Home Articles Disaster recovery: Should we, or shouldn’t we?

Disaster recovery: Should we, or shouldn’t we?

archives2014

Russel Ridgley of Pulsant looks at the not insignificant matter of DR and what options you have for protecting your data and to what extent.

Disaster recovery, as the name suggests, forms a crucial part of any organisation’s data protection and business continuity strategy. Or, rather it should. According to research conducted by Forrester, disaster recovery (DR) and business continuity formed 5.8% of the overall IT budget for organisations in 2013, with 66% of respondents rating it as a high or critical business priority.

While no-one seems to be disputing the importance of having this type of strategy in place, the practicalities of implementation can often be challenging – from budgetary issues, buy-in from CIOs and the type of solution itself. DR means different things to different people – from time, in terms of minutes or weeks, to the extent of what it covers, including critical systems or everything.

The requirements of a DR solution can also be challenging as they are hard to define, sometimes spanning hundreds of pages of documentation. Once DR plans are implemented their performance can be difficult to measure because organisations sometimes cannot test and monitor it without experiencing a system disruption and certainly the testing of complex DR plans isn’t without risk in itself.

In addition, the impact of introducing DR strategies can be underestimated – DR affects all aspects of an organisation. It is not just a recovery system but also includes aspects such as all of the connectivity surrounding it, the switch-over of users, and dealing with the data within it.

Given the importance of DR, how then do you ensure its successful implementation and use?

DR can be done in-house or outsourced, and regardless of which method is chosen there are a few things that should be taken into account. Any DR project needs to take into account the entire IT estate. It often ends up as a cost versus compromise balance. It’s important to weigh this balance up fully as there are risks of investing into recovering a system where a non-resilient component elsewhere may introduce more risk than loss of that single system – and potentially be mitigated with a lesser investment.

Part of the consideration is how much data your business could tolerate losing though obviously the thought of data loss is terrifying in itself. Most DR strategies require that your data be in two places at once; data replication can either be synchronous (writing both ends at once so data is guaranteed to be up to date) or asynchronous where the data is periodically copied. Both have pros and cons with the downside of synchronous being that the entire system is reliant on the connectivity between sites, while choosing asynchronous replication may actually cause data loss when switching to your DR system.

It’s worth considering that the disaster could be a massive data corruption. Data replication will also replicate data corruption and restoring from backups is normally a slow, time consuming task and a significant amount of data is likely to be lost due to the normally long backup intervals (mostly every 24 hours)

Asynchronous or journal-based replication gives some options for preventing your DR site being affected, but can add risks of their own and certainly cost in the case of the latter.

Cost is always a core consideration and effective DR strategies certainly come at a price and remain a concern for CIOs and decision-makers. However, if your business includes a critical system that would bring your organisation to a stand-still if it failed, the real question is perhaps: can you afford not to have DR?

You can find information on Pulsant’s Cloud on-demand Backup Services here.