A Complete Business Continuity and Disaster Recovery Solution
“Disaster recovery and business continuity planning are integral parts of the overall risk management for any organization.”
Business Continuity Data Recovery (BCDR) can mean continued existence or demise for a company. In the event of a disaster, lack of planning can result in a significant recovery delay and be very costly. A good recovery plan defines recovery objectives and aligns the BCDR strategy with business requirements. It is about identifying critical areas of operation and making sure you have a documented set of processes to follow in the event of an outage so that your organization has minimal disruption to business operations.
When It’s come To business leaders and CIOs what kind of BCDR solution they are looking for, they say they want:
• Unified Data Management Software Platform
• Data protection
• Business Continuity Data Recovery (BCDR)
• Data migration across heterogeneous environments
• A solution to meet changing business requirements
• Empowerment (in-house data management & control)
• Fast Return on Investment (ROI)
Your BCDR plan will describe how you will recover from an incident and get back to business.
The plan you create will be specific to your business needs. However, all BCDR plans should start with the following general steps:
#One — Information and Resource gathering
• Identify the Business Continuity (BC) team, including a description of roles, responsibilities, and authority within the BC team.
• Identify critical systems, applications, and business processes along with locations, IP addresses, logon credentials for source and recovery sites.
• If you are using a remote recovery location, identify all off-site facilities equipped with the computing power and backed-up data to keep systems and services online.
# Two — Business Impact Analysis (BIA) & Risk Assessment
• Create a BIA questionnaire to review systems, applications, and business processes and collect all pertinent information about each specific business function in order to rank each function in each department in order of importance.
• Identify the minimum critical business processes that must be restored in order to resume operations. These are tier one functions that need to be back online within a few minutes (up to 1 day).
• Identify tier two business processes — functions that need to be up within 24 -36 hours.
• Risk assessment — assess threats to critical systems and determine the response strategy and recovery strategy, detailing step-by-step response actions and step-by-step recovery actions.
• Determine the Recovery Point Objective (RPO) and the Recovery Time Objective (RTO) for each business process or service. The RPO and the RTO will help you define your BCDR plan. The RPO is driven by the acceptable amount of data that can be lost and the point in time from which it must be possible to recover data. For example if the RPO is set to three hours, then your nightly off-site backup will not be acceptable. The RTO defines how quickly the business function must be restored. It is the amount of time your business can be without service before experiencing significant loss or risk.
#Three — Recovery Plan workflows This step involves assembling groups and workflows for the following areas:
• Hardware and operating systems
• Critical functions/business processes identified in the BIA including the time frame within which critical IT services need to be reinstated.
• Criteria for invoking the plan — including identification of roles, responsibilities, and authority. This should include key roles and responsibilities for each employee/role in the plan so that everyone understands what is required in the event of an emergency as well as the required communication between employees. All employees should be made aware of your “incidence response process”, including how to detect and assess abnormal situations to quickly determine the severity. This includes criteria for notifying management and other stakeholders.
• Contingency mode operating procedures
• Procedure for returning to normal operations
• Data Recovery procedure
• BC personnel training
• Regularly scheduled Testing & Audits
• BCDR Plan Maintenance — The procedure for maintaining and updating the BCDR plan to reflect any significant internal, external or systems changes in the organization.