disaster recovery

Disaster Recovery DOs and DON’Ts For The ‘Always-On’ World

disaster recoveryHaving recently spent a day with a group of HP’s reliability assurance engineers — whose motto should be “Our business is breaking things and business is good” — I couldn’t help thinking about other groups that like to break things (i.e. the Bad Guys or clumsy/lazy/disgruntled employees/partners/customers) and the growing importance of business continuity. “Business resiliency is now a c-level and board level issue as the costs of recovery and costs to reputation are now higher than ever before,” said Laurence Guihard-Joly, General Manager for IBM’s Business Continuity and Resiliency Services, in a recent interview.

“The big transformation in the business is the cloud and what I see as the always-on world,” Guihard-Joly. In this always-on era, bad news travels faster than ever before, which is one of the reasons why disaster recovery and continuity is more important than ever before to a business.

In a recent IBM/Ponemon Institute study on the cost of data breaches, business continuity management reduced the cost of data breach by an average of almost $9 per record. The average cost incurred for each lost or stolen record containing sensitive and confidential information increased more than 9% to $145 this year, with a strong security posture providing an up to $14 cost reduction per record, and with the appointment of a Chief Information Security Officer (CISO) coming in third, knocking $6 off the per-record cost.

Another recent survey from Continuity Central provides an interesting picture of what companies are doing with BC solutions, noting that almost half — 46.7% – do not use specialist business continuity software. Of the 53.3% that do, the top two applications were: write and develop business continuity plans (89.87%); and manage and update business continuity plans (89.24%). Tests and exercises came in at only 60.13%, and training was 39.87%.

A more bleak picture was painted by the Continuity Insights/KPMG LLP study that suggested there is still significant room for improvement in business continuity management (BCM) program maturity across organizations of all sizes and industries. Only 5.8% of respondents rated their program maturity as Level 6 – Synergistic, meaning that cross-functional coordination allows for upstream and downstream testing of business continuity plans. Most (52.5%) fall into levels 3 and 4 – they have centrally governed BCM teams that provide support and oversight to business units across the organization with varying levels of commitment and support from senior management – with the bottom two levels accounting for 22.2% of the remainder.

In what should be a red flag for those slow to recognize the criticality of having a BC capability, over 60% of respondents stated that their organization had experienced an incident in the past year leading to the activation of their crisis management plans. Most of these interruptions (60%) were weather-related, with fire, flood, and civil unrest making up the rest. More than a third (36%) are still not addressing cyber terrorism in their BCM plans, even though the threatscape is growing.

The following are 10 Dos and Don’ts for Successful Disaster Continuity Planning:

1) DO: Make It a Common Occurrence
2) DON’T: Wing It
3) DO: Face the Facts
4) DON’T: Compartmentalize
5) DO: Think About DR Every Day
6) DON’T: Depend Solely on Your Cloud Backup Provider
7) DO: Prioritize Data
8) DON’T: Confuse High Availability with Disaster Recovery
9) DO: Take a Multi-Pronged Approach to Disaster Recovery
10) DON’T: Ignore Hardware Effects on Disaster Recovery

About the author
Steve Wexler
Steve is a proficient IT journalist, editor, publisher, and marketing communications professional. For the past two-plus decades, he has worked for the world’s leading high-technology publishers. Currently a contributor to Network Computing, Steve has served as editor and reporter for the Canadian affiliates of IDG and CMP, as well as Ziff Davis and UBM in the U.S. His strong knowledge of computers and networking technology complement his understanding of what’s important to the builders, sellers and buyers of IT products and services.