* Social networking: Like mobile devices, social networking provides another avenue for people, internal or external to the organization, to stay in contact during or after a disaster. Social media can be leveraged as an alternate medium to provide effective, vital crisis management in a disaster, improving emergency communications and reducing the risk of dependency on more traditional methods such as email and cellular telecommunications.
* Managed disaster recovery: Organizations are realizing they cannot rely solely on in-house IT staff to deliver a repeatable recovery response in a crisis. As a result, there is a growing consensus that disaster recovery should be managed and delivered by third party providers or professionals who are entirely focused on disaster recovery. There has been an increasing focus on managed solutions, delivered on behalf of an organization, which provide highly available, automated DR systems with data replication for delivering proven recovery.
Most organizations have traditionally believed that having data backed up and stored offsite is sufficient to ensure data recovery and maintenance of business operations. Well executed backup and restore solutions do not guarantee a well-defined disaster recovery plan however. Disaster recovery solutions require alignment to business risk and regular testing neither of which have typically been priorities in backup solutions. In recent years, events such as the 9/11 attacks and the tsunami in Japan have caused many organizations to reassess their overall data protection strategies for data backup and recovery, disaster recovery and business continuity as well as long-term retention and security of their data.
* Switch from tape-based to electronic-based vaulting: Many organizations are redesigning their DR solutions to leverage more data replication and reduce the dependency on backups as the primary DR strategy for recovery. The higher latency associated with some of the traditional recovery solutions such as tape back-up has resulted in the adoption of more flexible and cost-effective technologies such as software replication. Many organizations have migrated from tape based DR solutions to disk based ones and from tape based vaulting to electronic based vaulting such as software replication, continuous data protection, backup to remote libraries, etc.
* Recovery point objectives. RPO should align to targets defined in the DR plan, particularly for business-critical applications and data stores. Zero data loss scenarios may some combination of the above mentioned data protection strategies. In a DR plan, the RPO and the RTO (recovery time objectives) need to be defined based on business need and criticality. The DR plan should also define what systems need to be in place (and where they should be located) to get the key business applications up and running again. Often, critical system and application RTOs are shorter than the typical 24-hour interval associated with daily backups, so other data protection technologies and strategies such as remote replication or mirroring, snapshots or point in time copies, or continuous data protection technologies may need to be implemented.
Sign up for CIO Asia eNewsletters.