Disaster recovery: planning & execution

Although historically one of the most neglected areas of computing infrastructure management, Disaster Recovery (DR) can also be one of the most crucial.

Planning

No matter what your organisation does, the integrity of its data is vital. For many organisations, the confidentiality of their data is also vital; and for many organisations, the integrity of their computing infrastructure (leaving aside data altogether) is also vital. Disaster recovery planning—or more generally, business continuity (BC) planning—is probably the most important aspect of ICT strategy for such organisations, and in all likelihood also one of the most important aspects of their broader risk management strategy.

When many people hear the term Disaster Recovery, they tend to think of scenarios like natural disasters, or terrorist attacks ("If the unthinkable were to happen, what strategies do we have in place to recover and continue to do business?"). The trouble is, these scenarios do seem unthinkable, and it is only human to assume - albeit misguidedly—that "those things won't happen to us". Unfortunately, such scenarios do eventuate—events well documented in the mainstream media bear out the grim truth.

However, risks of much greater likelihood than disasters of such global scale exist, and strategies should be in place to plan for their eventuation. These risks are many and varied, including relatively common events such as hardware failure, software failure, backup media failure, power failure, network failure, and plain old human error, common malicious acts of disgruntled employees or random miscreants such as physical theft or vandalism, virus or spyware infestations, acts of hacking and "phishing" scams, as well as more esoteric events such as heat, fire or water damage, acts of industrial espionage or minor natural disasters.

Like all risk management, DR/BC planning begins with thorough analysis. All potential risks should be identified and their likelihood and severity quantified. A risk assessment is presented and used to assist senior management in making key decisions about the relative importance to the organisation of the integrity of their data and infrastructure and of the confidentiality of their data. These key decisions are used to form the requirements which an effective DR/BC plan for the organisation must meet.

saosce are positioned ideally to assist organisations in the risk analysis phase and to facilitate the key risk management decision making process, as well as to develop and help implement appropriate DR/BC strategies and to assist with associated change management issues. For a confidential discussion of your organisation's DR/BC planning needs, contact saosce at info@saosce.com.au or call us on (08) 8121-3075 today.

Execution

DR execution is a mission critical process for virtually all organisations, and can be a make or break experience for some. Depending on the nature of the incident, every minute prior to restoration of normal service could be costing your organisation big money, and every minute prior to containment almost certainly is.

Having an effective DR/BC strategy in place can be invaluable when such incidents occur. But either way, immediate and effective action is called for. Incidents must be contained, evidence preserved for later forensic analysis, normal service restored, stakeholder relations managed and forward planning to prevent future occurrences commenced.

Whether to assist your organisation in executing its in-place DR/BC strategy in a timely manner, or to manage an unforeseen critical incident, saosce will have a competent, experienced, professional engineer at your site as soon as is humanly possible.

If all hell has just broken loose with your organisation's computing or communications infrastructure, call our DR hotline now on (04) 3828-7866 for immediate and appropriate action.