FIVE STEPS TO BETTER DISASTER RECOVERY AND BUSINESS CONTINUITY HYGIENE



Similar documents
TOWARD A CLOUD COMPUTING STRATEGY

SYMANTEC 2010 DISASTER RECOVERY STUDY. Symantec 2010 Disaster Recovery Study. Global Results

How To Understand The Market For Disaster Recovery

Service Availability Metrics

WELCOME TO HOTEL CLOUD

Information Technology Internal Audit Report

SOFTWARE AS A SERVICE SaaS in the Tax and Accounting Profession

Disaster recovery: Resilient cloud-based disaster recovery

2014 StorageCraft. All rights reserved. CASE STUDY: NUMA NETWORKS

Many Firms Are Overconfident In Their Disaster Recovery Ability

Sage ERP The top five reasons to deploy your ERP Solution in the cloud

Cloud Backup And Disaster Recovery Meets Next-Generation Database Demands Public Cloud Can Lower Cost, Improve SLAs And Deliver On- Demand Scale

Data Backup for Small and Medium Businesses: Priorities, Current Practices, and Risks

DISCUSSION PAPER DISASTER RECOVERY/BUSINESS CONTINUITY PLANNING IN THE FRESH FOOD INDUSTRY

WHY BUSINESS CONTINUITY PLANS FAIL

MOVING INTO THE DATA CENTRE: BEST PRACTICES FOR SUCCESSFUL COLOCATION

11 Common Disaster Planning Mistakes

What if your Disaster Recovery Plan were put to the test?

TABLE OF CONTENTS DR IMPLEMENTATIONS:... DRAAS:... DR BUDGETS:... INTRODUCTION:... KEY FINDINGS:... PREPARATION:... COMPLIANCE:... CONCLUSION:...

THE STATE OF IT RECOVERY FOR SMBS: A SURVEY OF IT PROFESSIONALS

a guide to the cloud Understanding the cloud and recreation management understanding the cloud and recreation management a guide to the cloud 683_14

Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution

2014 REPORT ON THE STATE OF DATA BACKUP FOR SMBS

Why you need a new approach to Disaster Recovery

Business Continuity Requires the Best Cloud Storage Options

The Disaster Recovery Maturity Framework

INFOSTOR. Cloud Poised to Be Most Popular Backup Medium. Executive Brief. In This Paper

Forrester Research and the Disaster Recovery

Using the Cloud for Business Resilience

Best Practices in Disaster Recovery Planning and Testing

2016 Disaster Recovery as a Service Attitudes & Adoption Report. Scott D. Lowe David M. Davis James Green Partners, ActualTech Media

How cloud computing can transform your business landscape.

How To Back Up A Virtual Machine

Manufacturers Need More Than Just Backup... But they don t need to spend more! axcient.com

EMC GLOBAL DATA PROTECTION INDEX KEY FINDINGS & RESULTS FOR ITALY

WhitePaper. Private Cloud Computing Essentials

Ohio Supercomputer Center

2013 Cloud Storage Expectations

Disaster Recovery Planning Process

Frequently Asked Questions about Cloud and Online Backup

Trends in Managed Services in Tax Administration

The 10 Disaster Planning Essentials For A Small Business Network

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Disaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support

With 57% of small to medium-sized businesses (SMBs) having no formal disaster

Disaster Recovery and Business Continuity What Every Executive Needs to Know

Virginia Commonwealth University School of Medicine Information Security Standard

The case for cloud-based disaster recovery

The Surprising Truth About Your DR Maturity Level

Traditional Backup vs. Business Continuity

To Tier or not to Tier

How On-Premise ERP Deployment Compares to a Cloud (SaaS) Deployment of Microsoft Dynamics NAV

Financial Services Need More than Just Backup... But they don t need to spend more! axcient.com

How Organizations Are Improving Business Resiliency With Continuous IT Availability

Insights: Data Protection and the Cloud North America

4 Critical Risks Facing Microsoft Office 365 Implementation

WHITE PAPER. 10 Things Every Law Firm Should Know About Improving IT Performance: A Practice Director s Guide

