justinkendra - Fotolia
Can your disaster recovery strategy keep up?
Disaster recovery requirements are constantly changing, and a DR plan must do the same. Frequent testing and clear communication can go a long way toward keeping a plan up to date.
It's easy to fall into thinking that, if your recovery efforts are successful today and you don't change the way you protect your workloads, then your disaster recovery strategy should continue to succeed in the future. However, this approach is based on the assumption that the organization's IT resources remain somewhat static. In reality, new workloads get brought online all the time.
So, what can be done to keep a disaster recovery strategy up to date?
One long-standing best practice is the process of testing and validating a disaster recovery (DR) plan before a disaster occurs. Otherwise, the plan's outcome is a complete unknown, and there's a good chance that it will fail simply because it has never been tested. Until recently, many organizations used to perform minimal DR testing because of its cost and complexity.
Thankfully, technologies such as cloud and virtualization have dramatically simplified the testing process, while also reducing its cost. As a result, more organizations than ever are performing DR testing. Even so, there's still one big, gaping hole in many organizations' DR plans.
The problem with DR testing is that recovery tests are temporal. A successful test means the organization is able to perform a successful recovery at that particular point in time. It doesn't guarantee recovery operations will be successful next week or next month. While testing is a DR necessity, keep in mind that it needs to be performed frequently enough to keep the results accurate.
Another IT development that can help recovery efforts is ease of communication. In the past, it wasn't uncommon to have incidents where backup operators were asked to restore workloads that had never been backed up to begin with. Someone else in the IT department would bring a new workload online and forget to mention it to the backup operator, leaving that workload unprotected.
Host-level protection makes this type of situation somewhat rare, but just like DR testing, organizations must be proactive to prevent a plan from falling behind. DR initiatives are extremely vulnerable to infrastructure changes. Actions such as bringing a new virtualization host cluster online, moving a workload to the cloud or even adopting a different form of authentication can leave resources unprotected unless the effort is coordinated with those responsible for DR planning.
If a disaster recovery strategy is going to keep pace with an organization's growth, then the person or department responsible for DR must be kept in the loop about the projects IT is working on. The DR plan must then be adjusted to accommodate those changes, and additional testing should be performed to ensure the organization's resources remain protected.
