The existence of a disaster recovery plan brings several benefits, some of which could save a business from collapse. These benefits are described in the following list:

• Minimizes downtime ”The downtime and unavailability suffered as a result of a disaster can be fatal to some companies. Sun cluster software provides an excellent means of maintaining high availability, allowing clustered nodes to be located at separate sites (Sun cluster was discussed in Chapter 5, "Solaris Installations and Upgrades"). By maintaining continuous high availability, the company can do business when others would have ceased completely.

• Keeps the staff ”If a disaster occurs, it is possible that the business won't be capable of continuing to pay its employees; if this is the case, they will leave and find work elsewhere. A good disaster recovery plan should have most of the employees gainfully employed within one or two days ”most employees would welcome the chance of an extra day or two off.

• Retains an acceptable level of cash flow ”One of the major causes of businesses collapsing is that they run out of money ”ironically, this happens before the insurance claim can be settled. The sooner the company can resume an operating capability, the better the cash flow situation and the better the chance of survival. The existence of a disaster recovery plan indicates that advance planning has been carried out and that an alternate way of continuing business has been investigated or implemented.

• Maintains customer confidence ”In the highly competitive world of Internet commerce, customer confidence can be shattered very quickly. If the Web site of a company becomes unavailable or the company cannot trade, the customer will merely look elsewhere, so business is lost. When the company is a public company trading on the stock exchange, customer confidence becomes even more important. By simply publicizing the fact that a disaster recovery plan has been tested and implemented, confidence will rise (maybe the share price, too) as the stockholders see that the business is serious about protecting its assets ”and their investments.

• Satisfies legal requirements ”For some of the data held by a company, legal requirements govern retention and security of the data. The disaster recovery plan demonstrates that everything is being done to protect the information (by storing backups in a secure off-site storage facility, perhaps). Conversely, the absence of a disaster recovery strategy might result in legal penalties on the grounds that the executives did not make adequate preparations to protect the company's assets and legally required data.

• Reduces insurance premiums ”Demonstrating to an insurance company that a disaster recovery strategy is in force within the company could reduce the premium payments. This is because of the prevention options that have been taken, as with home contents insurance policies ”hoomeowners often pay reduced premiums when certain approved security measures to their property are implemented, such as intruder alarms and fire-detection equipment.

• Raises employee education and awareness ”The creation of a disaster recovery plan raises staff awareness of potential dangers and risks. It has the side benefit of educating all those who are involved in the process on disaster management. It can be quite disturbing to members of staff when they realize exactly what could happen if a disaster struck the business, focusing attention on areas of weakness and vulnerability and, more importantly, what can be done to improve the situation.

As with the year 2000 problem described in Chapter 4, "Testing," an exercise of this magnitude produces other side effects as the project progresses. One of these is that the company assesses exactly what is critical to the survival of the business and what is less critical, so priorities can be set accordingly . The information might be used by managers to justify other future projects. Many companies find the exercise useful as an information-gathering process; the employees learn more about the function of the business, how it all fits together, and the impact of a certain function being unavailable. All this has an indirect effect on the general running of the business.

Finally, the action of creating a disaster recovery plan highlights, in some cases, precisely how vulnerable to disaster the business is, prompting positive decisions to be taken to improve the situation. The vulnerabilities might not all be directly related to disasters ”for example, an analysis might reveal a security weakness in the Solaris operating environment currently installed. Upgrading to the next release might fix the problem, and other extra security measures that had not even been considered could be implemented. This might have been completely overlooked if the impact analysis had not been carried out.