A Blended Approach to Data Protection

Protection now depends on more than one method. The nation uses a coordinated strategy involving ships, airplanes, submarines, ground troops, satellites, missiles, espionage, and law enforcement agencies to guard its borders. Cars have bumpers, seat belts, steel beams, and airbags to save passengers' lives. Homeowners use outdoor lighting, watchdogs, door locks, and alarms to keep out thieves. When it comes to protecting an organization's computerized data, particularly in regard to DRP, a similarly blended approach is called for. Unquestionably one should always buy a reliable disk drive with RAID, back up data, and use a firewall and antivirus software. Each of these measures addresses a vital zone, but there is a lot more to it. It must be firmly understood that one can encounter two classes of disaster: non-catastrophic and catastrophic.

Non-Catastrophic Failure

Non-catastrophic failure is really a subset of a DRP and is addressed by a contingency plan (CP). The non-catastrophic category encompasses various types of failure, such as:

• Accidental deletion by a user

• Disk controller failure

• Hard disk/drive crash

• Network downtime

• Power surge

While RAID and backup are integral parts of any CP, they are far from sufficient. According to a conversation with Chip Nickolett, a disaster recovery expert working for Comprehensive Consulting Solutions, Inc. (Brookfield, Wisconsin), many of these issues may have already been addressed by hardware redundancy but this approach is not 100-percent foolproof. Non-catastrophic data loss, although disruptive to business operations, has the advantage that it is usually recoverable onsite within a relatively small time window.

Contingency Plan

As well as backup and RAID, CP tools include:

• Various undelete utilities, such as Executive Software Undelete, Quantum Software Undelete, Recover 4 All, and the Linux Files Undelete utility

• SMART-based disk monitoring utilities such as EZ SMART by Phoenix Technologies and Intelli-SMART by LC Technology

• Vendor tools, such as Compaq Insight Manager, which monitor disk health and other system parameters

• Non-SMART-based disk monitoring tools such as SpinRite by Gibson Research

• Network/system monitoring tools, such as Somix Technologies' WebNM and CA Unicenter, that can detect device problems and/or isolate hard drive issues

• Data recovery services that recover data lost in a hard drive that no longer functions (Ontrack is one example of such a service)

Although DRP gets more attention, a CP remains an essential element of organizational protection. In fact, it may well be that companies need to develop some competence with CP before being able to succeed well in any DRP initiative. Nickolett stated that his general recommendation to clients is to develop, test, and refine a CP before attempting a DRP.

In practice, much of the work of the CP will apply directly to the DRP, and the cost of refinement will be much less because work is done onsite. Most organizations tend to treat CP-related matters reactively. Generally, they do not plan for such disasters and, when one happens, someone in IT is called upon to handle the matter. Depending on the situation, this can mean hours of work to address a crucial issue or having to put users on hold for hours or even days while dealing with the problem.

Suppose you lose an important document due to human error. You may not receive a sympathetic ear when you call IT to say you just deleted a document you spent a full day compiling, and the response really depends on how prepared IT is for such an event and how high you are on the organizational totem pole. Oftentimes, IT has to turn away such requests, as the idea of hunting through hundreds of backup tapes for any vestiges of a document is daunting, and, of course, the likelihood is that recently created documents may not have been backed up since the last backup window. But, if it is the boss' PowerPoint presentation for tomorrow's show, IT will find itself searching and restoring whether it is a fruitless task or not.

An organization that is prepared for such a scenario would have instituted some kind of undelete function that made it easy for IT, and sometimes users, to recover data from accidental deletions. Further, Windows 2003 Server includes snapshot technology that makes it easy for users to recover lost files, without even disturbing IT.

The point is that the compilation of a CP forces companies to work out what they need to put in place and what processes they need to develop to deal with garden-variety data loss situations so that IT can deal with them with the minimum of distraction, cost, and downtime. When a hard drive goes down, instead of IT finding out about it a few hours after the fact and discovering that no hard drives of that type are in stock, disk monitoring software could have predicted the failure ahead of time and a stock of hard drives could always be on hand to replace faltering drives.

The CP, then, forces the organization to confront the multiple elements of potential data loss. The CP should be developed, tested, refined, and implemented. Doing so will educate the organization in regard to the intricacies of disaster recovery. As well as proofing the entire organization against non-catastrophic failure, this approach lays the foundation for a comprehensive DRP program. This method helps define a process that can later be modified for a full DRP. Further, in reality, the probabilities of non-catastrophic failure are many magnitudes higher than a full-fledged, catastrophic disaster.

Catastrophic Failure

Fires, floods, earthquakes, explosions, hurricanes, terrorist acts, and more constitute catastrophic disasters that can destroy an entire organization, or a portion or branch of it, overnight. This type of occurrence requires offsite facilities and data storage in order to ensure continuation of business activities. Design of such a facility must encompass such mundane matters as seats, desks, and office supplies, as well as IT systems and corporate data. Further, personnel will require telephone lines, network connections, and countless other items in order to function. The amount of detail, in fact, set down in any comprehensive DRP boggles the mind; yet, every single part of it is needed. Remember that if something horrible happens, normally reliable personnel may function poorly under stress and forget even the simplest of details. Every detail of every process should be recorded so that current and future staff can work through it effectively. Nickolett recommends checklists for everything; timestamp and initial every item and leave room for comments. In short, nothing should be left to chance.