|
|
|
|
|
||
|
|
|
|
|
||
|
|
|
 |
|||
|
|
The DataGuard Data Protection Newsletter March, 2006
Bullet Points
Preparing For Fire-Related Disaster Recovery Social Engineering May Be The Weakest Security Link The Continuous Challenges of Risk Management Why Online Backup Is Replacing Tape Dealing With Large-Scale Disasters
Welcome! If there are any topics you would like to see discussed in the future or if you have any comments, please contact me at JoeT@HighCaliber.com
Dealing With Large-Scale Disasters There has been an unusual number of both man-made and natural disasters in recent years. Both types of disasters can cause massive loss of systems, even entire locations, not to mention the loss of life. How would your organization handle this type of disaster? No organization can claim readiness for large-scale disasters without involving Human Resources, Facilities Management, and Information Technology people. This trio must work in concert to properly overcome a disaster's impact. The first order of business is to get good information flowing in. In the wake of a major disaster--natural or man-made--you will no doubt find a wealth of information that you will need to sift through to verify what is real, versus what is either imagined or simply exaggerated. Case in point: After the initial shock of the power failures in the northeast United States in August 2003, many people were absolutely convinced it was a terrorist attack, when in fact it was simply a large-scale technology failure across several systems. Finding out what happened and what resources you still have available is a vital first step in the process of dealing with a disaster. Your next priority is to get good information flowing out. Make sure everyone who needs to be in the loop during the initial recovery process is available, or that substitutes are brought in. It may sound easy on the surface, but remember that physical and mobile phone service may be interrupted, email systems will probably be offline, and other communication systems may be acting erratically. Find the systems that are still working and get the word out as soon as possible. Hopefully, you have already determined your Recovery Time Objectives (RTO) for your various systems before the disaster struck. If not, there is very little you can do but try to bring everything back up as soon as you can. If you do have RTO numbers, start working with the shortest recovery times and bring those systems up in alternate locations first, and leave all the other systems for later--no matter how much people start yelling at you to bring them up sooner. At this point, you must concentrate your staff on the most important systems first, regardless of the apparent urgency that already panicked staffers may express to you regarding other systems that everyone agreed were less important prior to the actual disaster. Keep in mind that this may mean finding alternate data-center space and acquiring new hardware if you haven't already planned for these eventualities. This is where Facilities Management comes in to make sure you have a location to set all this up. Finally, after all the urgent issues have been addressed, you can then begin to bring up other data-systems as time and equipment will allow. If you're in a smaller shop, HR, Facilities, and IT may all be the same person, making your job somewhat easier and harder at the same time, but all three groups must be brought into the equation. Dealing with a large-scale disaster is something that everyone would prefer not to have to deal with. Recent events have proven that it is--unfortunately--an eventuality that no organization can afford to ignore.
DataGuard archives: Click Here |
||
