Data disasters

Posted on 9 Nov 2011 by Tim Brown

Disasters happen. Fires, floods, earthquakes, terrorist attacks – the range of potential threats is wideranging.

And when disaster does strike, it’s crucial that businesses have protected their most valuable asset. Which is, quite simply, their data. Offices, machine tools, production lines – these can be replaced. But data can’t.

And the word from insolvency experts and forensic specialists is clear. When a business that is subject to disaster incurs significant data loss, its viability is severely compromised. Many never recover and, sooner or later, fail.

But it doesn’t have to be that way, says Stephen Manley, chief technology officer of data storage specialist EMC’s Backup Recovery Systems division. And it’s generally smaller and medium-sized businesses that are often most at risk from data loss, he stresses.

“Just because a manufacturer isn’t a Fortune 100 giant doesn’t mean that their data is any less important,” he says. “It’s dangerous to think that because you’re a smaller business, disaster recovery planning isn’t an important priority.” But, he says, it’s a priority that is often overlooked. “Most businesses do the basics of backing up data – but what they don’t do is think about how they will recover with just a rudimentary data back-up,” he emphasises. “If a data centre burns down in a fire, how useful will a day-old set of tapes be – particularly without computers to mount them on, and applications ready to run that data? And that’s always assuming that the back-ups were stored off-site in the first place.”

Poor planning
Put like that, manufacturers might well shiver with apprehension. For there’s a critical weakness in the approach that many of them take to the whole issue of data and disaster recovery.

“The number one mistake that we see companies making is to fixate on back-ups – such as worrying about how frequently they should happen, and confirming that they are happening as scheduled,” says Manley. “But instead, they need to be focused on the recovery, not the back-up.” And the evidence shows that very few are doing this – a fact attested to by the high proportion of disaster-struck businesses that fail to recover properly, or at all, even though back-ups had been taken as planned.

Disasters happen. Fires, floods,earthquakes, terrorist attacks – therange of potential threats is wideranging.And when disaster does strike,it’s crucial that businesses have protected theirmost valuable asset. Which is, quite simply, theirdata. Offices, machine tools, production lines -these can be replaced. But data can’t.And the word from insolvency experts andforensic specialists is clear. When a business thatis subject to disaster incurs significant data loss,its viability is severely compromised. Many neverrecover and, sooner or later, fail.But it doesn’t have to be that way, says StephenManley, chief technology officer of data storagespecialist EMC’s Backup Recovery Systemsdivision. And it’s generally smaller and mediumsizedbusinesses that are often most at risk fromdata loss, he stresses.

“Organisationally, disaster recovery and data security often falls between functions,” notes Manley. “And when disaster strikes, it’s not uncommon for people to look at each other and say: ‘Oh, I thought you were responsible for that.’” Taking a back-up, in short, isn’t the same as planning what to do with that back-up in the event that disaster strikes and it is needed.

Another problem, even when disaster recovery responsibilities are clearly delineated, is a tendency to cut corners.

“The chief executive will ask for a fully-costed disaster recovery plan to protect the business’ data – and then say: ‘That’s a great plan – now, what can you deliver for 50% of that amount?’ It’s short-sighted and potentially very dangerous corner-cutting.

It’s also unnecessary when there are perfectly adequate solutions out there to suit almost any corporate budget.” So what steps can manufacturers take to affordably protect their most important asset?

Priorities
The trick, explains Manley, is to start with any relevant industryspecific or government-mandated regulatory requirements, and then factor in the speed and scope of the desired recovery.

In short, protect the data that the business legally has to protect and preserve for stated periods of time – and then, system by system, application by application, determine the most appropriate disaster recovery strategy for the data that remains.

“As a manufacturer, I might have mission-critical systems that needs to be available 24/7, such as my ERP platform,” he says.

“But I might also have systems that aren’t so mission-critical, and which can operate off-line for 24 or 48 hours. By matching their requirements to appropriate replication strategies, disaster recovery can be assured – and at the lowest cost for the recovery target that you’re trying to hit.” And it’s here, notes Manley, that EMC’s extensive range of disaster recovery solutions, and the capabilities of its reseller partners, come to the fore.

For mission-critical data, real-time off-site replication is the relevant best practice, he explains – ‘synchronous’ replication, in the jargon. For less mission-critical data, or where applications or systems possess off-line storage capabilities, ‘asynchronous’ replication is the route to follow: off-site back-ups, but carried out (say) nightly, rather than continuously.

Then, with the right data safely stored off-site, it’s time to think about where it’s stored. And again, says Manley, there are options to suit every corporate budget.

At the top end, data will be backed-up into a ‘mirrored’ remote data centre. Staffed, and with servers pre-loaded with the requisite applications, this is kept on standby ready to ‘failover’ into operational status in the event of a disruption to the main facility.

Expensive? Maybe so. But there are less pricey options, says Manley.

“Rent, don’t buy – and think cloud, rather than physical replication,” he urges. “And don’t overlook the very real advantages of virtualisation: we see more and more manufacturers moving to virtualisation, so that they can bundle, back-up and restore whole instances In other words, not just the data, but the applications and configurations as well.” Indeed, he adds, best practice today is increasingly revolving around just such virtualised instances, with EMC resellers providing a physical stand-by location complete with servers for those manufacturers who lack their own physical stand-by location.

“For manufacturers, it’s about tiering their requirements, and we in turn tier what we provide to meet those requirements, with the objective of proving off-site back-up and recovery at the appropriate cost.” In short, there’s no longer any excuse for inadequate disaster recovery provision; if, indeed, there ever was.