Information Technology Reference
In-Depth Information
Control measures are taken in the form of a disaster recovery plan (DRP) to eliminate or
reduce such threats for an organization. IT disaster recovery control measures are usually
classified into three types:
Preventive Measures
Aim to prevent a disruptive event from occurring
Detective Measures
Aim to discover unwanted events
Corrective Measures
Aimed at correcting or restoring the system after a disruptive event
Organizations should document and exercise these three types of measures regularly to
have a sound DRP in place when disasters strike. In the following sections, we will focus
on topics such as redundancy and replication as a means of preparing for failure, backup
and recovery, and geographical diversity.
Preparing for Failure: Disaster Recovery Plan
Cloud computing is an enabler for cloud-based disaster recovery resources. This is espe-
cially true for companies that are low on IT resources due to operating costs and sizeable
user base. Although cloud-based disaster recovery eliminates the need for data center space,
it does come with a few challenges involving data security, user authentication, regulatory
requirements, and network requirements. Availability of the cloud provider and its ability
to serve your users when a disaster strikes are also key considerations.
Every organization is unique in the applications it runs and the relevance of those appli-
cations to its business. Therefore, a DRP blueprint has to be specific to the business and
needs of each organization. The process of DRP depends on determining the acceptable
downtime for each application and data resource to the lowest acceptable threshold beyond
which significant business impact can occur. DRP process involves identification and priori-
tization of application tools, services, and data resources. It should be noted that it is very
important to keep the DRP as focused as possible to minimize costs and enable regular
testing. This means not including applications and data resources that are not vital or are
irrelevant. Application priority and required recovery time objectives (RTOs) can then help
shape the DRP.
The RTO (
http://en.wikipedia.org/wiki/Recovery_time_objective
) can be defined as
the duration of time and a service level to which a business process must be restored follow-
ing a disruption. The purpose of RTO is to avoid undesired and unacceptable consequences
due to service disruption. The RTO could depend on repair times of a number of failed com-
ponents or devices, called mean time to repair (MTTR). The MTTR (
http://en.wikipedia
.org/wiki/Mean_time_to_repair
) measures the average time required to repair a failed
device or component. It can also be thought of as a factor of total corrective maintenance
time and total number of corrective maintenance actions in a given time period.
Backing up to and restoring from the cloud is yet another cloud service feature that can
be utilized by organizations to back up or archive applications and data into the cloud. With
this approach, applications and data remain on premises for normal work, while the backup
is in the cloud when a disaster strikes. The backup in the cloud thus becomes a substitute for
off-site or tape-based backups.
Search WWH ::
Custom Search