Risks on the Rise: Making a Case for IT Disaster Recovery
According to the Forrester/Disaster Recovery Journal Business Continuity Preparedness Survey from 2011 Q4, the top increasing risks cited by a survey of decision-makers or influencers when it comes to IT planning and purchasing for business continuity were as follows:
(48%) – Increased reliance on technology
(37%) – Business complexity of our organization
(36%) – Increasing frequency and intensity of natural disasters
(33%) – Increased reliance on third-parties (i.e., outsourcing, suppliers, etc.)
(26%) – Increased regulatory requirements
(25%) – Increased threat of cyber attacks
An increased reliance on technology can be seen from the retail industry that must adapt to include digital transactions to the healthcare industry that relies on electronic patient data entry, information exchange, processing, etc., demarcating the shift from paper records to electronic health record systems (EHRs). [Read more about compliance regulations for each industry in our HIPAA Compliant Hosting and PCI Compliant Hosting white papers].
Critical applications are the lifeline of companies these days; emphasizing the importance of uptime and availability of hosting solutions as well as IT disaster recovery plans that can replicate systems and data when needed (IT disaster recovery plans are a subset of business continuity plans).
Third-parties can introduce more complexity into an organization’s business processes and workflow. They can also introduce potential new or increased risks, depending on the partner’s security practices and general security awareness. Check for all aspects of their administrative security controls, including security training, up-to-date audit reports, documented policies and contractual obligations.
Subsequent drivers of increased risk are seen below, including the geographic distribution of the organization and financial, political and social instability.
The survey asked respondents how many times in the last five years they had to invoke a business continuity plan – while 39 percent said never, 18 percent said they had to at least once, and 15 percent said twice. Twelve percent had to invoke a business continuity plan greater than five times in the last five years.
Natural disasters and extreme weather (winter storms, hurricanes, tornadoes, earthquakes, etc.) were the cause of 55 percent of invocations, and floods accounted for 28 percent. As was seen in the recent Hurricane Sandy disaster, it is ideal to have an IT disaster recovery/business continuity plan in place that is regularly tested to avoid major data loss, or extensive downtime. While the extent of natural disasters cannot always be anticipated, having a plan in place can help expedite recovery. If seeking a managed hosting partner or an IT disaster recovery production site, choosing a facility in a low-risk geographical location can help ensure data and application availability. Find out why the Midwest and Michigan are great places for safe and secure data centers.
Power outages account for 49 percent of business continuity plan invocations. If you’re outsourcing to a data center operator, research their high availability server hosting capabilities. With a high availability hosting infrastructure, you should have:
- Power from separate utility providers
- Multiple Internet Service Providers (ISPs)
- N+1 (fully redundant) cooling, generators and batteries
- Remote offsite backup
Multiple Internet Service providers (ISPs) allows for automatic network failover between providers and network circuits should an anomaly occur. Dual routers and switches also ensure your network is always connected. If power does go out, your data center should be equipped with backup power, including dual generators should one fail.
Dual UPS (Uninterruptible Power Supply) battery backup systems can provide emergency power when the input power source fails. Find out more about specific data center features that can eliminate the risk of a power outage. IT failure accounts for 36 percent of invocations. While not always avoidable, initial strategic design and ongoing maintenance of redundant networks can help protect against failure.
The State of Business Continuity Preparedness (PDF)