Disaster Recovery

Disaster recovery involves the processes that take place in order to put things back the way there were before a disaster occurred, or the ability to accomplish this task. In the technical business world, it is important that processes, hardware, software, and other necessary devices be implemented in order to achieve this goal if a disaster were to occur.

In order to understand what information you need to backup and what the possible threats are to your data and other critical company assets, you should always first carry out a risk evaluation. Once you have identified threats, risks, and other critical information, you can plan for backups, off-site storage, and possible alternative sites to carry out your critical business tasks.

Backups

The creation of a copy of your critical files, programs, and configured operating systems is critical to the life of your business (and your job) in the event of hardware or software malfunction or other disaster.

Removable storage media such as floppy disks, ZIP disks, optical disks, tape cartridges, CDs, or removable hard drives can be used in combination with software to back up your data and store it off site in the case of a disaster or emergency. The type of storage media you use will depend on the amount of information you need to backup and the speed at which you need the backup to process.

There are many types of backup software packages available on the market that allow you to carry out various backup types and functions. Some of the most popular are ARCServe by Computer Associates and Backup Exec by Veritas. Most operating systems available today come with their own internal backup programs. For example, most versions of Microsoft’s Windows come with Microsoft Backup. UNIX and Linux operating systems offer the tar (tape archive) command.

Backup Types

The backup type and plan you implement depends on the amount of data you have to backup and frequency at which the data changes. In other words, if the majority of your files, folders, and other data change consistently throughout the day, you might want to consider a full backup on a daily basis. However, if the majority of your data does not change quite so often, you might want to consider a one time weekly full backup and a daily incremental or differential backup.

GFS (Grandfather-Father-Son) is the name that is often used to describe a backup strategy that includes a daily, weekly, and monthly backup. This type of backup system considers the daily backup as the son; the weekly full backup is the father; and the last full backup of the month is considered the grandfather. This backup strategy is based on seven backups a week. A full backup is run once a week and an incremental or differential backup is run on the other days.

Whether you choose a daily incremental or a daily differential backup, it mainly depends on how much media you have available and how fast you want to be able to restore the data.

Files and folders that reside on most popular operating systems have four basic attributes assigned to them:

• Read only

• Hidden

• System

• Archive

When a file or folder has been added, written to or changed, the archive bit changes. Backup system software uses the properties of this archive bit to determine whether or not the file or folder should be backed up based on this flagged archive bit. Keep this in mind as you study the following basic backup types that you will need to know for the exam:

• Full: This backup type includes all folders, directories, files, and programs that reside on a system or disk. A full backup resets all archive bits regardless of their status. Typically, it is not productive to run a full backup every business day unless you have an incredible amount of backup storage space or a very small business with few systems.

• Incremental: With this type of backup, only files that have changed or have been added since the last full or incremental backup are backed up. The archive bit is cleared or reset. If you have a large amount of daily information to backup, you should consider a backup plan that includes one weekly full backup and a daily incremental backup. Remember, if you need to do a restore with this plan, you will need to use your weekly full backup tape and every incremental tape created since the last full for a proper restore. In simple terms, an incremental backup job will run faster than a differential. However, it will take longer to restore.

• Differential: With this type of backup, all files that have changed or have been added since the last full or incremental backup are backed up. This backup type does not clear the archive bit. A differential restore is simply restoring the last full backup tape followed by the most recent differential backup tape. In simple terms, a differential backup job will take longer than an incremental to backup. However, it will do a restore much faster than an incremental.

• Copy: A copy is simply a backup of files, folders, and directories that are copied to another location whether it is a network share, tape, or hard drive.

Off-site Storage

It is critical that your disaster recovery plan include at least one off-site storage location for the critical data you backup on a daily, weekly, and monthly basis. If a disaster were to happen at your location, such as fire or other disaster, it might do you little good to have the only copy of your important data stored in that same site. Having one full copy of your data onsite at all times provides a quick way to restore your data. However, you should also store your data at a different site or professional storage company that is registered to provide various levels of vaulting services.

