Preparing for the Next Frankenstorm: Leveraging the Cloud as You Plan for IT Disaster Recovery4 Aug, 2013 By: Jay Atkinson, AIS Network
When Hurricane Sandy slammed into the East Coast last October, its impact was catastrophic. At an estimated $71.4 billion in damages, Sandy became the sixth most costly hurricane in U.S. history.
The “Frankenstorm,” as it was dubbed, disrupted myriad organizations as they struggled to do business in the face of lost communications, power outages, downed Internet service infrastructures, transportation failures and impassable roads. Millions of employees were on their own for an extended period because of the size of the area impacted.
In the end, the storm’s long-term damage—and the costly experience of rebuilding entire East Coast communities—has compelled many IT professionals to rethink how they plan, test and execute their disaster recovery strategies and how the latest cloud computing technologies can help them recover faster with minimal data loss.
The Business Consequences of a Potential Disaster
Data loss may not always be the result of a major natural disaster. Hardware failure, human error, system failure, natural disasters, computer viruses, theft and accidental deletion all contribute to the data loss problem.
It only takes one little security patch that wasn’t done, a hacked password, a rotting tree that falls on the building server room, a coffee spilled on a server, a leaky roof over the server room or an unauthorized person gaining access. The consequences? Data loss and downtime can cripple your entire operation.
If you are unable to serve or communicate with your customers or you have degraded IT service quality following a disaster, you may pay a significant price in terms of:
- Lost opportunity. Your downtime works to competitors’ advantage. They have an opportunity to seize market share.
- Partner Alienation. Partners’ revenues and service capabilities suffer.
- Damaged Reputation. Long-term profitability is impacted. You lose opportunities due to the perception that you’re not “always on.”
- Customer Erosion. When customers have a bad experience, they lose confidence. Over the long term, you lose their business.
- Increased costs. You suffer lost revenues and productivity. Your exposure to penalties and remediation costs is greater.
As a business owner myself, I might also add that it leads to business owner Stress.
Planning for the Worst Case Scenario
Sadly, one in four businesses forced to close for at least 24 hours following a disaster simply never reopens.
That is why Hurricane Sandy was such a powerful reminder of why it’s never too early to shift your business’ focus from reactive response to proactive preparedness. Nothing can help you mitigate downtime risks and protect your sensitive data and applications like a tested, fully compliant backup strategy and a solid disaster recovery solution. And, in today’s highly regulated environment, compliance is king. Having an enterprise-class, secure backup and recovery solution that meets even the most stringent requirements is not just desirable. It is expected.
If you do not already have an IT backup and disaster recovery plan in place, where should you start?
Businesses should think critically about ensuring business continuity by evaluating their IT infrastructure, preparing for potential data loss, and outlining the critical processes needed to recover that data.
Briefly, here are seven steps to follow in planning your organization’s IT disaster recovery:
- Identify the risks. List and categorize threats associated with natural and man-made disasters and their likely impact on your various systems. Start thinking about what it would take to knock out your entire network (and by extension, perhaps, your customers’ networks). How much unplanned downtime can your business sustain?
- Inventory your IT assets. Which are most critical to maintaining business continuity during a disaster? What is your tolerance for loss of those assets? From a budgetary standpoint, remember that the cost of the response should be balanced against your tolerance for system downtime. The less downtime that can be tolerated by your organization, the more it will cost to create an appropriate response.
- Define your goals. Decide if your business can shut down due to a disaster or if it needs to recover somewhere else. If so, how quickly? What does it need in order to recover? Define your goals in terms of RPO (Recovery Point Objective, “How much data can we lose?”) and RTO (Recovery Time Objective, “How long can we be down?”). Some systems must be functioning again within minutes or seconds, while others can be down a few hours, and still others can be down for a few days without serious consequences.
- Develop a plan. Essentially, map out a plan for your worst case scenario. What happens if the office building and your on-premise data center burns down? The plan should include your “IT Assets Inventory” along with data protection procedures and contingency plans, notification/activation schedules, a list of roles and responsibilities, a list of resource requirements and details about training provisions. A good plan will include maintenance schedules as well as backup/recovery testing schedules. Also, ensure that you can deliver all of these requirements in time.
- Understand where the cloud fits in. Today’s virtualization technologies are making backup and disaster recovery vastly cheaper and easier. In the next section, we’ll explore just how this works.
- Implement the plan. Think about how will you distribute your plan and get senior management buy-in. It’s important that senior executives understand the consequences of system disruptions, so that you can win their support (and funding for) contingency policies.
- Keep testing the plan. With cloud-based disaster recovery, testing is easier than ever before. Remember that your efforts to keep those plans updated will help ensure the survival of your business.
Incorporating the Cloud Into Your Backup and Disaster Recovery Planning
For businesses that are actively building an IT disaster recovery plan within the context of developing an overall business continuity strategy, there is great news.
Replicating your entire infrastructure to a remote, disaster resilient location designed to be “always on” is not nearly as difficult or costly as it may have been just five years ago.
Welcome the cloud – designed to be there when you need it most.
The combination of the cloud and the right backup and/or disaster recovery solution breaks the old school incremental and full backup model and replaces it with continuous data protection. Continuous data protection takes frequent snapshots of your systems, so your backups always run – 24/7/365.
In the old days, recovery meant travelling to a remote site to retrieve tapes, having hardware on standby or ordering new, and then beginning the cumbersome and often unreliable process of restoring data. In the cloud, this has all been replaced with one idea – virtualization.
Recovery in the cloud requires no travel and no extra hardware, and it offers extreme levels of reliability. Should a disaster occur, the right cloud solution allows the continuously backed up systems to be restored as virtual machines.
Imagine a world where your entire infrastructure could be physically lost, and within hours, be up and running again in the cloud. That time has arrived.
How does it work?
Cloud backup and disaster recovery solutions allow the backups to be recovered into a virtualized environment as virtual servers. Virtual servers are hardware independent, meaning your operating system, applications and data all come alive exactly as they were on the original hardware. Once virtualized, machines can be moved quickly and easily between data centers. The ability to test the backup and restore process frequently, without disruption to employees, also becomes much easier.
All of these benefits speak to why compliance-focused businesses are finding that virtualization technologies make it simpler to comply with stringent regulations governing electronic storage and access to data — such as those rules defined by Sarbanes-Oxley, Gramm-Leach-Bliley, the Health Insurance Profitability and Accountability Act (HIPAA), FISMA, NASD and NYSE.
When IT professionals who are held to these high standards of accountability see first-hand all of the benefits of backup and disaster recovery in the cloud, tape backup no longer makes sense, and is, in fact, very difficult to justify. Because cloud-based backup and disaster recovery typically can be had for a predictable monthly cost, more flexible contracts and no added capital investment, senior management buy-in becomes less of a hurdle.
The right cloud solution offers amazing protection for your infrastructure by minimizing data loss and providing rapid and flexible recovery models. The days of tape, like the days of VHS, have passed us by and the cloud is quickly becoming the new baseline for protecting your infrastructure.
AT A GLANCE CONSIDERATIONS
Secure online backup and disaster recovery in the cloud offer significant benefits:
• Less cost
• Highly Availability/disaster-resilient infrastructure
• Better functionality and reliability
• Easier and more frequent testing
• Predictable, pay-as-you-go pricing
• More flexible contracts
Jay Atkinson is the CEO of AIS Network, a pioneer in the hosting industry. AISN is the premier provider of data and applications hosting to the Commonwealth of Virginia as well as numerous large enterprises throughout North America.