34% DOING MORE WITH LESS How Red Hat Enterprise Linux shrinks total cost of ownership (TCO) compared to Windows. I n a study measuring

2013 StorageCraft. All rights reserved. CASE STUDY: CONNECTICUT COMPUTER SERVICE

Traditional Disaster Recovery versus Cloud based DR

ecogra GENERALLY ACCEPTED PRACTICES (egap) AFFILIATE PROGRAMS

How To Understand The State Of Business Continuity Preparedness

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation

Managed Backup A Strategic Network Consulting white paper

Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

Going Hybrid With Data Backup

Whitepaper: Backup vs. Business Continuity

The State Of Business Continuity Preparedness

Whitepaper. Disaster Recovery as a Service (DRaaS): A DR solution for all

Top 10 Disaster Recovery Pitfalls

Private Cloud Service Availability 2014 Benchmark Survey. Published by

Top 7. Best Practices for Business Continuity

How cloud computing can transform your business landscape

FREE REPORT: Answers To The Top 5 Questions Business Owners Have About Cloud Computing

Measures of Success in Backup & Recovery TECH GUIDE

EMC GLOBAL DATA PROTECTION INDEX GLOBAL KEY RESULTS & FINDINGS

SMB edition Virtualization Data Protection Report 2013

3 Ways to Restore Salesforce Data

Interxion Cloud Survey European IT decision-makers and influencers give their views on cloud computing

Building a strong business continuity plan

The Yorkshire SME Internet Connectivity and Business Growth Survey 2015

MEASURING SMB CUSTOMER OUTCOMES: THE DELL MANAGED SERVICES ADVANTAGE

DISASTER RECOVERY PLANNING GUIDE

Three Things to Consider Before Implementing Cloud Protection

Discover the Advantage of Having Dyrand at the Controls

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

Ensure Absolute Protection with Our Backup and Data Recovery Services. ds-inc.com (609)

DISASTER RECOVERY SURVEY PRESENTED BY

pact-one.com (866) Backup & Disaster Recovery

7 Mistakes Businesses Make When Moving To the Cloud

Data Storage And Backup

Replication, Business Continuity and Restoration with Cloud Economics

DEFINING THE RIGH DATA PROTECTION STRATEGY

2014 StorageCraft. All rights reserved. CASE STUDY: CHARTEC, LLC

The 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them

The Benefits of Virtualization for Small and Medium Businesses. VMware SMB Survey Results

HYBRID CLOUD BACKUP 101. Top Five Benefits of Cloud-Connected Appliances

Business Continuity Management

DECIDING WHICH CRM SOLUTION IS RIGHT FOR YOU

Transcription:

FIVE STEPS TO BETTER DISASTER RECOVERY AND BUSINESS CONTINUITY HYGIENE PRODUCED BY SPONSORED BY

CONTENTS PART 1: Disaster Recovery and Business Continuity Planning and Technology 4 PART 2: The Business Side of Business Continuity and Disaster Recovery 7 PART 3: Better Disaster Recovery and Business Continuity Hygiene 9 APPENDIX: Raw Survey Data 10 2 DISASTER RECOVERY

Business can no longer function without technology. And if business can no longer function without technology, disaster recovery and business continuity strategies and technologies not only support business-critical systems, they become business-critical systems themselves. IT World Canada has produced a detailed online survey of disaster recovery and business continuity strategies and practices in the Canadian enterprise. More than 160 respondents, IT decision-makers at firms with more than 50 employees, gave us detailed information about practices at their companies. We ve analyzed the practices of the organizations that have fewer outages, recover more quickly, and are most confident in the effectiveness of their plans. More importantly, we ve analyzed what weaker business continuity plans lack. We call this basic business continuity hygiene. Dig into this detailed report on what the Canadian enterprise community is doing on the disaster recovery and business continuity front, how that is affecting the stability of their operations, and what the five key elements of disaster recovery and business continuity hygiene are. Dave Webb Chief Content Officer IT World Canada 3 DISASTER RECOVERY

