If you happened to catch Mariah Carey’s “epic fail” performance on the ABC Channel this past New Year’s Eve, you’ve seen first-hand that equipment failure during a live performance can be disastrous. Equipment issues also created challenges for Lady Gaga and Metallica’s James Hetfield at the Grammys, but they got through it with both vocalists sharing one microphone. That wasn’t ideal, of course, but it was “good enough” to avert a disaster and keep the show going.
Likewise, when we think of failover in the context of disaster recovery, we don’t necessarily need to worry about having something in place that works perfectly. Sometimes we simply need something that is “good enough” to get us through to the other side of the crisis.
Disaster recovery (DR), also called IT recovery, is a subset of business continuity management (BCM) that focuses on recovery of your IT systems. Your DR function can attempt to replicate your entire computing environment (systems, data stores, networks, applications, etc.) so that everything is on tap if your primary environment becomes unavailable. Or DR can focus on rapidly and reliably bringing up the most critical subset of your environment, and then recovering the rest at a pace that’s consistent with organizational needs, budget and risk appetite.
How much data can you afford to lose?
How long can you afford to be without critical systems like payroll or your website? You have a range of options (e.g., hot, warm and cold standby for data protection) to precisely meet your needs.
Likewise, your DR solution doesn’t need to be built on the same platform using the same top-shelf gear as your primary systems. It just needs to be “good enough” to get your organization back on its feet before it falters.
The operative idea here is that your business needs a well-considered DR function that is appropriately planned, executed and tested and known to be reliable. DR doesn’t have to be overly complicated or burdensomely expensive—but it does have to work. Otherwise you’ll be like Mariah Carey, pacing the stage with no way to carry on.
Statistically, if a disaster takes you down and your IT doesn’t bounce right back, your company stands a greater than 40% chance of failing immediately, and a 71% chance of closing its doors within two years. That’s more risk than any business should face, which is why a robust DR posture is so important. Your DR strategy (or lack thereof) must not leave you vulnerable to prolonged outages.
Weighing your options
When choosing between “great,” “good” and “good enough” DR, the bottom-line question is: how much risk are you willing and able to accept? How long an outage can you handle? To answer those kinds of basic questions, you first need to accurately and rationally understand the risks you actually face, and evaluate what it will take to mitigate those to acceptable levels.
Do you go with a lower-cost DR approach that will bring your critical systems up only after a day or more? Or does it make sense to implement a higher-cost alternative that provides capabilities like failover to a backup site with no loss of data and basically no downtime?
Consider, too, that robust DR solutions have value beyond just saving your business from doom. You can switch over to them preventively for system upgrades and maintenance, thus reducing or eliminating service disruptions (while testing your DR at the same time). Some DR systems can also come in handy as a “virtual private cloud” for testing software patches or even new use cases.
In short: DR is vital, and experience with both failures and successes is very helpful towards getting it right so you have just what you need.
To make sure your organization has a cost-conscious disaster recovery plan that will support a smooth recovery, contact Pivot Point Security.