You are here

Planning for disaster recovery and business continuity

8 September, 2015 - 16:42

Some incidents are bigger than others and constitute catastrophic failures or disasters. Quite often these are associated with natural disasters, such has flood, earthquake or hurricane, but catastrophic failures may result from any number of causes. A major industrial accident might require vacating an organization's premises; a flu epidemic might incapacitate a significant percentage of an organization's staff. And of course, there is the chance of intentional sabotage. The issues of disaster recovery and business continuity range far beyond the domain of IT planning. However, to the extent an organization depends upon IT support to support core business processes, IT considerations must be fully integrated into an organization's overall disaster recovery and business continuity planning.

A disaster recovery plan is intended to provide detailed guidance concerning the actions to be taken in the event of that a disaster occurs. Disaster recovery plans may be written to address a wide variety of crises. Here, disaster recovery planning is discussed with reference to the restoration services disrupted by severely damaged IT facilities and services. In contrast, business continuity plans are more broadly concerned with ensuring that essential organizational functions can continue to be performed in the event of any circumstance that massively disrupts the normal operations of an organization. The two functions are closely related. To the extent an organization depends upon IT services to support core functions, then an effective business continuity plan necessarily ensures provision are made for restoration of essential IT services.

Key elements of both sets of plans require clearly established priorities, delegation of responsibilities (including contingency delegations should primary designees prove unable to accomplish assigned tasks, and pre-staging of minimum essential infrastructure and assets to continue operations. For example, an organization may have designated a relocation point from which to continue its operations. However, if required phone lines are not available, business operations will remain disrupted until such time as new lines can be ordered and installed.

No organization can be expected to fully reconstitute itself in the face of a catastrophic loss of infrastructure or personnel. The key to business continuity planning is to identify the minimum essential functions that must be available if the organization is to survive (from a business perspective) or meet mandatory obligations (from a nonprofit or government agency perspective).

From an IT perspective, disaster recovery and business continuity usually require designation of some type of back up facilities. As one might guess, the costs of alternative facilities can vary considerably. Maintaining dedicated facilities that replicate existing operational infrastructure is quite expensive. Accordingly, organizations employ a variety of techniques to manage the costs of disaster recovery and business continuity. The most expensive capability is the maintenance of hot backup site. In a hot backup site, essential systems have been duplicated at the alternative facility and are fully configured to pickup operations should the primary site fail. Given advances in communications technology, some companies continuously replicate their data to the alternative site thus minimizing the potential for data loss and the time it takes to restore service.

A warm site has many of the capabilities of a hot site, but its systems are not fully configured. While servers, workstations and communications facilities are in place, the organization will typically need to load its applications and data to make the facility operational. This can take from hours to days depending on the number, size and complexity of services to be supported. While still expensive, the maintenance costs of a warm site can be considerably less than those of a hot site. Some organizations maintain a cold site, essentially an empty facility in which an organization can reconstitute its system. There is essentially no hardware pre-installed; organizations will have to either relocate or purchase required equipment then install and configure it before operations can be resumed. Obviously, a lower cost alternative, but one that will likely result in a prolonged outage should the organization's primary facility becomes unavailable.

To reduce the cost of maintaining a hot site or a warm site, organizations may also contract with a service to provide contingency services. For a recurring fee, the service bureau agrees to maintain required equipment and facilities for the contracting organization to move into should the need arise. The service company can offer favorable prices by offering its facilities to multiple organizations or businesses - under the assumption that not all of its clients will require the use of its facilities at the same time.

We close this section with the same admonition provided at the close of the section on system backups. Disaster recovery and business continuity plans are not all that beneficial if the organization never tries to exercise them. While expensive, realistic test scenarios must be run to ensure that important details have not been overlooked. In truth, it is unlikely that an organization can adequately anticipate and plan for all possible contingencies. Yet those that do invest in contingency planning and in testing their plans are far more likely to survive the consequences of catastrophic disasters.