PART 1: DISASTER RECOVERY AND BUSINESS CONTINUITY PLANNING AND TECHNOLOGY One in three Canadian businesses has had a prolonged IT systems failure of 24 hours or more. That stark number alone speaks to the necessity for a thoroughly designed business recovery strategy and practice. In fact, seven per cent of Canadian enterprises surveyed had an extended IT failure more than once. ery situation. Still, only 70 per cent had a busy continuity plan. While another 11 per cent said a business continuity plan was under development, a full 20 per cent had no plans at all. While virtually all the respondents who said they did in fact have a business continuity plan (97 per cent) were also confident their infrastructure was at least somewhat able to deal with a disaster recovery situation, 80 per cent of those without a business continuity plan believed they were at least somewhat able to deal with a disaster recovery situation. Under development 11% No 20% Of those companies that had a business continuity plan, 42 per cent had never rehearsed it. Of those companies that rated their ability to cope with a disaster recovery situation as very able, 75 per cent had rehearsed their business continuity plans. Yes 70% Do you currently have a business continuity plan in place? But Canadian businesses are confident with their ability to deal with an outage, with an overwhelming 92 per cent saying their IT infrastructure is somewhat or highly able to cope with a disaster recov- Companies that had rehearsed their business continuity plans estimated they could recover their mission-critical data and applications faster, too. Of those companies that did rehearse, 42 per cent estimated that they could recover data and applications within two hours of a failure, compared to 16 per cent of those that did not rehearse their business continuity plan. Ten per cent of the rehearsed companies estimated it would take longer than a day to recover their systems, while 15 per cent of the unrehearsed companies believed it would take that long. 4 DISASTER RECOVERY

KEYS TO QUICK RECOVERY Time to recovery is a key metric, so let s explore it a little further. Of all companies surveyed, 59 per cent believed they could recover mission-critical systems in less than five hours. Only 12 per cent believe it would take more than one day. What do the quick-recovery companies have in common? 13 hours to one day 13% Six to 12 hours 16% More than one day 12% Less than two hours 29% Two to five hours 30% If you were to experience any downtime, how long would it take to fallback to recover your data and applications? 87 per cent of the companies that said they could recover in less than two hours, and 77 per cent of those who said they could recover in under five hours, had a business continuity plan in effect. 57 per cent of those who believed they could recover their systems in under five hours hosted their missioncritical applications on-premise, while 37 per cent hosted them offsite but managed them internally, and 12 per cent had their mission-critical applications hosted in a cloud-based environment. The low figure for cloud-hosted applications could be misleading though, since only 9 per cent of those surveyed hosted their mission-critical apps in a cloud environment. In fact, of those companies, 78 per cent said they could recover their data and applications within five hours. 67 per cent of businesses that hosted their backups offsite, selfmanaged in a secure location, said they could recover data and applications within five hours, compared to 52 per cent of companies that hosted backups onsite, 48 per cent of companies with data hosted offsite by a third party, and 38 per cent of those who stored their backups offsite with an employee. Virtually all of the companies with sub-five-hour recovery times 98 per cent backed up data daily. 5 DISASTER RECOVERY

BACKING UP Overall, the respondents in this survey overwhelmingly practice daily backups 97 per cent. Two per cent backed up weekly, and one per cent backed up monthly. (Note: In the context of another question, two per cent claimed they don t back up at all.) There s not that same consistency in the validation of those backups. Thirtythree per cent of companies validated at least a portion of their backed-up data weekly, while 35 per cent validated monthly and 19 per cent semiannually. The remaining 14 per cent said they never validated their backups, or that they don t do backups at all. The frequency of validation had minimal influence on the companies confidence in their ability to respond to a disaster recovery situation. Weekly, monthly or semi-annually, more than 90 per cent of respondents felt they were at least somewhat able to deal with disaster recovery (96, 94 and 90 per cent, respectively). Only 78 per cent of companies that did not validate felt at least somewhat able to deal with a DR situation. This suggests that, while backup validation has an effect on a company s ability to recover from a disaster situation, there is no consensus on what the best practices are in terms of frequency of validation. Offsite, with an employee 16% Onsite 18% Offsite, managed by third-party service provider 39% Offsite, managed by organization 27% Where are your backups stored? Finally, the majority of respondents said they store their backups offsite, with only 18 per cent storing them on-premises. The largest number (39 per cent) had their backups offsite and managed by a third-party provider, while 27 per cent stored backups in a secured, offsite location managed by the company itself. Interestingly, 16 per cent of companies leave their backups offsite under the care of an employee. 6 DISASTER RECOVERY

