Chapter 7. Disaster Recovery and Contingency Management

A DISASTER CAN OCCUR AT ANY GIVEN TIME ”there may not be any warning, and the effect could be catastrophic. But what constitutes a disaster? It doesn't have to be something straight out of a Hollywood movie, with raging torrents or blazing infernos. It could be quite different, such as a digger cutting through the main cables supplying power to the whole site, or a key member of the staff leaving the company ”the disaster scenario is depicted by the effect that it has on the company and that company's capability to continue operating.

In the context of computing and business, disaster is difficult to define accurately, so for our purposes let's define it as an event or an incident that causes major disruption to the operation of the business for an extended period of time.

In recent years , disaster recovery has become a frequently used buzzword in IT circles, as has business continuity. The whole recovery/continuity concept has developed into an industry of its own. This reflects the change in attitude that businesses have undergone; they are now realizing the importance of being able to resume (or continue) working in the event of a disaster. Previously, a data center consisted of a large centralized room with mainframe computer systems and batch processing. Today, with the development of distributed networks and environments, the main computer systems are often scattered across several sites.

Companies have become so reliant on their computer systems that these can frequently be the deciding factor in determining whether a business survives or collapses. With this in mind, it is quite astonishing to find that a large number of companies still have no formal disaster recovery plan in operation, despite knowing the risk. Senior management of a business has a responsibility to both the stockholders and the employees to protect the assets of the company as much as possible. Legal responsibilities also must be considered , such as personnel data, financial data for tax and auditing purposes, security logs, and so on. If a company loses all of this data as a result of a disaster, it could face prosecution or lose the business.

With an ever-increasing number of companies appearing on the Internet, there is an increase in demand for computer systems to be running and doing business continuously. The existence of a tried and tested disaster recovery plan, therefore, is essential for this to be a feasible objective. At the very least, it requires two separate sites, where all of the facilities are duplicated . However, as the rest of this chapter will show, the computer systems themselves form only a part of the overall disaster recovery and contingency plan; other aspects, such as clear procedures, thorough documentation, and good planning, are equally important.

A disaster recovery plan does not guarantee that the company will be unaffected by a disaster; that is never truly achievable. What it does, though, is put the company in the position of being prepared so that it won't be the end of the world if a disaster happens. A company with a tested (and current) disaster recovery plan has a much higher likelihood of surviving and continuing to do business than a company without such a plan.

This chapter addresses some of the issues related to disaster recovery and contingency, and how it relates directly to the Solaris computing environment. The chapter is divided into two broad sections. The first covers disaster recovery, the types of disaster that can be encountered , what a disaster recovery plan is, and the benefits of having one. The second part focuses on contingency management and the various ways in which the impact of a disaster can be reduced with some alternative options. The end of the chapter presents a section describing the steps to take in creating a disaster recovery plan and reinforces some of the ideas discussed in the text. The Appendix, "Resources," also lists some further readings and useful Web sites for disaster recovery and contingency information.