From my conversations with customers, many are unable to distinguish between a disaster recovery or business continuance plan. Disaster recovery is about recovering the failed site - rebuilding infrastructure, restoring data and restarting applications. Recovery can take anywhere from hours to days, depending on how much is destroyed and how much must be rebuilt and recovered. This process may also include non-infrastructure-specific recovery steps, including establishing a new data centre site, training personnel, and so forth. As for business continuity, it is hosting the business through recovery and transferring operations.
The combination of both disaster recovery and business continuance provides comprehensive protection and both are needed to ensure the continuous availability of information and ongoing operations. A robust data protection architecture should incorporate technologies and methodologies that follow these four guiding principles:
- A copy of data should be stored on a different device to the source
- A copy of data should be decoupled from the source
- A copy of data should be physically isolated from the source
- The copies of data should be regularly verified for integrity
As we enter into 2012, we can expect more information to become critical and a greater need to emphasis on data consistency across applications, especially with the increased reliance on smartphones and devices. More applications and business processes will be deemed critical to an organisation and there will be a greater need to keep up with business and technological changes.
Distance will be an important factor as organisations protect themselves against regional disasters. There will also be a greater emphasis for "lights out" automation which stresses on recovery without
physical means such as human resources or transportation.
At the same time, as operations expand through acquisitions and mergers, organisations would also have to prioritise the requirements from different areas of business and respond to the different needs of each business unit.
An emerging trend for data protection is implementing the multi-layered approach, which was originally a military strategy that has previously been applied to IT security. Multiple, redundant, diverse and independent layers of protection are in place to ensure that, within reason, no single incident or chain of events can compromise enough safety systems to cause a major malfunction.
When catastrophe strikes, chaos is the only constant. However having information and data on hand is crucial as organisations need to address and assure customers and stakeholders of the availability and integrity of information, which has a direct impact on revenues and profits. As we have seen, businesses can no longer afford to think in terms of solely protecting their own infrastructure but must think about all of the infrastructure connected with their business upon which they are dependent on and how it can be protected.
P.K. Gupta is senior director and chief architect, backup and recovery systems, EMC Asia-Pacific/Japan.
Sign up for CIO Asia eNewsletters.