Disasters From A to Z

It amazes me that in this day and age there are firms out there with absolutely no disaster recovery plan. I am not talking about a comprehensive 200-page manual but just a simple calling tree. How can any business operate without some level disaster recovery preparedness?

Let’s first define disaster. I would define a disaster as any event that adversely affects your operations. These events can affect your computer operations in any number of ways. Recovery back to normal operations can take anywhere from a few minutes to several hours.

Having worked in NYC for my entire career, NYC has been the center of many events. Many of which I have been through.

Here is a list of disasters that a firm should be prepared for:

Acts of God, Air-conditioning failure, Arson, Blackouts, Blizzards, Boiler explosions, Bomb threats, Bridge collapse, Brownouts, Brush fires, Building collapse, Chemical accidents, Civil disobedience, Communication failure, Computer crime, Disgruntle employee, Denial of Service, Earthquakes, Embezzlement, Explosions, Falling objects, Fire, Flood, Hardware crash, High winds, Heating/cooling failure, Hostage situation, Human error, Hurricane, Ice storm, Interruption in public service, Internet outage, Coup d’état, Pandemic, Water main break, Terrorism, Labor dispute, Lightning strike, Malicious destruction, Military operations, Mismanagement, Personnel non-availability, Plane crash, Phishing, Public demonstrations, Buggy software, Radiology accident, Railroad accident, Sabotage, Sewage backup, Snowstorm, Software failure, Sprinkler failure, Telephone problems, Theft of data, Transportation problems, Vandalism, Computer viruses, Water damage, Worms, Gas leaks

This lists gives you something to think about.

Disaster Recovery – A Beginners’ Guide

I have built several and moved several production and disaster recovery datacenters over the years. If you have been charged with this task and are in the initial planning stages this guide should help you get started.

First, you will want to rationalize and ask yourself what you want your DR site to accomplish?

Do you want to recover all your processes or only critical ones? Do you want to be operational for only a few days or for several weeks/months? Different businesses have different requirements so I would recommend forming a DR/BCP committee comprised of IT and business people. It will be important to get their input and requirements.

Once you begin asking yourself these questions you then will need to figure out if you need to recover all your servers or only a few. Again what is critical/not critical? Then you should start putting together a budget of costs: opex/capex to present to management and get approval before proceeding.

I have seen budgets make or break a project. But when it comes to DR planning, the sky’s the limit. So plan carefully and know your target audience.

Here is a brief list of some costs that I have encountered to get you started:

• Are you building your own DR site from scratch or outsourcing to a DR firm.
• Software licenses.  Some vendors require you buy additional licenses for servers.
• Are you going to build DR servers with fault tolerance or not.
• Travel costs to and from site.
• Will the site be manned 24×7.
• Copier/fax/ printer costs.
• Maintenance costs of your equipment
• Security
• Hot/cold site costs
• Declaration costs
• Networking costs
• Replication costs
• Server Cosst (option for OS preload, Image loads, etc)
• Test time costs
• Data backup costs
• Locker costs
• Consulting costs

Once you have answered your questions and put hard numbers to your requirements then the next step is to build a disaster recovery site.

So good luck…