PART 2: THE BUSINESS SIDE OF BUSINESS CONTINUITY AND DISASTER RECOVERY By definition, the failure of a mission-critical system renders a company unable to do business. This implies that there is a cost of downtime associated with a business-critical system failure. Therefore, business should be able to identify the cost per hour or day of mission-critical system failure. Yes 50% No 50% Have you identified the cost associated with temporary loss of mission-critical application services and systems? Surprisingly, slightly more than half (50.3 per cent) of companies surveyed had not identified the cost per unit of downtime. There were few factors distinguishing those who knew the cost of their downtime and those who didn t. Those who had experienced an extended outage were only slightly more likely (54 per cent) to have associated a specific cost with downtime than those who hadn t. Of those with a business continuity plan, only 55 per cent had determined this cost, though those currently developing their plans were more likely to have a dollar figure to attach (59 per cent). But a few things stand out. For example, 75 per cent of those surveyed who did not have a business continuity plan couldn t attach a dollar figure to their downtime. Seventy-four per cent of those who did not validate their backups didn t know the cost of their downtime. Sixtyseven per cent of companies that had not rehearsed their business continuity plan didn t know the cost of downtime. These are all practices we ve outlined above as what we ll call basic business continuity hygiene. This suggests that while identifying the costs of downtime doesn t necessarily lead to better business continuity practices, not identifying those costs is a symptom of weakness in its execution. Good business continuity hygiene begins with identifying the cost per unit of time of a mission-critical systems failure. 7 DISASTER RECOVERY

NEED TO KNOW On other fronts, though, Canadian enterprises seem to be on top of the information they need for a thorough business continuity and disaster recovery plan: 67 per cent have determined the minimum service levels required to operate during a disaster recovery situation. 85 per cent have identified and ranked their business-critical applications. 77 per cent have evaluated and classified their data in terms of business priority. 82 per cent have identified users critical to keeping the business running during a disaster, and 87 per cent have up-todate contact information for all employees. REGULATORY CONCERNS Many industries, particularly financial institutions, are governed by strict regulatory and compliance guidelines that apply during a period of disaster recovery. Adherence to these regulatory requirements should be an informing influence on the development of disaster recovery and business continuity plans. Of the companies we surveyed, 63 per cent said they had identified regulatory and compliance guidelines they must meet during a disaster recovery effort. No 37% Yes 63% Of those organizations surveyed that had no business continuity plan, only 38 per cent had identified regulatory requirements that had to be met during a disaster recovery exercise. That s 11 per cent of companies that have identified these requirements. The 78 per cent of businesses that have identified these requirements and do have a business plan, and the 10 per cent that have one under development, are minimizing this particular business risk provided the business continuity plan is consciously aimed at meeting those regulatory requirements. Have you identified any regulatory and compliance requirements that you must meet during a disaster recovery period? 8 DISASTER RECOVERY

