6. Regularly backup and snapshot data. "No strategy will work if you haven't set up automatic backups," states Scott Harris, the vice president of Services at Egenera, a provider of cloud management and disaster recovery software. "Whether it is to one of your corporate data centers, your DR site or the cloud, be sure that all critical data is backed up on a schedule that protects your business from downtime in the event of a disaster," he advises.
"Take real snapshot backups, not just RAID mirroring or database replication," adds Chris Camejo, director of assessment services at NTT Com Security. "If someone or something issues a command to overwrite or delete data, intentionally or otherwise, your RAID controller or database replication will dutifully delete it from the mirrors as well," he explains. "Removable media (tape) has the advantage that it can't get accidentally altered unless somebody physically mounts it."
7. Make sure critical applications are also accessible. "Protecting your data is not enough if you want to keep the business running during an event that causes downtime," notes Justin Moore, CEO of Axcient, a provider of data backup and restore, business continuity, disaster recovery and cloud continuity solutions. "Ensure critical applications can be virtualized in the cloud so that your employees keep productive."
8. Don't neglect laptops. "Most disaster recovery plans are focused on protecting the data center," says Peter Eicher, senior manager for Product Marketing at CommVault, a provider of enterprise backup and recovery, data management, deduplication, data protection, archiving and e-discovery software.
"While that is certainly critical, according to Gartner, almost two-thirds of corporate data lives outside the data center. Laptops, [for example,] are far less resilient than data center servers and disk arrays, and laptops are also subject to loss and theft," Eicher says. So it is important to include laptops and similar devices in your DR plan.
9. Follow the 3-2-1 rule. "If an enterprise wants truly disaster-proof data, it needs to follow the 3-2-1 rule: three copies of the data, stored on two different kinds of media, with one of them stored offsite," says Doug Hazelman, vice president of Product Strategy for data protection provider Veeam.
"By following the 3-2-1 rule, IT eliminates any single point of failure," Hazelman says. "For example, if the organization relies on SAN snapshots (which are great for backing up frequently), IT will need to find a way to create backups from those snapshots to get multiple copies and move at least one copy off site."
10. Keep backups off site, in a safe location."How far off site depends on the risks you are worried about," says Camejo. "If your data center is in San Jose and a major earthquake knocks out all your infrastructure, then it doesn't do any good if your backups are in an 'off site' facility in Santa Clara, the next town over. Consider the threats and plan appropriately."
Sign up for CIO Asia eNewsletters.