3 Keys to Better Planning for Backup and Data Protection
The phrase made famous by former Intel CEO Andy Grove, “Only the paranoid survive,” applies to adequately planning for backup and disaster recovery (BUDR). When planning for a crisis with an eye toward business continuity, it is wise to have a healthy sense of paranoia about what could go wrong and what can be done to prepare for it. Based on my more than four decades of experience in the IT industry, I offer up three keys to help organizations enhance and tighten up their level of preparedness.
Assume The Worst Scenario Will Happen
Too many IT leaders and business leaders alike are caught unaware amid a crisis because they make assumptions that are considerably more optimistic than viable. They also too often treat backup as the answer, but backup should be the “backup” to a superior first-line of data protection. Have you implemented all the contingencies? How well are you protected? What assumptions are you making about what can happen in a disaster or crisis?
Minimizing or eliminating the potential for data loss, or the Recovery Point Objective (RPO), is critical. So is the Recovery Time Objective (RTO), which measures how quickly things are back in operation. Often the biggest data recovery challenge is not being able to restore from the backup fast enough. If the backup is still to tape, then you not only will likely experience a slow recovery but a significant risk that data may have been corrupted and might not restore at all. Or even worse, it has been restored, but it’s the wrong data. The approach that has proven to be most effective is one that uses real-time data replication in an Active-Active configuration that can deliver zero RPO (no data loss) at zero RTO (continuous availability).
At the same time, many disk-based backup solutions provide extensive data reduction techniques in an effort to reduce costs, particularly for data deduplication. Unfortunately, the more advanced the data reduction, the recovery time will typically be more performance-constrained using such systems. The best way to address this challenge is to deploy solutions capable of rapid recovery for fast RTO by using software and caching intelligence while using disk media for the backup data’s persistent storage.
Adopt a Data Storage Strategy That Consists of Zero Dependence on Human Intervention.
When things go bad, leaders tend to assume that people will be in place to fix the problem, protect the critical applications and the data associated with them, and take the best actions to intervene in the systems. Based on lessons learned from many real-world data center disasters, this can be a mistake. Depending upon human intervention, which backup and restore typically requires, can be problematic. It is far better to use a data protection strategy with zero dependence on people, which often requires re-looking at the way you approach infrastructure and solutions.
Case in point: Years ago, when a storm hit in North Dakota, the Red River flooded significantly, which led to the flooding of an organization’s data center. Fish and sewage made their way inside the data center. This organization’s bunker site, which housed the tapes intended for backup, was also flooded, with tapes ruined. Human intervention was not the answer in this dire situation. If there had not been remote replication with the right configuration, the organization would have been out of business.
What You Think are Your Organization’s Critical Applications Probably Aren’t in the Midst of a Crisis.
I was involved with a health insurance organization whose IT team focused the vast majority of its efforts in BUDR on building all their protection into their transactional systems, such as claims processing. However, when a major local crisis hit, people weren’t interested in submitting claims. Unexpectedly, the CEO called the CIO and expressed how his first priority was whether their corporate website was up and running.
Maintaining the continuity of the website was more important in the crisis because of the inherent message: “We’re here. We’re operational. We’re OK.” In this case, IT got caught off guard because they had not planned for the worst-case scenario or anticipated what is most important to the business and the external perceptions of the organization. They had based their crisis planning on normal, everyday operations and did not get to the root of the business priorities that IT supports and enables. Don’t be caught off-guard.
Thanks to Ken Steinhardt for contributing to the #BUDRInsightJam. Learn more about backup and data protection in our Backup and Disaster Recovery Buyer’s Guide and keep an eye out for Steinhardt during the Jam.