Disaster recovery and business continuity (DR/BC) are like any other type of insurance: People generally understand its importance, but tend to not pay attention until it is too late. It’s just an unpleasant topic. In the case of business DR/BC, that tendency is exacerbated by the reality that DR/BC doesn’t generate revenue.
But they are important nonetheless, and seem to be growing more so as the environment becomes more extreme and less predictable and the specter of terrorism grows. Paul Vachon at Crain’s Detroit Business makes the point that DR and BC are two sides of the same coin:
Although the initial response and the subsequent work to maintain business continuity are distinct, they should be viewed as two branches of the same tree, since a threat to a business' survival begins at the moment an emergency begins. Both aspects, therefore, should be viewed as integral to an organization's continuity management.
It is more than a semantic distinction. Both have to do with emergencies and crises, of course, but the difference is great. Disaster recovery deals with getting systems back up and running and rebounding from the problem. Business continuity, as the name implies, is the vital job of enabling the organization to fulfill its role – be it air traffic control or shoelace manufacture – while the problem is dealt with.
This is a multistep challenge. Today, Jennifer Lonoff Schiff at Network World offers an exemplary eight-step checklist that should be followed and built upon to create a solid DR plan. She suggests making an inventory of hardware and software, defining the organization’s “tolerance for downtime and data loss,” and laying out a clear thread of responsibility, with backups for those named, and to create a communications plan.
Lonoff Schiff also counsels organizations to create backup work sites and make sure that employees know their location, include emergency contingencies in service level agreements (SLAs), map out how to handle sensitive data, and test the plan regularly.
While explosions and hurricanes are the first things that come to mind when people mention disasters, mass threats to public health are also part of the picture. They are very much in the news. Ann Pickren, president and CEO of MIR3, takes a look at pandemic planning at Continuity Central. She goes into great depth, and says the bottom line is that this is serious business.
Pandemic planning success means having processes and procedures in place before an incident occurs. No one strategy will satisfy every organization’s risk and impact profiles. Two similar businesses may have very different response strategies (i.e., caring for children at home versus having them come to work with employees). Both strategies are correct if developed around a sound process, but choosing the right strategy is a subjective determination based on management perspective and philosophy.
Preparations for pandemics are important, of course, in and of themselves. They are also a good illustration of the expansive nature of the DR/BC landscape. Companies that are assuming that nothing will go wrong are in denial, and may pay a high price for kidding themselves.
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at firstname.lastname@example.org and via twitter at @DailyMusicBrk.