While the IT organizations of many companies pride themselves on having 99.999% uptime, there always comes a time when the very systems they depend on are suddenly unavailable.
Preparation, planning, and testing are key to mitigating and minimizing vulnerabilities. Unfortunately, there are plenty of organizations out there that learned this lesson the hard way.
Vulnerability Comes in Many Forms
Whether it’s a natural disaster (such as a flood, earthquake, or a fire), or a man-made accident (like brownouts, crime, or even a worker-related accident), most companies don’t know how they’ll cope in the aftermath of an infrastructure breakdown. That can be bad news for underprepared organizations, especially companies bound by unique requirements and regulations.
For example, some companies rely on a 24/7 connection to critical data and applications. Any interruption in that connection could result in lost productivity and operating costs. A lengthy downtime or severe critical data loss could easily seal a company’s fate.
Other companies are bound by a number of regulatory requirements, including HIPAA and Sarbanes-Oxley. These requirements mandate the availability of client data at all times. Failure to follow these regulations could easily result in financial and legal penalties for an out-of-compliance company.
Creating a Game Plan for Survival
Data losses and downtime can have a devastating effect on business operations without the right plan in place. When planning for emergencies, it’s important to keep the following considerations in mind:
Location is key. Organizations with an in-house IT environment should consider an off-site backup and data recovery solution, provided by either a third-party entity or by renting space in a datacenter. It’s always important to keep data recovery and backup sites in a different facility from a primary site.
Explore all available options. Each organization’s environment and applications differ in various ways, making it important to thoroughly vet disaster recovery options to contract for the option that is the best possible fit for your company’s needs.
Consider RTO and RPO. It’s essential to understand the importance of Recovery Time Objective (or, RTO, the amount of time an organization can survive without service) and Recovery Point Objective (RPO, the maximum tolerable period in which data might be lost) when drafting a data recovery and backup plan. Both elements should be considered when evaluating the ideal recovery solution.
Create clear rules and procedures. While having the necessary tools to address data loss is important, it’s essential to have a clear and concise means of carrying out the requisite tasks needed for complete restoration. Users of backup and data recovery solutions should always keep a clear line of communication between themselves and their service providers.
Flexibility is an ideal attribute. Some situations, such as accidental file deletion, may not require a complete data recovery. Consider selective recovery options for scenarios where granular and application item recovery is ideal.
Don’t forget about cost. The overall costs of data storage and backup usually depend on the amount of data stored, the storage medium used, and whether or not immediate restoration is needed. For instance, large amounts of data not subject to quick restoration can be stored using a lower cost solution. Mission-critical applications and web applications need to be up and running at all times, thus usually leading to a higher priced solution. The key to finding the best solution for all of your infrastructure is to work with a vendor that can build a customized solution to fit your requirements.
Forward-thinking preparation, planning, and testing is the best way for organizations to address vulnerabilities when it comes to the dreaded possibility of sudden data loss.
