Tri-Paragon Inc. 130 King Street West, Suite 1800, P.O. Box 427, Toronto, ON Canada M5X 1E3
Phone: 416.865.3392 Email: firstname.lastname@example.org
(The science of performance)
“If you think it is expensive to hire a professional to do the job, wait until you hire an amateur” Red Adair
Business and IT Interruption Recovery Planning
Business, governments and government agencies must be prepared for unexpected business interruptions of all types, from a supplier’s inability to supply, to the loss of a critical customer to a breakdown in a business process such as a temporary IT application outage or a loss of key personnel affecting the ability to execute that process. Proper proactive preparation prevents business outages of extended duration and provides the ability to quickly recover.
Data protection, including backup, is often regarded as an unsolvable nuisance that adds complexity and budgetary burden while remaining unreliable and cumbersome. It’s critical for you to gain an understanding of and a formulaic approach to quantifying recovery capabilities, business impacts, and financial concerns related to data protection. Without the data available to support any business processes recovery is not possible or at the very least extremely difficult.
Operations professionals deal with business impact analyses (BIAs) and risk assessments (RAs) to take stock of the organization’s preparedness for crises of all kinds; Financial professionals tend to see everything through the lenses of total cost of ownership (TCO) and return on investment (ROI); and , IT professionals deal with recovery point objectives (RPOs) and recovery time objectives (RTOs) as the basis of their measurements of certain data protection tools and technologies.
Developing a business continuity plan starts with understanding the impacts and duration that various business outage events can have on the business and how best to mitigate those events in a timely manner. Once the business impact and risk analysis has been started, the process of defining how to mitigate an outage event can begin. It is best to have a number of business processes addressed first to enable the development of the recovery plans aligned with those processes which have the greatest business impact and are at the greatest risk of occurring.
Business outages are expensive. You must have a business continuity disaster recovery (BCDR) strategy. A successful BCDR strategy takes a two-pronged approach consisting of steps to avoid downtime and a well-tested action plan to help ensure quick recovery and minimal data loss. Having a comprehensive strategy that covers both sides is essential.
First, you need to do everything you can to increase operational uptime. Even the most minute improvement can make a big difference — a 1 percent increase in uptime can save your organization millions in negative business and financial impacts. Understanding third-party risks when considering how to prevent downtime is extremely important because you are unable to control your suppliers’ product availability. If a critical supplier incurs a catastrophic business outage how will this impact your ability to continue operating. Similarly, if a major customer incurs a major and lengthy business outage, how does it impact your business and how can you best mitigate this event.
Your backup solution should constantly keep you appraised via email and your admin dashboard. The dashboard of the appliance should be customizable to allow you to organize the data just as you want. A full collection of backups is essential to fast recoveries that can deliver your RPO and RTO goals. It should also feature advanced tools such as predictive analytics to identify hardware and software failures before they affect your backups.
Your clients’ business requirements should drive your backup strategy to ensure schedules are aligned with business goals. While traditional methods allow you to manually designate times, locations, targets, and storage assets, new technologies allow backups to be scheduled based on business objectives. Ideally, you should be able to set RPO goals, identify the targets, and indicate where you want the backups stored. The system then calculates the rest of the variables required to meet that RPO requirements.
Flexibility is still important, and your backup and recovery solution should offer multiple ways to schedule backups. Backups should be easy to define and schedule. Administrators should have the choice of how backups are set, either by entering the backup details themselves or using intelligent, policy-based scheduling technology. Policy-based management allows administrators to define their recovery goals (RPO and RTO) with the system calculating and filling in deployment details. This form of scheduling allows you to align data management and availability tactics to business policies, without needing to understand details such as file locations and snapshot schedules.
In a perfect world, unplanned downtime would be avoidable. In the real world, natural and manmade disasters happen, and they inevitably bring outages. The key is to have your systems set up in a way that downtime is brief enough that recovery is near instantaneous. To be seamless takes practice, and that means testing constantly. Testing is how you practice recovery, and automated testing is practicing smart. The only way you know you will recover is to test it regularly, automatically, and after every change to your applications, data structures and infrastructure.
Recoveries seem simple but are often complex because many applications have multiple tiers spread across different virtual and physical machines. You want to test how you would recover not just individual machines, but how ALL the machines in an application are recovered together. You need to know that all dependencies and the application components running on them can be brought up, in the correct order, with no fatal recovery issues.
While instant recovery with zero downtime is ideal, putting in place the resources to meet this objective may not be feasible for every business outage. Not all outages are equal and not all business outages carry the same weight among organizations. More backup capabilities should be invested to protect mission-critical business functions than those situations that can be unavailable for a short while. To determine which business processes and functions require the most investment can best be determined by conducting a Business Impact and Risk Analysis which identifies those areas of the business that require the most attention. Recovery plans should triage business processes by their importance to the business so critical business functions can be recovered first. Business processes that manage customer orders are far more important, for example, than those that enable employee expense reimbursement.
When it comes to business and IT interruption and disaster recovery planning you must be 100 percent sure. Backup and recovery is the lifeblood of your business in the event of an outage. You can’t afford to just hope your Business and IT Interruption and Disaster Recovery Solution will work correctly when you have a downtime event. Having a plan is important, but testing these tactics helps ensure speedier and more complete recoverability from all sorts of downtime events that impact you or your customers or your suppliers. Don’t let malicious attacks, employee sabotage, accidental deletions and other unforeseen culprits destroy your business.
Coaching assistance and Business Outage Recovery and Disaster Recovery Planning assistance is available from Tri-Paragon. Contact Tri-Paragon today by email at email@example.com or call us at 416 865-3392 to learn more about our enterprise-class Business and IT Interruption and Disaster Recovery Planning process.