Traditionally, most disaster recovery (DR) and business continuity projects have been triggered by a recognition that natural and manmade disasters can strike at any time. Events like the 1993 World Trade Center bombing, the 9/11 attacks, Hurricane Katrina and numerous other high-profile disasters have highlighted the vulnerability of corporate infrastructure and data to damage or destruction, along with the need to mitigate the risk by implementing a plan for rapid restoration of critical IT systems and data.
More recently, other issues have been pushing DR planning to a higher slot on the priority list. That’s reflected in the fact that 70 percent of IT executives at large U.S. companies responding to a recent IDG Research/Datalink survey indicated that they have disaster recovery initiatives on the table. Only security projects ranked higher.
In this slideshow, Paul Thomann, senior manager, Cloud Services Management and IT Resiliency at Datalink, looks at the catalysts that are reinvigorating disaster recovery initiatives.
Adding Fuel to the DR Fire
Click through for catalysts that are driving organizations to place great emphasis on disaster recovery initiatives, as identified by Paul Thomann, senior manager, Cloud Services Management and IT Resiliency at Datalink.
The most obvious new catalyst to enter the DR ring is the ongoing rise in the number and severity of cyber attacks. Companies that have experienced hacker-related disruptions are painfully aware of the need to be able to get back up and running in the event of another incident. (It’s the “fool me once, shame on you; fool me twice, shame on me” principle at work.) Companies that haven’t yet fallen victim to a disruptive attack are increasingly aware that they could be next, spurring them to action.
Other less publicized factors are at work, as well. Organizations frequently take the DR leap when a mandate is issued by a company they supply. Increasingly, large organizations are requiring DR proof from their supply chain in order to protect themselves against a business interruption that will affect product availability to their customers. Suppliers facing this requirement risk losing some of their biggest accounts unless they can show they have a well-designed, well-documented and frequently reviewed business continuity plan in place.
Organizations also look at upgrading their DR capability when an audit addressing risk exposure is pending or has a negative result. In industries where regular auditing of business practices takes place, upper management is understandably concerned about the potential impact of a negative finding on the business. This may prompt efforts to beef up a company’s DR capabilities in anticipation of an audit or in reaction to a report suggesting that the company is insufficiently protected against disaster.
New Regulatory Requirements
New regulatory requirement implementation is another trigger point for DR investment. From HIPAA to Sarbanes-Oxley and beyond, updates to major data protection and industry-specific regulations frequently require IT modifications to ensure compliance. Changes to regulatory policies on issues like data security, access and retention can impact backup strategy and other DR processes, in some cases prompting a makeover of the entire business continuity plan.
Also pushing DR projects to the forefront are technology advances like the cloud and virtualization that have increased affordability. This is allowing organizations that previously limited DR coverage to certain aspects of their business for budgetary reasons to expand these protections to the entire enterprise. Better DR effectiveness – including the ability to bring businesses back online after an outage in a fraction of the time previously required – is inspiring more business continuity initiatives as well.
The Role of the C-Suite
The final factor sparking a rise in disaster recovery initiatives relates to increasing executive influence over IT spending decisions. The same IDG Research/Datalink survey cited earlier revealed growing pressure to align IT investment strategy to business needs, with risk mitigation ranking near the top of the list of C-suite concerns. Business continuity and disaster recovery planning fit squarely in the risk mitigation category, putting these projects clearly in the crosshairs of IT teams.
And that makes perfect business sense. Whether ensuring maximum uptime for customer-related services — like company websites — ecommerce operations and order processing systems or providing supply chain assurance for key accounts, every organization needs to protect the functions that keep the doors open and the profits flowing. It’s an insurance policy that no company can do without.