For some businesses, there are strict regulations and guidelines that pertain to disaster recovery storage. Certain financial organizations are required to have at least two separate off-site storage locations. One of the storage locations is required to be a certain distance away from the primary business site. This distance is typically at least 60 miles. These strict requirements are in place so that a business can survive in the case of a nuclear, bomb, or natural disaster that could possible cover a large geographical distance.

Choosing an secure off-site storage location is an important discussion. It is best to go with a reputable, registered company that is certified to handle major disasters. For example, there are backup storage companies in the state of Florida that are registered to handle or survive various levels of hurricanes. In this case, choosing the storage vendor whose building could possible withstand the highest level of hurricane would be a good option.

Alternative Sites

We have covered the importance of data backups and need to store your critical business data off-site. However, just as important, is the need to facilitate networks, systems, and other critical components that might be necessary in order to continue business related operations off-site in the event of a disaster. Simply put, if part or all of your building is destroyed as a result of a disaster, you will need a separate facility with the equipment necessary to get operational as soon as possible.

There are several options available for alternative or remote site operations. Again, budget, activation time response, and business continuity needs will usually determine the option utilized. There are also options available for making certain that you have the proper systems and components available in the case of emergency or disaster. Hardware manufactures as well as many local stores offer the ability to reserve specific inventory under a contract. This will allow you to have equipment such as servers and workstations available if needed. One thing to be wary of is that many companies rent the same space and/or systems to multiple businesses at the same time in the event of an emergency. Make sure that you deal with a reputable company or you may find yourself sharing the same building location and systems with multiple companies if a major disaster occurs!

The following are the most common implementations of alternative sites used for disaster recovery purposes.

Hot Site

This type of backup site is a site that can provide full business functionality in a very short time. It is a standby facility that has all the necessary equipment, software, applications, electricity, plus Heating Ventilation and Air Conditioning (HVAC) in place and ready to go. A hot site will usually only require the need for most recent data to be loaded to servers and workstations for full functionality. Mirrored transaction processing is typically used over high-speed transmission lines to keep hot sites up-to-date with current data and information. This type of site requires the identical security measures needed at the primary site. It is very expensive and requires constant administrative overhead to be functional.

Warm Site

This site is only partially configured. It will usually have all electricity and Heating Ventilation and Air Conditioning (HVAC) in place and ready to go. However, it might only house certain servers and specialized equipment. It is considered the medium level shell needed to get operations up and running. More servers, workstations, and equipment would be needed to get a warm site up to par for normal business operations. A warm site will usually have external network connectivity available. Again, the time and cost needed for recovery are the major factors here.

Cold Site

This site is a basic shell needed to get operations up and running. It will usually have all electricity plus Heating Ventilation and Air Conditioning (HVAC) in place and ready to go. A cold site doesn’t have any equipment such as servers or workstations on site and there is usually no active connectivity to external networks in place.

Disaster Recovery Plan

A good documented disaster recovery plan is crucial to the survival of any business that wishes to provide quality service and remain functional before, during, and after a disaster has truly occurred. The goal of a solid disaster recovery plan is to provide proper policies, procedures, and documentation for backup and restoration of facilities and data in the event of an emergency. This plan should also include all emergency response procedures for all active employees who are considered part of a disaster recovery team.

A solid disaster recovery plan should be developed with the following considerations in mind:

• Create it with the intent to receive senior management support and “buy in.”

• Minimize confusion in the event of an emergency.

• Protect company assets, information, and services.

• Minimize loss.

• Educate user environment through documentation and or training.

• Guarantee or prove the effectiveness of the DRP (Disaster Recovery Plan) through valid testing and simulation, if possible.

Once you have an approved DRP that is suitable for your company, it is important that it is kept up-to-date on a scheduled basis. A DRP from five years ago is not suitable or acceptable.

An important fact to remember is that a disaster recovery plan is mainly concerned with procedures that reflect a company’s ability to recover once a disaster has occurred. This is often referred to as post-failure procedure. Business Continuity, which will be detailed next, is concerned mainly with the guarantee that business operations will survive before, during, and after a disaster has occurred.