Disaster Recovery 101
Disasters causing data loss can be enough to cause businesses to go under, but proper recovery planning can help a business survive, even in the worst of situations.
In February, the Pacific Northwest experienced some high winds and heavy rains as an "atmospheric river" went over the region. Though not nearly as bad as the Columbus Day Storm of 1962, some wind gusts did get into the triple digits in some places, and a few trees managed to crash down near where I live.
The lesson here is that extreme weather and other natural disasters can happen anywhere, even in places that most people think are serene, including the Pacific Northwest.
Computers are delicate devices inside, and are as vulnerable to what nature and people can dish out as other human beings and structures are. Hurricanes, tornadoes, earthquakes, even warfare and terrorism can not only cause death and destruction, but loss of valuable data.
For most — if not all — modern businesses, the data is their business, and the loss of the former could very well mean the end of the latter.
It is for this reason that businesses should include their IT infrastructure in their disaster planning.
Plan for the Kind of Disasters That Affect You
Since there’s no place on Earth that’s immune to every kind of natural or human-made disaster, it’s important for businesses to plan for the kinds of disasters that are most likely to affect your business.
The big one for many companies in the Silicon Valley is earthquakes. The San Francisco Bay Area could also be vulnerable to coastal flooding caused by global warming in the future, as could many other coastal areas.
The West Coast also has a potential for tsunamis caused by earthquakes, even ones far away from California. Tsunami waves from the 2011 Tohoku earthquake in Japan were able to cause some damage on the West Coast.
Knowing the kinds of risks companies face will affect how they design data centers. For example, given the risk of earthquakes and tsunamis, it’s a bad idea to build your data center at the coast below sea level, no matter how good the view is.
The designers of the Fukushima Daiichi nuclear power plant in Japan found this out the hard way after tsunami waves knocked out the backup generators keeping the reactors cool, causing a meltdown.
If your business is located in the South or the Midwest, weather is an obvious concern. Hurricanes are the biggest threat from the East Coast and the Gulf of Mexico, while tornadoes and severe storms are yet another concern. While high winds can damage buildings and equipment, lightning is a bigger killer than tornadoes, both of people and electronic equipment.
Plan for Key Business Areas
You won’t be able to protect everything and everyone in a disaster, but if you plan accordingly you’ll still be able to maintain your business if the worst happens. You’ll have to "triage" your IT infrastructure. You’ll want to protect the critical parts, such as client lists and important financial records. These are the kinds of things you’ll want to save with offsite backups and alternate data centers, for example.
Make a Risk Assessment
Along with the planning for key business areas, you’ll have to plan how much risk you have from disasters. Most people in North America, for example, are relatively free from the risk of warfare. In the Middle East, it’s a different story. The end of the Cold War has also made a nuclear war much less likely, though planning for one might be a useful exercise in thinking through the kinds of issues that can affect data centers in an emergency.
Planning for improbable events can mean that companies are better protected when more routine disasters happen.
Implement Protective Technologies
Since disasters can affect IT, how can you plan for them? Since you can’t always protect against them, you can be prepared when they do happen.
The obvious choice is to locate data centers away from problem areas, such as coastal areas, but that’s not always possible. The best disaster planning will always involve keeping good backups and testing them. Even better is having backups stored offsite, hopefully far away from a potential disaster. For example, you might want to store backups in the Midwest, the East Coast or even Europe if you’re based on the West Coast. At the personal level, cloud storage services like Dropbox might serve this purpose.
If you can afford it, having complete data centers in different locations that you can fail over is also a great idea.
Once you have measures in place, you should periodically test them to make sure they work, for the same reason you have regular fire drills. Try restoring from one of your backups sometime, just to be safe.
You might think of anti-malware software as an annoyance, but it’s a useful disaster mitigation tool, this time against a human-made problem. As and hacking gets more professionalized and used as a weapon of war, you’ll want to protect the integrity of your data.
It’s a dangerous world out there, but if you plan well, you can keep going after everything from a hurricane to spilling a cup of coffee on a laptop. If you want more information, you can check out the Disaster Recovery Guide, as well as an IT Disaster Recovery Plan from Ready.gov.
Even though you can't prevent disasters, with proper IT strategy it is at least possible to mitigate the damage that disasters may cause.