Storage and Backup

Storage and Backup

Disaster Recovery and Business Continuity

A common theme in the world of data backup is the confusion of business continuity with disaster recovery. When it comes to protecting your data, it’s important to understand that these two different concepts. The misunderstanding of the terms could result in organizations being left at a significant risk due to inadequate planning.

In a disaster, few people care about the definition of terms. However, one sure way to get through the chaos of losing data and facilities is to know the difference between Disaster recovery and business continuity.

What's the Difference?

Disaster recovery is a subset, a small part of overall business continuity. It is the process of saving data with the sole purpose of being able to recover it in the event of a disaster. Disasters in IT range from minor to major: the minor loss of an important set of data to the major loss of an entire data center, though recovery of the corporate database may take the same herculean effort as the reconstruction of the company’s infrastructure. From the point-of-view of panic, pain and pressure, the range in size of a disaster—either minor or major—could arguably be very similar.

A great example is Hurricane Katrina. In 2005, most of the city of New Orleans was underwater, without power and without some of the basic resources for humans to even live. There were many companies that kept off-site copies of their data, so that in the event of a disaster they could recover the data. What they did not plan for was the inability to get that off-site data to their secondary site. In one case, the company kept all of its data on off-site tapes that were kept in a secure location. The only problem was that the company staff could not physically travel to the site to retrieve its tapes.

DR: Secondary Sites

The root of disaster recovery is that data is kept in a secondary site, and plans are made on how that data will be recovered so that the business can access it again. One item to note is that the data is not accessible during the disaster. It must first be recovered, and the speed at which the data is recovered is solely dependent on the planning, infrastructure and processes that are set forth and tested.

On the other side, business continuity typically refers to the management oversight and planning involved with ensuring the continuous operation of IT functions in the case of system or enterprise disasters. The elements necessary for successful business continuity include the plant (location), staffing and equipment, as well as the actual data recovery procedures.

Business continuity is a completely different process. First, it is not data centric; it is business centric. The whole point of business continuity is to continue to do business during a failure or disaster. In basic terms, it means that when a failure or disaster happens, that data is still accessible with little to no downtime.

Typically, business continuity is a combination of hardware and software technologies that keep data in two different places at the same time. For example, if the production server in one building goes down, the data and the application are “failed over” to a second system that the application can then use. Usually, the application only pauses and users do not even know there was a problem.

What this really means is that you must have the infrastructure to support it. The most common example is clustering. Clustering allows the replication of data between multiple systems thus enabling you to have that data accessible from a secondary source in the event of some failure. Active/active clustering is a great example. If your mail application goes down on the production server, the replicated copy on the secondary server takes the load and the application stays up and people still have access.

Continuity is Broader

Regarding business operations and management of the staff and facilities, continuity represents a much larger scope of maintenance than the recovery of just the data and equipment. Most companies come from a practical analysis of how long recovery will take. During the planning process for recovery reality starts to set in. Time factors to get back in operation count heavily toward what must get recovered first. The matter of time to recovery introduces these business continuity questions:

  • What do we need recovered first to stay in business?
  • What do our customers need to remain assured of our stability?
  • What do our business partners require to continue order, fulfillment and delivery?
  • What do our vendor relationships insist upon to work with us?

Prioritization of what to recover first points to the more important analysis of these business relationships and how they line up. Every corporate entity lives with different ordering lists that determine their ability to remain in business.

Recovery of data may well be the only issue that the bulk of IT managers and C-level officers have time to address. It’s a good start, but not the whole story. You must understand the “what” and “how” in order to get your data back in operation. During that recovery planning, these same managers and officers will run into the continuity questions. The better the recovery system in terms of reliability, scope and scalability, the better the chance of stepping up to the continuity issues. The more feeble and antiquated your recovery planning, the more certain corporate failure at continuing business as usual during a disaster.

Standards continue to be an emerging trend, with many developed in recent years from such organizations as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC):

  • ISO 22301:2012: Business Continuity Management Systems -- Requirements
  • ISO 22313:2012: Business Continuity Management Systems -- Guidance
  • ISO 22320:2011: Emergency management -- Requirements for incident response
  • ISO/IEC 27031:2011: Information technology -- Security techniques -- Guidelines for information and communication technology readiness for business continuity
  • ISO/IEC 24762:2008: Information technology -- Security techniques -- Guidelines for information and communications technology disaster recovery services
  • ISO 31000: Risk management
  • Financial Industry Regulatory Authority 4370: Business continuity for banking and finance
  • National Fire Protection Association 1600: Emergency management and business continuity
  • National Institute of Standards and Technology Special Publication 800-34: IT contingency planning
  • American Society for Industrial Security (ASIS) SPC.1-2009: Organizational resilience guidance
  • ASIS SPC.4-2012: Organizational resilience management systems

BCDR software also helps an organization build its business continuity and disaster recovery plans, by facilitating business impact analyses or providing plan templates

Backup / Restore Storage

What Is effective backup and restoration?

Effective Back and Restoration ensures that if data is lost due to a hardware malfunction or user error the business can quickly recover and allow users to continue to be productive.

With data being one of the most valuable assets to any company, it is imperative that business of all sizes have an effective way in which to recover information. In the past customers have focused on the process of backing up data on tape or disk without much consideration for the time taken.

What are the considerations for Backup and Restoration?

In these times of increased system complexity, limited budgets and higher levels of data growth it’s important for organisations to plan, backup and test restoration effectively.

Storage and Data Management

You may think you have Storage and Data covered but does your current platform provide the most effective solution? Storage has come a long way and more and more customers are benefiting form the introduction of deduplication, compression or improved flexibility with tiered storage. As small and medium-sized businesses experiencing high growth rates, capacity increases have a direct effect on backup and restore times as well as day to day management. What happens when you can no longer backup everything within the given window? Before you purchase more storage when was the last time you checked that all the data was work related or didn’t contain multiple copies? Are there alternatives to relying on tape for restoration? What is effective Storage and Data Management? In answering the question what is effective Storage and Data Management? An effective Storage and Data Management strategy refers to any activities designed to improve the way you retain, provision and protect your companies greatest asset. Specifically, these activities improve accessibility, reliability, integrity, and availability of your data and applications. Efficient Storage and Data management targets the root cause of a variety of common problems and ensures that anything stored is relevant, that data can be retrieved quickly and that budget is spent in the correct area rather than simply increasing capacity. How Does effective Storage and Data management help you? Many data & Storage problems experienced by customers are due to increasing average file sizes, more readily available access to image rich information and outdated storage technology. The most common of which include: Spiralling Growth rates requiring regular capacity increases Backup failures or limited backup windows Complex environments requiring individual backup procedures for applications No storage policies or ways in which to enforce them Silo’s of information No Restore Time objective (RTO) or Restore Point Objectives (RPO) in place User error promoting data loss Higher running and management cost associated with a dispersed environment What are the Business Benefits of Storage and Data management? With Storage and Data management in place, your company can experience a number of tangable business benefits leading to a long term reduction in costs and improved utilisation of resources. Your company can be protected against unplanned downtime, keeping employees productive. Consolidation reduces electricity and cooling costs as well as allowing IT technicians to manage more with less. Removing duplicate, old or non work related data can free up large amounts of capacity (30% to 50% is typical) and a flexible platform vastly improves time taken to provision new applications or systems.