Article by Jude
Disaster recovery is a process which enables the restoration of IT and data-centric functions supporting critical business operations following a natural, technical or human-induced disaster.
Planning a disaster recovery process requires a comprehensive documentation that reflects sets of procedures to execute before, during and after a disaster. This means that IT DR experts such as DRaaS (Disaster-Recovery-as-a-Service) vendors are expected to develop, test and implement preventive, incident management and recovery procedures that will reduce disruption of IT infrastructure and data-centric services to a bare-minimum.
Minimizing downtime and data loss during disaster recovery is measured in terms of Recovery Time Objective (RTO), which is the time until a system is completely up and running and Recovery Point Objective (RPO), the up-to-datedness of files that must be recovered from backup storage for normal operations to resume.
A shorter RTO and near-incident RPO is the desire of every business operator. Hence, all procedures of IT DR which include the pre-disaster stages must be geared towards attaining the best possible RTO and RPO. To achieve such results, the following processes should be considered when planning a Disaster Recovery solution:
Inventory of hardware and software
This involves taking inventory of communications equipment, workgroup and data center computer hardware, microcomputer hardware and software, off-site storage location equipment, software and data files backup/retention schedules, temporary location specifications and lots more.
Part of the first thing to consider in Disaster Recovery planning is the preparation of a risk analysis against a business impact analysis (BIA) which include a range of risk factors and identified possible cases such as massive fire outbreaks. This is expected to reveal the vulnerability of the IT infrastructure and associated functions.
Risk evaluation and profiling
Once possible risks have been identified, their risk scores or ratings are to be assigned which can be used to develop a risk profile. This involves prioritizing the IT needs and functions associated with the business operations.
The IT DR team is now expected to develop a comprehensive documentation that suggests Disaster Recovery measures and processes that are peculiar to the need of the studied business operations and in line with the result of its risk analysis.
A properly developed testing procedure comes to play here. This will require the IT DR team to test their prescribed DR processes or solution to determine the feasibility and compatibility of recovery facilities and procedures and identify areas in the plan that need modification.
A special attention should be given to communication channels needed among IT DR team members and other employees as this will always be helpful at every phase of the DR implementation.
Employees are expected to perform structured and actual rehearsal on the developed DR system to further ascertain its resilience and increase familiarity since the processes serve as training.
Updates and review of the Disaster Recovery Plan (DRP) is expected to be a recursive process that runs all through the stages of prevention and after incidents. Results from tests/rehearsal and post-incident reports will strengthen the DR system if it is appropriately and promptly updated based on such results.
As businesses move their IT operations to the cloud, equivalent DR services have been made available through DRaaS vendors such as Accrets. This service is provided by IT DR experts to help businesses attain optimum uptime/data safety and help them handle the complexities of disaster recovery operations.