Posts Tagged ‘Floods’
Too often, business continuity planning and disaster recovery planning are treated as the same functions. Unfortunately, they are not. Business continuity planning helps organizations insure that applications and processes continue through the myriad of day-to-day disruptions that might occur. These include IT component failures, such as disk-drive failures, a server failure, a dropped network link, or an application bug. Disaster recovery planning helps organizations recover operations after less frequent, but far more devastating events, such as fires, floods, hurricanes, earthquakes, and a variety of man-made disasters. While the data center strategy is only one component of business continuity and disaster recovery planning, it is a key component. And while business continuity and disaster recovery planning are different functions, they must often be considered together, because of budget limitations.
There are plenty of advantages to having a business continuity data center in region, a very short distance from the production data center. If the data centers are very close, there will be little impact on transaction latency for the always-important two-phase database commit. Failover times from the production data center to the business continuity data center can be very short. Staff that normally work at the primary data center can easily show up for work at the in-region business continuity data center. WAN charges between the primary and business continuity data centers will be relatively low.
The problem with an in-region business continuity data center is that it can’t replace an out-of-region disaster recovery data center. The two are simply too close for comfort. And few organizations can afford three data centers. Following are a few of the types of disasters that can prevent an in-region business continuity data center from acting as a disaster recovery data center:
- Electrical-grid failure
- Telecommunications failure
- Transportation systems failure
- Chemical spills
- Radiation leaks
- War, terrorism, and civil unrest
For these types disasters, it is much more likely that both in-region data centers will be affected and much more challenging to recover applications and data. One of the trade-offs organizations must make is between how quickly they recover and how certain they are that they can recover from the range of disasters that could strike them. We believe that a slight increase in recovery time is well worth the additional assurance that you can actually recover applications after a disaster. Using an in-region business continuity data center as a disaster recovery data center is a little like doing a tandem sky dive. It’s fine, as long as nothing goes wrong.
Tim is the VP of IT. His company’s data center is more than a thousand miles from the nearest ocean, so it’s not going to be impacted by a tsunami or a hurricane. It’s in an area that has very little seismic activity, so it’s not likely to be affected by an earthquake. There are no active volcanoes nearby. It’s not near any rivers or near a flood plain. There are no other major buildings nearby, and, even though his area has experienced a major drought over the past year, the risk from fire, at least from somewhere outside the data center, is very low.
Tim’s disaster recovery plan calls for a full backup of the application and data files of the critical applications once a week and an incremental backup nightly. The backups usually complete without error, but not always. Some applications are considered more critical than others, so some applications are backed up less frequently. Tim does a disaster recovery test twice a year, to make sure that everything in the DR plan is working. Usually it is. There are other risks to his data center. He could lose power or network communication. He could have a fire that starts inside the data center. His area does occasionally have tornadoes, but not very often. There could be a chemical spill that would require the area to be evacuated, but none of these are very likely.
Like every IT director, Tim has a limited budget, and he is constantly under pressure to keep IT costs low. Tim has made a series of guesses, bets really, in developing his disaster recovery plan. He’s bet that he’s covered for most of the risk associated with natural disasters, he’s bet that the applications that he deemed critical are the right priorities, that he’s got all of the program files and data together in the proper groups, and that nothing has changed since he last revisited the plan. He’s betting that the backup process is working, that the tapes are readable and the applications recoverable.
Those are only some of the bets that Tim has made. Each bet has a consequence. Sometimes he’ll win. Sometimes he’ll lose. But what happens, if Tim guesses wrong?
I’m a fan of the movie, “The Princess Bride.” If you haven’t seen the movie, click on the link below to see a short clip of what can happen when you guess wrong.
The Princess Bride: The Man in Black in a battle of wits with Vizzini.
Actually, like the movie, the story I just told you is fantasy. Tim is real, but I made up the rest. In reality, Tim made a very different bet. He bet on Axxana. With one very good bet, he avoided making hundreds of bad ones.
This year, 2011, has been a year of tremendous natural disasters. It began with heavy rainfall in January in Queensland, Australia, and Rio de Janeiro Brazil, causing flooding, landslides, and crop losses. An earthquake in New Zealand followed in February, causing building collapses and an estimated $12 Billion in damages. Japan’s earthquake and tsunami in March resulted in the loss of an estimated 20,000 lives, massive destruction of buildings, loss of power and disruptions to transportation systems, a hurricane in the Eastern United States left 7 million people without power for days and many without power for weeks. Floods in Thailand that began in the summer and continued into December, flooded the capital, killed more than 500 residents and disrupted the lives of millions. In August, an earthquake rocked Virginia and shook buildings as far away as Massachusetts. And a rare October snow storm hit the North Eastern United States, leaving millions without power for days.
