Defining Disaster Recovery
Disaster Recovery is the ability of an infrastructure to restart operations after a disaster. That's a simple definition. The truth is large companies spend thousands of dollars each year maintaining a Disaster Recovery plan and practicing that plan. Some even do so twice a year to improve their response time should a disaster occur. Having a backup of a system isn't any good if you can't reliably restore it.
|
Since it's inception during the late 1970s, the business of business-recovery has continued to expand, moving from original application processing on mainframes, to include disaster recovery for telecommunications, distributed processing, and most recently, network area and work area disaster recovery.
Since it's inception during the late 1970s, the business of business-recovery has continued to expand, moving from original application processing on mainframes, to include disaster recovery for telecommunications, distributed processing, and most recently, network area and work area disaster recovery.
Whenever accidents, disasters and natural events interrupt day-to-day business activities, one thing can be certain: corporations lose money. The amount of money often depends on how prepared businesses are for dealing with interruptions. An up-to-date, well-planned and well-practiced disaster recovery plan often makes the difference between quickly returning to business as usual and flailing for months or even years from the devastating repercussions.
Any event that interrupts business due to the loss of information required for normal operations qualifies as a disaster. A disaster recovery plan is a blueprint for recovering from these events. It does not seek to duplicate a business. Rather, its intent is to increase the chances of survival and to minimize the effects of the loss.
Disaster recovery planning is not an easy process. In addition to the extended set of tasks that must be performed, it is filled with potential hurdles that even the best intentions, most intelligent people in the organization can overlook. Regardless of whether the plan is developed using internal talent, external experts can help. Disaster recovery planning is an essential process for companies. It might just be a matter of corporate survival.
Besides the obvious reasons, legal statues, customer service level, competitive edge, responsibility to employees and stockholders, and other justifications, why bother with a disaster recovery plan? Disaster recovery planning is not just for big corporations. It's not just for data centers or large networks. Every business, even small, personal businesses can benefit from reasons not often considered.
The basic tasks preceding and maintaining recovery preparedness make good economical and business sense. In most cases with less effort than anticipated, disaster recovery planning can improve efficiency, reduce recurring issues and, through reduced downtimes and better managed processes, pay for itself.
Management must first understand the characteristics associated with a crisis. Any crisis has the following characteristics:
Surprise
Insufficient Information
Escalating Flow of Events
Loss of Control
Intense Scrutiny From Outside
Siege Mentality
Panic
Short-term Focus.
One strategy used to put the crisis in the proper context is to establish an order of magnitude with respect to the crisis. Crises may be categorized into one of three levels.
Level I-Low Risk
No serious injuries, minimal physical damage, no disruption to critical business operations, minimal impact on routine business activities, minimal distress to employees.
Level II-Moderate Risk
Serious (life threatening) injuries, significant number of minor injuries, minor damage to property and facilities, minor or impending disruption on critical business operations, moderate impact to routine business activities, moderate employee distress.
Level III-High Risk
Major human casualties including death, major physical damage, significant impact on critical and routine business activities, media visibility, potential customer and shareholder impact.
As part of the disaster recovery plan, an established Escalation Procedure should be tied to each of these levels so that if the situation escalates to the next level procedures are already in place.
As part of a library's disaster recovery plan, crisis events are defined in a slightly different manner. The least serious event is would be described as a "serious incident," which involves a minor loss of data, a roof leak that drenches several shelves of replaceable books in a library or a threat from a drunken employee. The term "emergency" is used in the event of a single casualty, a moderate fire, or substantial vandalism that compromises the security of the site.
A "major emergency" classification covers serious damage at a single site and possibly several casualties. A "disaster" is defined as an event that is beyond the powers of first responders to prevent or control, and that results in serious damage and prolonged service disruption at several sites and possibly a number of casualties.
The term disaster means the interruption of business due to the loss or denial of the information assets required for normal operations. It refers to a loss or interruption of the company's data processing functions or to a loss of data itself. Loss of data could result from accidental or intentional erasure or destruction of the media on which data was recorded. This loss could be caused by a variety of man-made or natural phenomena.
Loss of data could also refer to a loss of integrity or reliability either in the dataset (or database) itself, or in the means by which data is transported, manipulated or presented for use. Corruption of programs and networks could interrupt the normal schedule for processing and reporting data, wreaking as much havoc within a company as would the loss of the data itself.
The above conception of disaster may suggest that only a major calamity-a terrorist bombing, an earthquake, or even a war-would qualify as a disaster. Most people might imagine a smoking data center at Goliath, Inc., rather than an accidental hard disk erasure at the small business office down the block. In either case, if the result is an unacceptable interruption of normal business operations, the event could be classified as a disaster. Disasters are relative and contextual.
Simply stated: A disaster is an occurrence that disrupts the functioning of the organization resulting in loss of data, loss of personnel, loss of business or loss of time.
