Although disaster recovery (DR) has been around since the 1970s when organizations first began to recognize their dependence on computer systems, ambiguity still abounds around what exactly it is and how critical a role it plays in today's IT landscape. Let's take this opportunity to clear up the confusion.
What Is a Disaster?
In this context, a disaster is any unforeseen event that can significantly put your organization at risk by interfering with your operations — whether natural, like flooding, or man-made, such as a cutting through a water main. Not every disruptive event is a disaster – a power outage may just be an inconvenience if you have a backup generator and plenty of fuel. And not every disaster has to involve catastrophic destruction or loss of life. For example, a cyber-attack can wreak havoc on your business, even though the fabric of your IT infrastructure remains physically untouched.
What is the definition of Disaster Recovery?
Disaster recovery is the process of resuming normal operations following a disaster by regaining access to data, hardware, software, networking equipment, power and connectivity. However, if your facilities are damaged or destroyed, activities may also extend to logistical considerations like finding alternate work locations, restoring communications, or sourcing anything from desks and computers to transportation for employees. Disaster recovery response should follow a disaster recovery plan – a documented process or set of procedures developed specifically to prepare the organization to recover in the shortest possible time during a period of acute stress. This can encompass communicating with employees about the event, what they are expected to do, and also plan on how to continue business post-event.
How has Disaster Recovery evolved over the years?
At one-time Disaster Recovery was almost all about mainframes; it then evolved to protect data, in its earliest incarnation mostly a process of shipping tapes to one type of storage facility or another. Today, however, it is more focused on automated Disaster Recovery as a Service (DRaaS) offerings. RTOs (Recovery Time Objectives) that used to be 48 hours (or better) have shrunk to minutes. Additionally, where formerly disaster recovery required teams to travel to the impacted site, with the rise of DRaaS solutions, everything is done remotely, without anyone having to travel to the site itself.
What are the differences between RTO and RPO?
These are the most commonly used words when talking about Disaster Recovery. In simple terms RTO (Recovery Time Objective) is defined as the time it takes for an organization’s IT infrastructure to come back online and be fully functional post a disaster. RPO (Recovery Point Objective) reflects the number of transactions lost from the time of the event up to the full recovery of the IT infrastructure.
What is the difference between Disaster Recovery and Business Continuity?
Disaster recovery and business continuity are close cousins but not interchangeable terms. Business continuity is the process of getting the entire organization back to full functionality after a crisis, whereas disaster recovery is about getting all-important IT infrastructure and operations up and running again. In fact, it pays to think of Disaster Recovery as a subset of Business Continuity.
What is Disaster Recovery as a Service (DRaaS)?
Disaster Recovery as a Service (DRaaS) involves third-party cloud-based replication and hosting to provide full environmental recovery in the event of a disaster, with SLAs defining the DRaaS provider's role and recovery timings. This model leverages DRaaS for the expertise the provider brings, the scale, and usage-based payment. As a result, it also helps administrators to focus on critical production level changes, but without having to worry about a CAPEX investment every time technology changes.
How is Disaster Recovery different from Cyber Recovery?
Typical IT Disaster Recovery planning involves recovering to the latest snapshot or point in time of data. This helps to achieve the lowest RPO and results in fewer transaction losses. Cyber Recovery is executed post a cyber-attack like malware, ransomware, or any such malicious act and involves choosing the point in time that is clean (e.g., just prior to the outbreak). This could mean falling back a couple of days and working on recreating the transactions once a clean copy has been recovered.
Why should you invest in a Disaster Recovery plan?
- To Avoid Revenue Impact ― Businesses increasingly depend on IT infrastructure; any interruption in IT infrastructure availability leads to direct or indirect revenue loss.
- To Maintain Customer Satisfaction — Re-acquiring customers and building trust with them post a disaster is very difficult; it's far easier to invest in a DR plan.
- To Foster Partner and Supply Chain Confidence ― Exhibiting a well-defined DR plan helps build confidence within the partner network.
- Because Machines Fail — IT infrastructure has shown great improvement in terms of resiliency, but weak links persist; having a DR plan helps when those unforeseen issues happen.
Learn more about Connected Recovery solutions from Sungard AS.