Being able to recover data in the event of an outage or disaster is the main goal of walking through the disaster recovery planning process. There are several factors that affect this process and should be taken into consideration when formulating your plan.
Know the risks affecting your business
Before you begin the process of creating your disaster recovery plan, it’s highly recommended that you perform a test that will help determine the impact to critical business systems if there were to be an outage. These tests are often referred to as a business impact analysis (BIA). This analysis will help you identify specific risks and align them to the impact on a given business process.
For example, if you experience a flood in your primary datacenter, your entire business will feel the impact and you’ll likely incur a significant loss in revenue. On the other hand, if one of your co-workers accidentally pulls the wrong power cord in the server rack and brings one of your dev. servers down, it’s still business as usual for your end users.
First strategize, and then plan
The strategies we adopt, by definition, will be our chosen proposal or method to bring about a desired future. Once our strategies are in place, our disaster recovery plan then becomes the future course of action if and when we encounter a disaster. The plan will explain what needs to be done, who will do the work, how it needs to be done, and when it needs to be completed.
Six factors that will affect your strategy:
We must consider the capabilities of the technology we currently have in place before assuming anything. If we plan to have a given server back online within 15 minutes of a failure, there needs to be assurance that our technology can support that goal. We should consider everything from redundant power supplies to software capabilities. You’ll want to determine if you’ll have the ability to failover and failback
2. Data Criticality
If you don’t already have set RTOs and RPOs, this is the time to align with application owners and business stakeholders. Matching business expectations with IT capabilities will ensure there’s consensus on which data is critical, non-critical, and everything in between.
Many businesses have secondary facilities. If your primary building were to experience a disaster, do you have a secondary location in which you could restore services? If that location happens to be down the street, you may consider other options
There needs to be consideration of who is capable to complete the work required to restore services, as well as who can assist with communications to the broader workforce. Employees will need to be alerted to any critical updates, and there need to be contingency plans in place if key staffers are unable to complete the assigned tasks.
5. Policies and procedures
An important part of this process entails defining your policies and getting approval from senior management. These policies will dictate the procedures your company will follow in the event of an outage and ensure there is accountability among all stakeholders.
Let’s assume the worst happens and your building gets swept away by a hurricane or tornado. It will be critically important that you know exactly who to call to procure new equipment and facilitate the ordering of new servers, storage, networking, etc. You may also want to consider having budgetary quotes available during your planning process to identify what that may cost.
You can’t have everything you want
Some larger businesses cannot tolerate any downtime with certain business-critical applications. In order to ensure those critical apps remain online, there are very complex and expensive solutions put in place that often utilize at least two datacenters and loads of hardware the rest of us wish we could afford. The good news is that the disaster recovery planning process doesn’t always have to be expensive. Walking through a proven plan will ensure you have a plan in place that everyone in the business can agree upon.