Bcdr: Don T Make This Common Business Continuity And Disaster Recovery Mistake!

Submitted by: Kurt Buckardt

Two Quick Definitions

Business Continuity and Disaster Recovery (BCDR) are two separate and related concepts that are often lumped together. Let s start with some quick definitions.

IT Business Continuity

Business Continuity refers to an organization s ability to keep vital business operations running at or near normal capacities in the event of infrastructure failure. These failures can be caused by human errors, power failures, application errors and a host of others that impact the ability of the infrastructure to properly support the organization. When speaking of Business Continuity the majority of the infrastructure remains in place and functional which is in contrast to Disaster Recovery.

IT Disaster Recovery

Disaster Recovery refers to incidents that significantly impact or make unavailable critical infrastructure. The most common examples are natural disasters and other acts of God. Planning for data protection and recovery are fundamental to disaster recovery principles.

[youtube]http://www.youtube.com/watch?v=PjdJfeiBuPA[/youtube]

So the idea of BCDR really is to ensure that your company or organization continues to function at or near normal capacity levels under even the most challenging conditions.

So what is the mistake? Focusing on technology first and business process priorities second

This might sound like a strange statement coming from network infrastructure experts. But buying an appliance or solution and then figuring out that it provides an incomplete or inadequate solution can be an expensive and humbling mistake! IT Business Continuity and Disaster Recovery (BCDR) isn t about appliances, power supplies, routers, switches and servers, it’s about supporting business processes.

Sounds pretty straightforward, right? Well, wrapped up in that deceptively simple concept are dozens, hundreds, perhaps even thousands of business processes, most, if not all of which are dependent upon your IT infrastructure for successful execution.

So the place to begin defining your BCDR plan is not in the server room but rather out among the business units.

For example, maybe you work for a financial institution that has to comply with Sarbanes-Oxley, HIPAA or PATRIOT Act regulations. Information availability is required under all conditions, including routine back-up. Fines for non-compliance and damage to reputation for failure to comply are huge.

Or

Your company processes a high volume of data entry, fulfillment processing and shipping operations around the clock. Downtime has been calculated to be $12,700 per hour.

Or

Your organization manufactures precision electronic components and your ERP and inventory management systems must be operational during the week. Downtime costs you $3500/hour. However, routine maintenance can be performed during the week.

3 different examples with 3 entirely different sets of requirements. Hopefully you see that before you can meaningfully advocate a BCDR solution you must identify, understand, and prioritize the requirements of each of the most critical processes.

To do otherwise would turn the focus of business continuity away from business processes toward Information Technology. While important, Information Technology, servers, switches, routers and other parts of your network infrastructure are only tools to help your business run more efficiently.

So, as I said at the beginning of this paper, Business Continuity and Disaster Recovery planning should begin within the business units of your organization not in the server room!

About the Author: To get a full appreciation of just how true this statement is I highly recommend you get the white paper titled The Disaster Waiting to Happen: The 4 Biggest BCDR Mistakes People Make And Why They Cost So Much. In this resource you’ll also learn why

Business Continuity and Disaster Recovery

remain at the top of the IT professional’s worry list. Kurt Buckardt is CTO of Konsultek a Chicago network and information security firm.

Source:

isnare.com

Permanent Link:

isnare.com/?aid=384286&ca=Computers+and+Technology