Security - Disaster recovery
A revealing survey conducted in June by the IP communications supplier Mitel reports that more than two in three medium-sized UK businesses would take at least two working days to get back on their feet in the event of a major incident.
Most businesses nowadays rely on IT for storing everything from documents and customer data to financial records and accounting information. Though no one wants to contemplate the possibility of a calamity, planning for the unexpected today is something that could save your business tomorrow. What's surprising therefore is that events like last year's London bombings or the fuel explosions at Buncefield seem to have done little to galvanise businesses into action.
Sleepless nights?
So, if your job involves ensuring your company's IT runs smoothly 24x7, what are the problems most likely to keep you awake at night? The list is endless - ranging from fire and flood to power surges, server collapse and computer viruses. Not to mention intentional damage by disgruntled employees (which affects two-thirds of UK businesses at some time or other according to one DTI survey). Probabilistically, at least one such incident is going to affect your company at some stage.
One company that knows this all too well is Northumbria-based Tagish, a firm of software developers and consultants. Early one Saturday in February this year, a blaze broke out in the roof void of the company's Alnwick HQ requiring six fire crews to extinguish it. Fortunately for Tagish, Managing Director Andrew Fisk had a disaster recovery plan. By early Saturday afternoon, key personnel had been contacted by telephone or text and a meeting organised to implement a pre-agreed plan. By Monday morning work was underway to restore client websites up and down the UK.
"But the experience really opened our eyes," says Fisk. "I thought I understood Disaster Recovery pretty well", he says. "In the event, it didn't work quite as well as we would have hoped in certain less obvious areas. For example, we kept the certificates for all our software licences in a folder in the office. Our first big mistake was not making copies to prove we had purchased the products and keeping them somewhere off-site. This alone would have saved us a lot of time and hassle had we done so.
"Thankfully the data held on our servers was backed up to a secure, remote location enabling us to re-establish complex, interactive websites pretty quickly. However, all the equipment and documentation in our offices was reduced to cinders. As a result we lost all the information relating to recent work that was saved on our office PCs and hadn't yet been transferred to the servers. It goes without saying that the lessons we learned from the crisis mean that our level of sophistication has risen massively when it comes to back-ups."
After talking to each of its clients individually, Tagish now operates several levels of back-up depending on the criticality of the data involved. "It's a scary and heartbreaking experience watching your building burn down before your very eyes. Which is why data recovery is something I now urge IT managers to consider well before they find themselves in the position we faced."
Disaster recovery means more than just backups
Gerald Eve, a firm of chartered surveyors and property consultants, had tape backups but turned to Microsoft Gold Partner CSF for a more all-embracing disaster recovery solution. IT Technical Director, Warren Stephen: "We needed to ensure the firm and its customers knew their data was secure and could rely on a proven and rugged back-up and restore system in any eventuality," says Stephen. "So as well as needing to consolidate backup and storage on a single system, we were keen to put in place a comprehensive disaster recovery and business continuity strategy. We needed to speed up data processing and restoration because we couldn't afford to wait days for data to be restored."
A review of the situation led Stephen to consider a number of issues. Firstly the business had grown- and with it the data. Then, ever more data was being held at remote offices where the risk of failure of the existing backup-and-restore was even greater.
"We were relying on people in our various offices who didn't always understand why they were doing backups and what it all meant," recalls Stephen. "Our backup regime was often inconsistent and although centralised from an administrative console, remote backups were not always reliable. It was also extremely time-consuming and an inefficient use of resources.
"CSF's solution enabled me to design, implement, manage and report on a stable and comprehensive disaster recovery strategy which will benefit the firm for years to come. All data can now be accessed online to enable instant real-time restores, without relying on the manual loading of tapes by administrators," he concludes.
Strategic planning
Yet Shahid Azeem, Managing Director of Leatherhead-based IT solutions specialist and Microsoft Gold Partner Arkenis says planning is the key to disaster recovery- and keeping it simple is important too. "We've found that a lot of companies tend to focus on the common day-to day business emergencies like IT system crashes, late delivery of stock, or cash flow," he says. "Although these issues are important, businesses also need to ask themselves: what would happen if our water pipes burst and flooded our office, or if there was a fire that destroyed all of our IT hardware and the back-up copy of our customer database?"
Azeem believes a proper disaster recovery plan should include a descriptive list of the organisation's major business areas. This should rank the areas in order of importance to the overall organisation. Each item should include a brief description of the business processes and main dependencies on systems, communications, personnel and data.
"We've been approached by many companies who actually have disaster recovery plans in place, but realise their existing plan is too complicated or devised by previous employees without their input and involvement," says Azeem. "In cases like these, companies often have little or no idea of how to implement their emergency plan, especially when they need it most - in the event of a serious incident."
Legal obligation
If all of this hasn't persuaded you to consider business continuity planning, it's also worth remembering that even if disaster doesn't strike, your company is still legally bound to keep its data secure. According to the Data Protection Act, any company that stores personal records on its computers has a legal requirement to 'safeguard its own or anyone else's data by appropriate precautions against loss, corruption or unauthorised disclosure'.
But when all is said and done, a company's ability to recover from a disaster can mean the difference between survival and going under. In the long run, some careful planning in advance of such an eventuality will not only save you time, money and effort, but allow your business to recover quickly and effectively. By investing in sound safety procedures and effective storage, backup and security technology, you'll be much better prepared to respond quickly to the unexpected.
 | About the author
Paul Curran is a writer, journalist and commentator on business and technology issues. In a career spanning 25 years, he has acted as a senior media consultant to many pan-European, American and Asian companies in the UK and Europe.
|
Subscribe
to feed
