A disaster can happen to any company at any time. Murphy’s law would even suggest that they will occur at the most inconvenient times, but I digress. In order to ensure business continuity in the face of these potential risks, it is vital to have a comprehensive and consistent DR plan. Sadly, many companies do not devote the time, resources or budget to adequately protect their environment from these extreme outages.
Before digging into the four methods to avoid a disastrous DR plan, I wanted to provide a quick summary of what a DR plan is and why it matters. A DR plan is a document that enables large scale business recovery in the case of a complete disaster. The plan must comprehensively describe the steps required to resume operations after a disaster, and thus must include extensive details about IT infrastructure including information on servers, storage, networking and other similar items. Application data is also critical, and so the plan must document applications in use, cross-application dependencies, logins, recovery locations and even broader human resources information. (For example, you would want to include contact information for all the key IT players both inside and outside the organization.) In summary, the DR plan should be comprehensive and enable a third party to rebuild your infrastructure without support from existing employees.
Now that you understand the criticality of the DR plan let’s look at four common challenges and ways to avoid them.
- Have a Complete Plan
There are many different resources inside today’s datacenter, and inventorying and understanding the interdependencies and operations can be challenging. However, without a complete knowledge of this vital information, a DR plan will be inconsistent at best. In many respects an incomplete plan is like an incomplete cookie recipe. While you can make cookies without butter, the resulting output will not look or taste good, and in the end you will have wasted your preparation and cooking time. Implementing an incomplete plan results in similar challenges. You will spend hours of hard work with an end result that will be very different than expected. In many respects, implementing an incomplete plan can be worse that no plan at all since you will have wasted significant time that could be spent looking at alternate recovery options.
Advice: Understand your entire infrastructure as you create your plan and ensure that all critical facets are included in the recovery document.
- Protect the Plan
Clearly, the plan is required when a disaster occurs, and a disaster, by definition, means that the primary data center is inaccessible. Many customers store their DR plans inside their primary data center which puts the plans at the same risk as the datacenter itself. Plans must be protected at remote locations that are far enough away to avoid being affected by large scale disasters.
Advice: You should have at least three copies of the plan in three geographically disparate locations.
- Update the Plan
Modern infrastructures are constantly evolving as data grows and new technologies emerge. Often, these modifications deliver improved efficiency and performance; however, they can also change fundamental business processes. The DR plan is a direct reflection of ongoing operations and so as IT changes, the plan must evolve along with it. Letting a plan go stale will eventually result in a document that is useless and inoperable.
Advice: As your environment evolves, your DR plan must evolve with it. You should review your DR plan at a minimum of every six months, if not more frequently.
- Test the Plan
DR plans document vital processes and are critical for the resumption of operations. However, documenting the recovery process is often very different from performing the recovery. DR tests can help identify potential gaps in the plan and opportunities for improvement. Performing a complete DR test can be burdensome on production environments and can impact end user experience and so many IT teams neglect to perform this critical action. However, you really won’t know how well your plan works unless you test it, and you do not want to find out that your plan is inoperable after a disaster has occurred.
Advice: Test your DR plan. Ideally you should test it annually if not more frequently.
In conclusion, the concept of disaster recovery is more important than ever in today’s rapidly changing IT environments. Technologies like the cloud can dramatically change how we implement DR. However, regardless of these improvements, a DR plan is still one of the most important documents, and just as our IT strategies evolve, our plan must constantly evolve as well. However, having a plan is not enough. The document must be protected from a disaster, and most importantly, should be tested annually to ensure that it reflects your current infrastructure.
If you found this article helpful, please share it!