Business continuity via Disaster Recovery
Holistic pre-disaster planning is more cost-effective than incident response, by far. Every dollar invested in mitigation saves businesses $4 in response and recovery costs.
As information systems have become increasingly critical to the operation of a company, and arguably the economy as a whole, the importance of ensuring the continued operation of those systems, and their rapid recovery, has increased. For example, of companies that had a major loss of business data, 43% never reopen and 29% close within two years. As a result, preparation for continuation or recovery of systems ought to be taken into careful consideration.
Classification of disasters
Disasters can be classified into two broad categories. The first is natural disasters and while preventing a natural disaster is impossible, risk management measures for avoiding disaster and careful planning is essential. The second category is man made disasters, such as hazardous material spills, infrastructure failure, bio-terrorism, and disastrous IT bugs or failed change implementations. In these instances, surveillance, testing and mitigation planning are invaluable.
Prior to selecting a disaster recovery strategy, a disaster recovery planner first refers to their organization’s business continuity plan which should indicate the key metrics of recovery point objective (RPO) and recovery time objective (RTO) for various business processes (such as the process to run payroll, generate an order, etc.). The metrics specified for the business processes are then mapped to the underlying IT systems and infrastructure that support those processes.
Incomplete RTOs and RPOs can quickly derail a disaster recovery plan. Every item in the DR plan requires a defined recovery point and time objective, as failure to create them may lead to significant problems that can extend the disaster’s impact. Once the RTO and RPO metrics have been mapped to IT infrastructure, the DR planner can determine the most suitable recovery strategy for each system. The organization ultimately sets the IT budget and therefore the RTO and RPO metrics need to fit with the available budget. While most business unit heads would like zero data loss and zero time loss, the cost associated with that level of protection may make the desired high availability solutions impractical. A cost-benefit analysis often dictates which disaster recovery measures are implemented.
Disaster recovery systems, today, involve fail-over or switch-over recovery systems. These measures would allow an organization to preserve its technology and information, by having a remote disaster recovery location that produced backups on a regular basis.
As a member of the AWS Partner Network, our strategies for data protection include:
High Availability Through Multiple Availability Zones
Unlike virtually every other technology infrastructure provider, each AWS Region has multiple Availability Zones and data centers. As we’ve learned from running the leading cloud infrastructure technology platform since 2006, customers who care about the availability and performance of their applications want to deploy these applications across multiple Availability Zones in the same region for fault tolerance and low latency. Availability Zones are connected to each other with fast, private fiber-optic networking, enabling you to easily architect applications that automatically fail-over between Availability Zones without interruption.
Improving Continuity With Replication Between Regions
In addition to replicating applications and data across multiple data centers in the same Region using Availability Zones, you can also choose to increase redundancy and fault tolerance further by replicating data between geographic Regions. You can do so using both private, high speed networking and public internet connections to provide an additional layer of business continuity, or to provide low latency access across the globe.
Meeting Compliance and Data Residency Requirements
You retain complete control and ownership over the region in which your data is physically located, making it easy to meet regional compliance and data residency requirements.
Throughout the next year, the AWS Global Infrastructure will expand with at least 11 new Availability Zones in new geographic Regions: India, Montreal in Canada, Ningxia in China, Ohio in North America, and the United Kingdom.
In many cases, an organization may elect to use an outsourced disaster recovery provider to provide a stand-by site and systems rather than using their own remote facilities, increasingly via cloud computing.
In addition to preparing for the need to recover systems, organizations also implement precautionary measures with the objective of preventing a disaster in the first place. These may include:
- local mirrors of systems and/or data and use of disk protection technology such as RAID
- surge protectors — to minimize the effect of power surges on delicate electronic equipment
- use of an uninterruptible power supply (UPS) and/or backup generator to keep systems going in the event of a power failure
- fire prevention/mitigation systems such as alarms and fire extinguishers
- anti-virus software and other security measures