Disaster Recovery

As computer hardware and associated infrastructure have evolved High Availability subsystems have considerably reduced the probability of a disastrous situation occurring. It however remains prudent that all enterprises retain a high degree of Disaster Recovery readiness.

A comprehensive Disaster Recovery Plan should at the very minimum address the risk of data corruption of loss caused by:

1. Accidental or malicious actions of staff.
2. Programmatic data corruption.
3. Failure of storage and replication sub-systems.
4. Virus, Denial of Service (DoS) and other system shutdown caused by security compromise.
5. Hardware and storage asset confiscation by law enforcement agencies under court order.

• Identify all significant perceivable risks to the continuation of information systems.
• Develop a disaster recovery plan that takes into account the worst-case scenario while avoiding optimistic projections of favorable outcomes.
• Develop a disaster recovery plan which includes an option to restore from scratch (a Bare Metal Restore option).
• Pre-identify all tapes that would be required to restore each and all systems, including key catalog backups.
• Set a realistic recovery time objective and recovery point objective. Test the plan regularly using staff who are unfamiliar with the process (excluding staff who are familiar with, or who have been involved with the creation of the Disaster Recovery Plan) to ensure that they can follow the documented recovery plan.
• Perform both planned and snap disaster recovery tests.

• Recovery Point Time.
• Disaster Recovery Test regularity.
• Diversity of staff able to follow the Disaster Recovery Plan.
• Number of times the most recent recovery point is not available for restore.
• Number of recovery points that would be available should they be required.