sound disaster recovery/business continuity plan is essential
to protect the well being of an organization. by M. D.
are some things that people wakeup to only after experiencing
the consequences that result from not being earnest. More
specifically, I'm referring to Disasters and Backups. Most
IT Heads are quite content and almost complacent until disaster
strikes. Then they take extra pains to avoid future disasters.
But you don't have to wait so long to get your act together.
Just pull your network together and bind it with a carefully
planned disaster recovery and backup policy.
A survey conducted in 1994 by the University of Texas, Center
for Research on Information Systems, revealed some disturbing
facts. The survey reports that, out of all companies that
lose their data in a disaster, 90 percent are out of business
within two years, and nearly 50 percent never reopen their
doors at all after the disaster. Although these findings were
unearthed six years ago, I can bet my last rupee that the
figures haven't changed much ever since.
AND RECOVERY POLICY
It is now an accepted fact that business continuity planning
and disaster recovery planning are imperative. The creation
and maintenance of a sound business continuity and disaster
recovery plan involves a series of steps.
Before creating the plan, it is essential to consider the
potential impact of disaster and to understand the underlying
risks. These are the foundations upon which a sound business
continuity plan or disaster recovery plan should be built.
Once the plan is created, it must be maintained, tested and
audited to ensure that it remains appropriate to the needs
of the organization.
It would help to consider the potential impacts of each type
of disaster or event. Having determined this you can consider
the magnitude of the risks, which could result from these
Disaster recovery policies define an organization's approach
to contingency and disaster recovery. They determine the fundamental
practices and culture followed throughout the enterprise.
They are usually linked closely with information security
policies, and address basic defense requirements to ensure
the stability and continuity of the organization. It is essential
therefore that they exist, that they are comprehensive, and
We can perhaps learn a lot from organizations like GE and
Citibank in India. These companies have created continuity
plans for systems and businesses. In the event of a technical
crisislike a WAN link breaking down or data center servers
collapsingthe systems do not stop. In an economic crisis
the business is also not affected to that extent. This is
because the companies have looked at backup and disaster planning
not only in terms of technology, but also in areas like manpower
planning and business policies.
These companies have broken the plans down in segments. Each
segment clearly states the business requirement, how the business
will be serviced, system requirements, and arrangements with
outsourcing partners. The segmentation provides a clearer
focus on individual activities.
A sound disaster recovery/business continuity plan is essential
to protect the well being of an organization. But many enterprises
side step the issue or hold plans which are clearly out of
date or inadequate. Part of the reason for this is the complexity
of the task. And it isn't made any simpler by vendors and
consultants who offer services, but lack specialized knowledge.
Taking regular, reliable data backup is a part of preventive
maintenance and system care. No matter how well you treat
your system, no matter how much care you take, you cannot
guarantee that your data will be safe if it exists in only
one place. The risks are much greater than most people realize.
It is troubling when people lose large quantities of data
because they have no backups. They get upset and talk about
how important that data was.
There are many reasons why people neglect doing backups:
They don't understand how important the data is, because
they haven't encountered a disaster
They don't know how to perform backups
They forget to do backups because they don't have a routine
for the function
Performing the backup is a time-consuming and bothersome
It's about time enterprises break this mould and get cracking
on solutions because data is always at a risk. There are many
different risks to your data. A disk crash is just one of
Other problems that can cause permanent data loss are:
errors: Many systems run without error detection or error
correction on system memory. So there's a chance of a memory
error corrupting the data on hard disk. This is rare, but
it does happen.
timing problems: Setting the timing for memory or cache
access too aggressively, or using a hard disk interface transfer
mode that is too fast for the system or device, can cause
data loss. Often, this isn't realized until the damage is
Conflicts: Conflicts resulting from peripherals that try
to use the same interrupt requests, DMA (Direct Memory Accessa
specialized circuitry or a dedicated microprocessor that transfers
data from memory to memory without using the CPU) channels,
and I/O addresses. This can corrupt data.
Loss: Losing power at the wrong time, like when you are
doing sensitive work on your hard disk, can easily result
in the loss of many files.
It is possible for data to be lost due to software bugs, or
just poor software design. A program might have a problem
where it crashes upon saving a file. Some software bugs may
cause even more damage by causing the loss of files unrelated
to them. Fortunately, this doesn't happen very often.
'Disaster' is not a new word for an experienced IS Head. The
disaster may be minor or major. It may just be a server that
hangs, a WAN link that goes down, or an ERP server that collapses
due to high traffic. Enterprises that plan solutions should
have a vision of the total solution and not rely on a single
entity upon which the entire solution rests. In case of failure,
the services can suffer but it should not close down.
D. Agrawal is Chief Manager, IS Refinery System, Bharat Petroleum