Friday’s frightening commuter train crash in the Connecticut suburbs of New York City is another example that things don’t always go as planned.
Few people disagree with the rationale behind disaster recovery and business continuity (DR/BC). Indeed, DR/BC seems to be getting more important as time passes -- the emergencies get more severe and downtime more disruptive and costly.
The problem is that there are dozens of different ways to handle DR/BC. From maintaining up-to-date lists of employee cell phone numbers to using the cloud, almost anything an IT department does – if done carefully and with redundancy built in – arguably is DR/BC. That’s great in a way: By using certain best practices, a company can integrate BC/DR into its normal way of doing things.
But it also is confusing. The questions become: If everything is BC/DR, what is it, exactly? Where do we start?
CIO Insight has a nice slideshow up outlining 10 vital steps – ten commandments, they call them -- that provide that starting point. Here are the first five: Eliminate single points of failure; keep “notification trees” timely; follow current events, from impending storms to heightened terrorist threats; keep an eye on many areas within the business that could lead to problems as possible and document the steps to recovery so that they can be performed by secondary staff if the person who usually would run the show is not available.
The cloud – which by definition distributes intelligence – is the best thing to happen to DR/BC since the invention of the cell phone. SunGuard, one of the big names in disaster recovery, is positioning itself to use the cloud as a conduit for its services. The Network World piece details the company’s plans, which seem to be incomplete or only partially public. The bottom line is that SunGuard understands that companies are moving their data to the cloud as a sort of do-it-yourself DR/BC solution. That’s a great opportunity for the company to offer cloud services that are combined with its unique DR/BC background.
A more academic look at DR/BC is available at The Metropolitan Corporate Counsel, a partner in the Litigation and Corporate Financial Advisory Services Group at Marks Paneth & Shron LLP, writes that companies must consider whether to invest in a comprehensive approach or to simply protect its data:
Risk can be limited to data security or be widened to encompass operational issues should a major disaster actually occur. While the costs of a complete disaster recovery plan will be much greater than a plan designed solely to protect lost data, the consequences of one versus the other should, at least, be considered by management.
There are ideas available on the key of where to start and how to approach BC/DR. The bottom line is that a lot of things fit into the definition of business continuity/disaster recovery. Businesses that have not paid attention to this important part of their ongoing operations must determine what for them is the best place to start. The time to opt out because the topic is too confusing or expansive has passed.