The 7 Deadly Sins of Backup: Lack of Adequate Recovery Planning
This is my third excerpt from my The 7 Deadly Sins of Backup and Recovery whitepaper. Download the full whitepaper for instant gratification or check out our upcoming webinar on Halloween to learn how to protect both your brains & your data from Zombies.
Most IT organizations have some level of a “plan” that they’ll reach for in the event of a serious IT failure or natural disaster. However, these plans often describe the systems that exist today as opposed to laying out a road map for recovering from a range of different possible emergencies.
At a minimum, a good disaster recovery plan should be based around the minimum number of different systems or technologies that are required to back up the entire company’s IT infrastructure. The more complex and numerous the tools needed to recover, the lengthier the plan will be and the less chance it will be followed correctly. Plus, it will also be more difficult to update, maintain and test the plan if it is too complex. For this reason, smart organizations try to standardize around one or two backup recovery systems/technologies. Backup providers like Unitrends, which supports more than 100 operating systems and applications, simplify both planning and disaster recovery.
In a real disaster, it’s helpful to have a checklist of resolved priorities and the best actions and sequences to follow. Albert Einstein said, “Everything should be made as simple as possible but no simpler.” This is important advice for disaster planners. Avoiding extraneous information and low-priority issues will increase efficiency and effectiveness of recovery in the event of a disaster.
Additionally, plans should be clear and specific about the organization’s recovery sequence and priorities in the event of various kinds of disasters. Those responding to a disaster will obviously take very different steps after the failure of a single critical server than they will after an entire site disaster.
The more these choices can be identified and evaluated in advance, the simpler the execution process will be when rapid action is required. Other best practices associated with the planning part of the process include:
- Assigning one person who should be ultimately responsible for the execution of the disaster plan. That person also should have one backup person in the event that he or she is unavailable. Ownership of the different parts of the plan, the roles of the individuals involved, specific accountability, and specific communication requirements should all be spelled out in detail ahead of time.
- Just like basic backup and restoration testing, disaster plans themselves must be tested frequently and completely. Subtle interactions between components or missing elements can often only be identified by virtue of a literal simulation of each kind of disaster. It’s helpful to have teams following a checklist exactly and tracking what works, what doesn’t, and how long each step takes.
- Testing should focus not just on whether the plan can be executed successfully but also on finding ways to simplify the plan for the future.
Finally, remember to keep multiple copies of the plan itself in multiple locations just as you would data archives or backup tapes. Organizations are occasionally tripped up by having access to everything they need for a full recovery except for the plan itself, which is in a binder back at the office that was hit by the hurricane.