Is your company having problems justifying its disaster recovery efforts? Are you getting push back...
Six Things CIOs Should Know About Disaster Recovery
OK, admit it, short of felonious hackers, nothing keeps more CIOs awake than the thoughts of disaster and its attendant recovery. It’s a compelling problem that we can all learn from thanks to the disasters of others.As EnterpriseStorageForum.com observes, “Disaster recovery used to be a costly affair. You built a duplicate site in some remote location with its own complete set of hardware, software and systems. You replicated your data to it so that in the event of a disaster, you could stay online. But that entailed complete system redundancy with one set sitting idle 99.99% of the time. In these days of stringent budgeting, few can attain that idealistic dream.”The site shares some practical advice from experts in the field. Here are a couple good examples:
- • Sash Sunkara, CEO of RackWare, encourages companies to test the waters by putting more than backups onto the cloud. She suggested throwing some entire workloads on there to see how they do. “Yes, it is advantageous to use cloud infrastructure to back up your data,” said Sunkara. “Not only can you backup files and data, but you can move an entire workload (OS, applications and data) of a physical server directly into any cloud, such as Amazon Web Services, RackSpace, or SoftLayer.”
- • Another way to lower risk is to continue to retain some kind of physical-based DR element. If an entire cloud gets targeted by hackers or you lose the network, you have effectively put your eggs in one online basket – never a good idea. “Firms should look at physical storage and other options to complement the cloud,” said David Zimmerman, CEO of LC Technology International. “Cloud storage is dependent on internet access, so critical systems should have some sort of on-premises storage solution as well.”
- • Sunkara made another good point. She noted that in many data centers, protected workloads tend to be categorized into two levels: Mission Critical, where workloads can’t even afford to be down for a few minutes, and Low Priority, where workloads are archived, but may take hours or days to restore. ‘All the workloads in-between these two categories, those that require a quicker time to recover, but where expensive replication systems are not required, have been under-protected. A solution to these under-protected workloads is to use the cloud as a ‘virtual disaster recovery’ site,’ said Sunkara.”
Paul Chisholm, chairman and CEO of mindSHIFT Technologies, a provider of managed IT services to small and medium-sized organizations, offered his thoughts at InfoSecToday.com. He says, “In determining the components of a disaster recovery plan, businesses typically need to make tough compromises, sacrificing the level of recovery (maximum amount of downtime and data loss) with cost.”Here are some of his pointers on disaster recovery:
- Consider hiring a managed services provider: For small- to medium-sized businesses, it is often cost prohibitive to implement a sound disaster recovery plan. Frequently these organizations lack the technical professionals to accomplish this. Managed services providers (MSPs) have emerged to perform this role.
- Back-up laptops and desktops: Although many companies have policies requiring employees to store all data on the company’s network, it is not prudent to assume that the policy is being followed. Users often store important files on local systems for a host of reasons, including the desire to work on files while traveling and the need to protect sensitive data from the eyes of even the IT staff. Backing up laptops and desktops protects this critical data in the event of a lost, stolen or damaged workstation. Using an automatic desktop and laptop data protection and recovery solution is ideal.
- Install regular virus pattern updates: IT infrastructure is one of those realities of business life that most companies take for granted. Companies often do not focus on email security until an incipient virus, spyware or malware wreaks havoc on employees’ desktops. Organizations need to protect its data and systems by installing regular virus pattern updates as part of disaster recovery planning, which may even help prevent a crisis from happening.