In this week’s Voices of the Industy, Josh Moody, FORTRUST’s Senior Vice President of Sales and Marketing, discusses disaster recovery plan best practices.
Best practices dictate that enterprises must be prepared with a plan in the case of a disaster. This plan informs stakeholders of the processes and procedures that must be completed to ensure a quick, seamless recovery, as well as their individual responsibilities.
Without such a plan, a business could suffer extended downtime, revenue loss and public scrutiny. With the proliferation of immediate access to data, the “always on” mentality across today’s enterprise as well as the global economy the requirement to be resilient in more paramount than ever. But it isn’t just enough to have a disaster recovery plan (DRP) in place. The plan must be tested to guarantee that, in the event of a severe storm, utility outage or other disaster, services remain uninterrupted. Let’s take a look at what a quality DRP should include, how to successfully test this plan and what this means for colocation customers.
What does a quality Disaster Recovery Plan look like?
“It is crucial to ensuring the continuing operation of critical systems during and after a disaster.”
Complete a risk assessment: Before hitting the drawing board to establish a plan, data center staff and stakeholders should gather to complete an operational risk assessment. During this process, employees analyze a range of components and systems to pinpoint the most serious threats to critical operations. TechTarget contributor Paul Kirvan recommended including several considerations here, including the facility location, its proximity to fuel tanks, highways or airports, as well as systems like the HVAC, cooling and network infrastructure. It’s also important to take into account any specific protections the building has in place, such as those for fire, flooding or other types of disasters. The results of this assessment will help create the foundation for the DRP.
“As part of the analysis process, examine the impact of a data center disruption on the business,” Kirvan wrote. “In addition to identifying business impacts, the assessment can demonstrate opportunities for improvement, and also helps development of the DR plan by identifying existing situations (e.g., older diesel generator that should be replaced) that may be affected by a disruption.”
Create a plan: This step can take some time, resources and dedication. However, a DRP is crucial to ensuring the continuing operation of critical systems during and after a disaster. Stakeholders should obtain relevant documents including floor and site plans, utility diagrams, network topologies, interoperability matrix and equipment configurations. After identifying the top threats to data center operations – including human error, fire, flood, loss of power or other utilities and severe weather – the DRP should lay out each procedure that will be leveraged according to the specific event taking place as well as stakeholders’ responsibilities.
Kirvan also recommended establishing individual emergency response teams, categorizing them based on the type of disruption and determining the level of training each team member has. In this way, if more training is needed, it can take place before the DRP is tested.
Don’t leave staff scrambling – Establish a plan and test it often to ensure a quick, streamlined recovery from any disaster.
Testing the plan: As noted previously, it simply isn’t enough to create a plan on paper and call it a day. The disaster recovery plan should be thoroughly tested to ensure its effectiveness. “Disaster recovery plan testing is critical to identifying changes in the environment so that the plan can be updated or modified to include any new situations and to accommodate any altered conditions,” TechTarget contributor George Crump noted. Because testing can be considerably time-consuming and expensive, experts recommend scheduling quarterly tests. At the minimum, testing should take place at least once a year.
Download an eBook which examines operations and the most likely causes of outages in a data center along with organizational strategies that can eliminate or minimize the potential for unplanned downtime in a data center. Download now.
The SANS Institute recommended carrying out tests for each business critical process defined in the DRP. These tests should include different scenarios to ensure that, depending on the type of disaster that takes place, the plan includes adequate steps for response.
After the test is completed, staff should come together to discuss the results. What parts of the DRP worked particularly well? What sections of the plan need to be revised? This meeting can help inform any necessary changes to the plan, ensuring that employees will be well prepared in the event of an actual disaster.
What this means for colocation customers
Overall, it is up to the colocation provider’s staff to establish, document and test the plan. However, these efforts can have considerable implications for customers. When a successful DRP plan is created and well tested, it can translate to significantly higher-quality services for clients. The best DRP plans eliminate disaster-related downtime altogether, ensuring that even in the event of severe weather or a utility outage, services are still available.
FORTRUST is a leader in quality colocation, and celebrated 14 years of continuous critical systems uptime. Josh Moody joined FORTRUST in 2008. As Senior Vice President of Sales and Marketing, he is responsible for developing, managing and executing the overall sales strategy for FORTRUST. Josh brings more than 18 years of experience in the information technology field, including developing and executing strategic planning, management, customer relations, and vendor/partner relationships. Contact us for a tour of our Denver data center today.