|
 |
|
General Information
|
Add To My Personal Library |
October 9, 2009
• Vol.31 Issue 25
Page(s) 36 in print issue
|
Is Disaster Recovery Outdated?
Disaster Prevention Challenges The Idea Of Disaster Recovery
|
| Key Points
• Disaster recovery is now a part of overall business continuity.
• A company needs to maintain IT services just as effectively as the electricity and water in a building.
• Disaster recovery will always be necessary, especially for catastrophic events. | In a data center, keeping track of buzzwords is a challenge. The age-old concept of disaster recovery—where a company has a contingency plan to continue operations, restore data, and rebuild infrastructure after a catastrophic event—is changing. New concepts of business continuity and disaster prevention are emerging. In some ways, it’s semantics: The shared idea behind disaster prevention and disaster recovery is that a company needs to maintain IT services just as effectively as the electricity and water in a building.
Yet, for an SME, a comprehensive disaster recovery plan is often an expensive and complex endeavor. And, in the reality of day-to-day business, it’s often overlooked. Because disaster recovery has matured as a concept in IT and now involves prevention, backups, security strategies, and cloud services, there are new questions that IT must ask about disaster recovery plans. For instance, should a small company maintain a complete colocation facility that can continue operations after a disaster? Should a data center archive all data in any form—including instant messaging chats? And once a company has embraced cloud services—which provide contingency plans of their own—is disaster recovery even necessary?
Of course, no company should forego disaster recovery plans altogether. The short answer to the question of whether disaster recovery is outdated is no—there is an even greater need. However, the concept of disaster recovery now involves overall business continuity and disaster prevention, and the strategies are changing to even include security plans.
“In this realm of tightened budget times, it is more important than ever to have not only a disaster recovery plan but also a business continuity plan,” says Eric Pitcher, vice president for technology strategy at CA (www.ca.com). “Disaster recovery is now viewed as part of business continuity.”
 Adding Disaster Prevention
One major change in recent years is that SMEs are adding disaster prevention to continuity plans. The idea is to implement email and SMS alert systems; server monitoring devices; fire suppression technologies that do not damage IT equipment; and other strategies that lessen the impact of a disaster or provide a way for IT to avoid the long-term effects of a major disaster, security breach, equipment downtime, or any break in services. In part, disaster prevention is a way for data center managers to continue IT services for a more likely disaster (such as a power outage) and develop a recovery strategy for major disasters.
Disaster prevention products are designed for data center racks and can send email alerts if equipment reaches a certain temperature or the humidity in the room rises. With these disaster prevention products, IT staff can react by implementing a more immediate response such as spot-cooling or move to full disaster recovery mode. Of course, for some disasters, such as a hurricane or major flood, an alert system will be too little, too late. For smaller companies, data centers are often in the same location as the business itself, so a catastrophic event can be devastating, and an alert system won’t help.
Costs for prevention—though static—can vary depending on the type of prevention. For example, the alert systems for server racks cost as little as $100 and yet provide a good continuity benefit for an SME. Other prevention measures—including most data center colocations—are more costly.
“Prevention from power failure can be as simple as an uninterruptible power supply or as complex as tying into two different power grids,” says Ray Lucchesi, a consultant with Silverton Consulting (www.silvertonconsulting.com). “Similar concerns exist to deal with Internet access; having at least two or three different access points to the Internet make a lot of sense.”
Even with these variations in costs, prevention costs are more predetermined—you will know the costs up front instead of figuring out recovery costs after an event, even with the best plans. “The costs of prevention are quantifiable and vary based upon a specific goal and the strategy used to implement it,” says Anthony Wanger, president and founder of i/o Data Centers (www.iodatacenters.com). “On the other hand, recovery is difficult to quantify and tends to occur in tandem with other challenges. For example, the lack of resources if an office building burns down and at that point one needs to recover not only IT operations but also office, phone, HR, and other challenges at the same time.”
Will Prevention Replace Recovery?
One question one must ask in the context of disaster recovery and disaster prevention is, as IT evolves and services change, will disaster recovery plans become unnecessary? This is a particularly important question in light of cloud computing and the move to online applications.
Jim Thomas, technical services manager for Paragon Software (www.paragon-software.com), a company that makes drive partitioning and backup software, says disaster recovery can depend greatly on your geographic location. For example, no amount of prevention can help with a widespread disaster. Because of that, disaster recovery will always be part of the equation.
“Managers can rely on prevention as long as a large geographic area is not affected by disaster,” says Thomas. “As soon as a major disaster disrupts local service, there is no possibility to recover from onsite resources, and the ability to retrieve offsite backups is delayed, prevention is useless, and disaster recovery needs to be implemented. Failure to have a continuity plan can only lead to confusion during a disastrous event and the all too common possibility that the business will fail to recover.”
Several emerging technologies in business continuity planning will also change the DR landscape. For example, Pitcher explained that massive RAID arrays were once the purview of only a large enterprise, but now a multiterabyte array with full redundancy can cost only $1,200 and is easier to manage than just a few years ago, so the technology could become part of an SME’s contingency plans.
Another evolution in continuity planning is that the software monitoring servers, especially applications servers that are most important for business operations, is becoming more intelligent and proactive, providing some of the low-level tasks that help IT managers make decisions about continuity. For instance, software can help determine if a server is slowing down gradually and affecting tape backups or offer help with features for automatically offloading email services to the cloud if a server fails outright.
In the end, business continuity planning will always be a complex process involving not just recovery and prevention, but security, government compliance, and business process. It is one that starts with a simple offsite storage practice, and continues into the realm of cloud services and email alerts on server cabinets. The one constant: Plans should evolve apace with the technology changes. 
by John Brandon
Disaster Recovery vs. Prevention
Disaster Recovery:
• Restores data to its original state
• Can include colocation of data center
• Critical to business continuity
• SMEs must do DR because prevention is not a given
• Expensive for a comprehensive plan
Disaster Prevention:
• Alerts staff about data center problems
• Offsets minor data center problems
• Easier to predict and control
• Less costly than disaster recovery
• Encourages management and backup
|
|
|
