Caught on tape

8 Jun 2005

You can dress it up as much as you like, but there’s no getting away from it: disaster recovery and its fellow traveller data backup aren’t exactly subjects to set the pulse racing. Just don’t make the mistake of relegating them to low priority because they’re anything but.

That’s because your business – any business – is ultimately about information. This data is far more important than the spec of the PCs and servers storing it. Toby Keen, account manager for the storage software company Veritas, spoke at a Microsoft SME security seminar last week and outlined exactly why this is such an important issue. “Data is the lifeblood of your systems,” he said. It’s the same reason why companies invest in firewalls and perimeter security systems, he pointed out: ultimately what they want to protect is their data.

As the name suggests, good backups help a company to get back up and running with minimal impact to the business. They provide a vital lifeline in the event that a business needs to recover from an incident that prevents it from continuing as normal.

Keen cited research commissioned by Veritas, which found that 38 pc of organisations in EMEA don’t know how long it would take to recover from an event such as a fire. The average time of those that did know was 3.23 days. A mere 3pc of respondents said it would be business as usual in the event of a disaster.

According to Keen, knowing the right questions to ask can give an insight into where an organisation needs to improve its disaster recovery processes. Are you protected? Have you ever lost data? How much would one hour of downtime cost you? Do you test your disaster-recovery plan?

If this all seems obvious, it still seems to have trouble making its way from theory to practice; the Veritas survey found only a quarter of companies have calculated the cost of downtime.

“Determine your recovery needs,” Keen urged. “How much data can you afford to lose? If you have an idea of this, it can be a goal to aspire to.” Keen referred to this as the recovery point objective: the amount of time it takes to come back online and the time by which data must be restored.

Keen outlined a series of steps that should be taken and which don’t rely on technology from a particular supplier. These are: taking snapshots of the data; periodic replication of that information and backing it up to tape. “Put your data on a piece of media and take it off site,” said Keen. “Backup is absolutely essential; the cornerstone of any disaster-recovery plan.”

This disaster-recovery plan shouldn’t just sit on a shelf once it has been agreed upon. It should be tested on a regular basis, said Keen: quarterly at least, monthly for preference, ideally every week. “Yearly isn’t good enough,” he added.

Paula Kiernan, senior consultant at Ward Solutions, recommended testing the possible recovery time in the event that a backup has to be called into action. “Don’t ask ‘How quick will it be to back up’,” she said. “The aim should be to see how quickly can you recover in the event that you need the backup.”

By Gordon Smith