Unpredictability is a fact of life. Whether terrorist attacks, cataclysmic weather or simply a backhoe severing a power cable, enterprises never know when their operations may be threatened.
But mitigating the consequences of disasters need not be a matter of worry and guesswork. Here are seven steps to effective business-continuity/disaster-recovery (BCDR) planning that will provide some practical guidance.
Step 1 -- Admit the possibility of disaster
Just as the first step to personal recovery is admitting one has a problem, so the first step in BCDR planning is to admit the organization faces tangible threats that could jeopardize its prosperity -- or its survival. Until this first step is taken at a senior leadership level, go no further.
Step 2 -- List and categorize likely threats to the organization
The nature of the business and its physical and social environment will influence the types of threats an organization might face. Once the threats are listed, they should be categorized according to their likely impact on various systems. The cost of the response should be balanced against the tolerance for system downtime -- the less downtime that can be tolerated, the more it will cost to create an appropriate response. Some systems must be functioning again within minutes or seconds, while others can be down a few hours, and still others can be down for a few days without serious consequences.
Step 3 -- Outline the organization's BCDR technology infrastructure
The key technology elements of a BCDR infrastructure consist of a main data center, a remote site that duplicates the resources in that primary location, and high-bandwidth network connections. The best BCDR strategies follow a "redundant everything" philosophy throughout the data center. Multiple mainframes and servers should run in the production and backup data facilities. Then if a component in the production system encounters problems, it immediately fails over to the local backup as a first line of defense.
Power supplies are one of the most critical components in a BCDR strategy. Power outages rank among the leaders in most common and preventable disruptions, according to industry analyses.
And no matter how fat the network pipe may be, it's of little use if a careless construction crew accidentally severs a fiber. Network connections must not only be redundant, they also need to follow different paths within a wider WAN topology to keep a single threat from bringing businesses to a standstill.
Step 4 -- Inventory the organization's IT assets
Once organizations have sketched out the topology of their BCDR infrastructure, the next step is to develop an accurate inventory of IT assets. This enables the organization to understand the resources and business processes that need to be protected.
A range of enterprise management tools are available to help organizations develop and maintain accurate inventories of IT resources. Vendors of these tools offer modules that use software agents to scour the IT infrastructure, storing details about hardware and software assets and their configuration parameters in configuration management databases (CMDB).