Just a few months into the year and with several high-profile IT outages – RBS, NatWest and HSBC – hitting the headlines, we thought it timely to share our top tips for a successful recovery with you.
Although ten steps may sound easy, following them involves a great deal of complexity and requires not inconsiderable resources if the desired Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) are to be achieved. It may be tempting to skip a stage but, in our experience, organisations that fail to address each one of these ten steps find their availability expectations aren’t met at the executive level or, worse still, the recovery process doesn’t work at all.
- Identify business availability requirements
It may appear to be stating the obvious but it is vital to ensure the specified availability requirements meet the actual needs of the business and stakeholders or executive sponsorship may not be forthcoming. Typically, customers tell us they either over- or under-engineer the recovery solution, investing too little or too much and not delivering the optimal recovery performance stakeholders across the business want.
- Understand business/IT risks
You need to know what business and IT risks your business is exposed to, by location and by process. Engagements with customers often reveal an optimistic view of risks, or risks that simply haven’t been considered – such as who is recovering the production IT whilst your team is carrying out recovery? Who recovers the business if your IT team has been affected by the same disruption?
- Map your dependencies
From an IT perspective, you cannot accurately scope a recovery project if you don’t know what IT and applications you need to protect and recover. Shadow IT implemented by other departments – a reality in more than eight out of ten organisations1 - exposes the business to significant DR failure risks. And you need to know which bit of IT is dependent on the other.
- Tier your application criticality
In order to arrive at the optimal solution in terms of cost and performance and align that to business expectations, applications need to be tiered according to their value and criticality to the business.
- Apply the right recovery technologies
Only then can the right recovery technologies be applied based on cost/performance and suitability for your applications, processes and budget.
- Document and automate recovery processes/SLAs
Recovery processes need to be fully documented, rather than simply hope all goes well on the day. Recovery instructions should be kept up-to-date, along with recovery tools and processes. If you simply do not have the resources to document recovery you must ask the question: Who will do it instead?
- Protect your data – export it out of the business
To successfully recover, your all-important data needs to be safely and securely exported out of the business and stored for recovery and archive purposes. The way in which this is done will affect data retrieval times and, ultimately, your recovery performance.
- Connect your recovery data to the recovery server/environments
Currently, no single recovery technology can recover a complex business. So, it is essential to create the right recovery environments that are compatible and in sync with your production IT to meet your recovery objectives.
- Execute clear roles and responsibilities at time of test/disaster
Time is of the essence in the event of a business interruption so it’s important to plan ahead to determine who does what and when at time of disaster. Which people with the right knowledge and tools will perform the recovery – assuming they are available at time of test or disaster and aren’t abroad, sick or on holiday?
- Manage the lifecycle of changes
Recovery planning and delivery is not a one-off event. You will need to implement a rolling programme to ensure the ongoing lifecycle management of recovery is maintained and fit-for-purpose as your business and IT changes daily. Even the smallest of changes can scupper your recovery performance.
A collaborative, outcome-focused partner
If all this sounds too daunting, Sungard AS can help. As a customer, you already know we are on your side as a trusted partner. We will work collaboratively with you to help overcome the challenges of recovery complexity, scale and lifecycle management which might otherwise frustrate the recovery of your complex IT environment.
Our value proposition to you is the Guaranteed Recovery of Complex IT.
Quite simply, we make the unrecoverable, recoverable, the slow to recover, faster to recover.
With a 35-year heritage in disaster recovery, Sungard AS’ managed recovery service is proven to deliver outstanding recovery performance and value compared to the rest of the market.
For the 12 months to October 2016, in every month bar one, which fell to 87%, our customers enjoyed above 90% recovery success2
To put this performance in context, outside Sungard AS, only 35% of organisations recover successfully and only 6% of organisations meet their own RTO recovery targets without a hitch, according to Gartner3.