Technology is not immune to false promises and there may be no better example than the faith companies put into their Disaster Recovery plans. The issue with this false promise begins in the very term, Disaster Recovery: not all disasters are equal and not everyone defines what recovery means the same way. It would be impossible to recount the number of times we have walked into a business that was confident in their untested, untried, and untrue plan to recover from a disaster. Many people also tend to think of disasters as Acts of God – floods, fires, earthquakes, or other weather related events – when a corrupted database or internal sabotage can be just as damaging as natural disasters, if not more so. For the purposes of this narrative, a disaster is anything that would cause complete interruption of business, and recovery will be defined as the ability to get your business back up and running.
“We back our systems up and take the tapes offsite.” It is shocking the number of times that this scenario is laid out in conversation with a business owner as the plan to recover from a business-interrupting event. While backups are vital, they are a very small piece of a much larger process that most businesses simply do not have a handle on; or worse, that many have never heard of. Getting a copy of your backups offsite is a great start, but it is not a sufficient DR plan.
Take for example this case of great intention: we serve a customer whose entire business is dependent on their website being fully functional. At any given moment there could be upwards of 45,000 transactions hitting their backend application. When we walked in, the principals in the business were fully confident that by virtue of “backing up their systems” that they could bring any part of their technology back online, and they were correct; what they failed to understand is that it would take the better part of two weeks to return to business as usual on backups alone. They had a tolerance of two hours, not two weeks, and the plan they envisioned was never even tested! So really, they were working off of blind faith that not only were the backups valid, complete, and recoverable, but that they were enough for a complete Disaster Recovery. The difference between the two had never even occurred to them. The bottom line here is having a backup of data and having an application back up and running is not the same thing.
The holes in the plan become apparent when very simple questions are asked:
– When was the last valid test done?
– Have you pulled the plug to see what happens?
– If you lose this facility for any reason, what’s the plan?
– Who is in charge of bringing your applications online?
– How much down time can you tolerate?
What are your experiences with DR? How do these perceptions match up to your realities?
– See more at: http://palmettovdc.com/community/net3-predictions-vs-realities-disaster-recovery/#sthash.m4W6dyBR.dpuf