Disaster recovery overview: Chapter 1 -- DR planning and design

There is certainly nothing new about disaster, businesses of all sizes are re-examining their preparedness and response plans.

Disasters are a reality that every business needs to face. Forces of nature, acts of terrorism, fires, theft and even careless (or malicious) employee actions can cause downtime that impairs day-to-day business activity. While there is certainly nothing new about disaster, businesses of all sizes are re-examining their preparedness and response plans.

It's easy to see the potential devastation involved in data loss. Today's business records are all electronic, so printed records are sparse at best. Most e-mail, and many documents/spreadsheets, never see a printer. If electronic data is lost, it may be impossible to re-create, but a business can't simply disappear because a data centre does -- data loss just isn't an option. In addition to enlightened self-interest, businesses are obligated to meet legal standards for retention and discovery of electronic information even in the face of disaster. Consequently, today's "digital" organisations must implement the technologies and policies needed to ensure the safe preservation of their data and guarantee the timely recovery of that data when trouble strikes. Disaster recovery (DR) starts with sound planning and design.

Addressing current recovery capabilities

There are many possible ways to protect data against disaster, but the general concepts are quite consistent. The first idea to recognise is that "backups" and "disaster planning" are two different things. Backups simply make copies of your data. It's a part of disaster planning, but it's what you do with the backup that makes the difference.

Storage All-In-One Guides
Learn more about storage topics like disk storage, disaster recovery, NAS, and more.
Disaster planning involves three essential considerations. First, your backup absolutely must be protected. For example, just leaving a backup tape in a local tape drive won't help you if the data centre burns to the ground. If DR is your goal, the backup needs in a different physical location. Second, you absolutely must be able to recover your business operation from the backup. That is, if one site washes away in a flood, there must be enough data in a protected location to continue normal business operations. Third, your recovery process must function properly within a given timeframe prescribed by your specific business needs. Simply put, a distant backup is worthless if you can't get the business running again -- or will take weeks to retrieve and restore from tape.

Once you address each consideration and weigh those considerations against your business needs, you can start to formulate a meaningful DR strategy that is relevant for your particular business.

Strategies versus business needs

There is no single approach to DR (sometimes called business continuity planning or BCP) and no one "right" way to protect your business operations. The strategies and procedures established for one company may be totally inappropriate for another. However, there are several common means to approach disaster planning/recovery.

Off-site tape is the most traditional scheme, where backups are periodically run in data centres or remote offices. The tapes are then removed from their drives and transferred to a secure off-site location, such as an Iron Mountain Inc. vaulting facility. The tapes are recalled when recovery is needed. More recently, optical media like DVD is being employed for backups. Optical media is less expensive than tape, but offers more speed and reliability.

An increasingly popular option is remote disk replication, where data centre resources are periodically copied to similar storage resources at a distant location. For example, a bank might choose to replicate the contents of EMC Corp.'s Centera across a WAN link to a duplicate Centera installed at a location hundreds of miles away. Duplicate resources like this can often allow faster recovery than tape and when properly implemented, might also take over as the main storage location if the primary site becomes unavailable.

There is always a cost element to disaster planning/recovery. It's a bit like insurance -- you're spending money in order to protect against a potentially much greater loss. The goal is to match the expense and complexity against the risk. For example, a small physician's office might do well shuffling weekly tape backups off site because its recovery needs may not justify more expensive options. Conversely, a global 24/7 Internet retailer might settle for nothing less than a completely replicated data centre because downtime will cost far more than the DR solution.

Tools and products

Your actual choice of data recovery product should reflect your backup method and recovery priorities. When tape is the preferred backup or disaster planning medium, you can typically select any backup/recovery software compatible with your tape drive platform. Symantec Corp.'s (Veritas) NetBackup, EMC's NetWorker family or IBM's Tivoli products are three conventional products used across many larger data centres.

Disaster planning with replication between storage arrays can typically leverage software provided by the array manufacturer. For example, EMC's Symmetrix Remote Data Facility) replicates data between Symmetrix systems; IBM uses Peer-to-Peer Remote Copy between IBM arrays; and Hitachi Data Systems Inc. (HDS) uses TrueCopy to replicate between HDS arrays. But you're not limited to manufacturer-specific replication software, and companies like FalconStor Software Inc., NSI Software Inc., Kashya Inc. (now part of EMC) and others provide tools for heterogeneous replication.

Midsized organisations without the resources to operate a DR location can outsource their DR operations to a third-party service provider for a monthly fee. Some of the most recognised DR service providers include E-Vault, IBM Global Services and Hewlett-Packard Co., among others.


Disaster means crisis, and a crisis is no time to search for tape vaulting contacts or figure out how your backup software handles restoration. Any DR expert will underscore the need for thorough documentation. Such documentation may include key contact information (e.g., phone numbers for administrators, vault service contacts, and so on) and access passwords but will also include a complete set of instructions to outline system preparation, restoration steps and post-restoration testing/validation of the data centre prior to resuming "normal" operation. There should be several copies of this documentation, each entrusted to key IT and management personnel.

Read more on IT risk management