BUDGETING FOR THE WORST An effective business continuity plan, like any other project, benefits from dedicated, specific budgeting within the IT budget umbrella. Surprisingly, only half of IT professionals surveyed said there was sufficient, specific budget for business continuity. Twenty-three per cent said they had no business continuity budget at all; 12 per cent said their budget was insufficient. Not even having been burned previously by an extended outage convinces companies to budget adequately for business continuity; only 46 per cent of those businesses that had had one or more 24-hour-plus outages budgeted sufficiently for disaster recovery. PART 3: BETTER DISASTER RECOVERY AND BUSINESS CONTINUITY HYGIENE The information for this survey, when it is sliced and diced, gives us some insight into the practices of organizations that have fewer episodes of extended system failure and who recover more quickly from a mission-critical system outage. Adapting these practices will lead us to a more comprehensive and effective disaster recovery regimen through better business continuity hygiene. First on the list of best practices is having a business continuity plan in the first place. Organizations that do recover more quickly from a mission-critical systems failure. If you don t have a plan, or are in the process of developing one, take these practices into consideration when creating one. If you already have a plan, assess whether it has all the elements it needs. 1. Attach a dollar value to the cost of mission-critical systems failure. Knowing this number makes you more likely to develop a plan with fewer weaknesses. 2. Take into account regulatory and compliance requirements. If your organization faces particular requirements, those requirements must be woven into the fabric of the plan to ameliorate the business risks of regulatory action. 3. Budget specifically for a business continuity plan. Companies that have had extended system failure are less likely to have a specific budget for business continuity. 4. Back up at least daily. And plan to validate the data of those backups periodically. Since there is no consensus on the optimum frequency of validation, address the issue with your internal team, or in consultation with your service providers if you use them. 5. Rehearse your plan. Periodic simulations should be part of the business continuity and disaster recovery strategy. Organizations that perform them recover more quickly from a systems failure. 9 DISASTER RECOVERY

APPENDIX: RAW SURVEY DATA More than once 7% Somewhat unable 5% Highly unable 2% 3 No 20% 4 11% we do not have a plan Once 26% Never 68% Somewhat able 45% Highly able 48% Under development 11% Yes 70% No 38% Yes 52% Has your business ever experienced an extended (more than 24 hours) of IT-related failure? How would you rank the ability of your infrastructure to cope with a disaster recovery situation? Do you currently have a business continuity plan in place? No 50% If you have a business continuity plan in place, have you excercised (rehearsed and tested) it? Weekly Monthly 2% 1% Don t back up 2% More than one 13 day 12% hours to one day 13% Six to 12 hours 16% Less than two hours 29% Two to five hours 30% 6 Daily 97% Never 12% Semi-annually 19% Monthly 35% Weekly 33% 8 Offsite, with an employee 16% Offsite, managed by third-party service provider 39% Onsite 18% Offsite, managed by organization 27% If you were to experience any downtime, how long would it take to fallback to recover your data and applications? How often do you back up your data? Week 2% How often do you validate at least a portion of your data backups? Where are your backups stored? In a cloud hosted environment 9% 9 10 11 12 Yes 50% No 50% More than one day 19% One day 29% Hours 45% No 43% Yes 67% Offsite, managed by the organization 26% On-premises 65% Have you identified the cost associated with temporary loss of mission-critical application services and systems? How long can you be without your mission-critical applications before business is unacceptably impacted? Have you determined the minimum service levels you require during a disaster period? Where are you mission-critical applications hosted? 13 14 15 16 No 15% No 23% No 18% No 37% Yes 63% Yes 85% Yes 77% Yes 82% Do you have a clustered environment or other method of automatic-failover? Have you identified and ranked your most critical line of business applications? Have you evaluated and classified data in terms of business priority? Have you identified which users are critical to keeping the business running in a disaster situation? Yes, but we re not sure if it s up-to-date 9% No 4% 17 Yes 87% 18 No 37% Yes 63% 19 No 23% No, but it s in another budget envelope 4% Don t know 12% Yes, but it s an insuffient amount 12% Yes, and it s a sufficient amount 50% Very uncomfortable 2% 20 Somewhat uncomfortable 16% Somewhat comfortable 55% Very comfortable 26% Do you have current contact information for all employees in the event of a business disruption? Have you identified any regulatory and compliance requirements that you must meet during a disaster recovery period? Is a portion of your IT budget allocated to business continuity? Having considered all of the above questions, how comfortable are you with your company s ability to operate during a period of natural disaster or disruption? 10 DISASTER RECOVERY

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information