Disaster Recovery – Evolving From IT to Business Requirement

Disaster Recovery’s Top 5 Challenges

The increasing reliance on information technology (IT) means that organizations are also more vulnerable to system downtime. Today’s global markets also require IT systems to be available around the clock, since employees are always working. Any downtime in this operating environment quickly results in problems such as decreased productivity, reduced revenue, lost brand value and compliance issues.

Most organizations don’t deal effectively with the possibility of disaster recovery. Senior executives often consider it to be an IT problem, leaving it to the IT department to fix. This paradigm typically leads to the development of many tactical solutions to disaster recovery without a guiding strategy. However, disaster recovery is a business problem that requires a business approach to solve. The top five challenges in disaster recovery include the following issues:

• Business needs
• Downtime tolerance
• Recovery time
• Budget
• Risk assessment

Business Needs

The general goal of disaster recovery is to keep the business running, regardless of the circumstances. It should be driven by business requirements rather than IT capabilities, meaning that you must prioritize business processes before you can implement disaster recovery (DRP). Depending on the organization, the most important process may be the online ordering system, e-mail capability, the SharePoint platform, or any other business-critical platform or application. Identifying these processes ultimately requires input from your business users.

Downtime Tolerance

An effective DRP also requires you to assess each application’s sensitivity to downtime. This information indicates the likely consequences of downtime in each area and provides the foundation for the DRP. Analysts use two metrics to measure downtime tolerance, including recovery point objective (RPO) and recovery time objective (RTO).

RPO is the amount of data that an application can lose before the loss becomes a significant problem for your organization. In other words, it’s the point in the past to which your DRP must recover data. RTO measures an application’s importance to current business operations. An application with a large RTO means that you have more time to recover the application before the organization will be significantly affected.

Recovery Time

An organization’s DRP often fails to describe what should happen once the backup media leaves the data center. However, it’s essential to know how to recover data after the disaster. The mere fact that you can access backup data off-site doesn’t guarantee that you will be able to recover your applications quickly enough to satisfy users. This capability also requires access to equipment that can restore the data or adequate bandwidth to restore the data from a cloud service provider.

Budget

Organizations often assign a budget to the DRP before they determine the financial risk of data loss and downtime. However, you must quantify the value of the data you could lose in an outage before you can determine what you should spend to avoid those losses. These losses should also include the financial penalties for failing to comply with government regulations.

Risk Assessment

Risk assessment involves identifying the specific events that qualify as a disaster, which is highly dependent upon the organization and geography. Natural disasters such as earthquakes and hurricanes are reasonable possibilities only in certain areas, while the risk of a network failure is more specific to the organization. It’s also important to realize that small losses caused by a particular problem can add up quickly when that problem occurs frequently.

To learn more about what Wavestone US can do for your company, click here.