In all of this tragedy, there are some important observations:
- Disasters will strike where they are expected, such as the earthquake in Japan, and where they are not, such as the earthquake in Virginia.
- Disasters will strike when they are expected, such as hurricanes in the late summer, and when they are not, such as massive snow storms in the fall.
- Localized disasters, such as the floods in Thailand, can have far-reaching effects, such as the global disruption of the supply chain for disk drives.
The science that enables the prediction of the location, the size and the effect of natural disasters is improving, but it is far from perfect. The local impact of natural disasters is increasing, because people and businesses are migrating into a massive urban areas. The global impact of natural disasters is increasing, because the supply chain is highly specialized into centers of expertise, but at the same time is globally interconnected and interdependent. Because of this specialization, a flood in a relatively small country can impact the global availability and price of products for which the country provides a single, but critical component.
Perhaps the most valuable lesson in all of this tragedy is that a highly efficient global operation that concentrates capabilities into unique centers of expertise, leaves itself exposed to massive disruption from localized disasters and their impact on infrastructure and the workforce. One of our customers has reduced this risk by creating dual centers of expertise, separated not by hundreds of miles, but by half the globe. With the help of Axxana, these dual centers will operate not only highly efficiently, but 100% in synch. Perhaps it is time to re-think your strategy as well.
There was so much good information in the VansonBourne European Disaster Recovery Survey, that I thought it was worth writing about it again. Twenty-five percent (25%) of the 250 European IT decision makers that VansonBourne interviewed reported having a data loss in the previous twelve months. The causes for the data losses included:
- Hardware Failure
- Data Corruption
- Loss of Power
- Software Failure
- Security Breach
- User Error
- Loss of Backup Power
- Physical Security
- Employee Sabotage
- Natural Disaster
When you think about Axxana, you probably think about protecting data from natural disasters, such as earthquakes, tornadoes, hurricanes, tsunamis, floods, and man-made disasters, such as bombings, explosions, and fires. And that’s exactly what we do. We’re fire-proof, smoke-proof, water-proof, vibration and shock-proof. Throw a javelin at us, and your data will be protected. But these kinds of disasters are near the bottom of the list of causes for data loss, so why do we even talk about it? Good question. Because, if you look up the list at all of the other causes of data loss, and you think about what we do, when combined with the snap-shot technology, asynchronous replication technology, and roll-back, roll-forward DVR-like capabilities of our partner, you will realize that we not only protect you from the really bad, but infrequent natural and made-made disasters, but most of the other causes as well. It’s a pretty good deal, and, for some, an unexpected additional benefit.
There’s a LinkedIn group called BCMIX – Business Continuity Management Information eXchange. There are over 7,000 members of this group, which I think shows just how important Business Continuity Management is in organizations today. Members can post questions to the community and get advice from other professionals who are struggling with the same issues. I’m paraphrasing here, but some of the recent topics were:
- Can you develop a profile for what types of individuals are able to manage disasters?
- How do you determine the RTO for critical systems and applications?
- What is the ROI from a Business Continuity Management Program?
I’m always interested in the calculation of an ROI on an intangible such as a BCM program, because the true value of it, like insurance, is not really calculable until after the event. I mean what is the ROI on a fire extinguisher?
There’s really no ROI on a fire extinguisher until you need it, which, hopefully is never. But, if you do have a fire, you want the fire extinguisher that works well with the type of fire you have. There are different types of fires and different types of fire extinguishers for each type of fire. There are also combination fire extinguishers that work with more than one type of fire. For those of you who want a quick tutorial on fires and fire extinguishers, here’s a helpful website: Fire Extinguisher: 101.
Once you’ve decided what risks you want to reduce, then you should get the best possible protection at the lowest possible cost. And that’s where the ROI comes in. Our Phoenix System is like a combination fire extinguisher, because we protect data through a wide variety of disasters: floods, fires, earthquakes, bombings, hurricanes, building collapse. But we have something else going for us. We actually lower the cost of data protection, by reducing data communications costs when replicating data over distance.
Maybe there’s no way to determine the return on a Business Continuity Management plan, but once you’ve made the decision to put a plan in place, you might as well have the best possible coverage at the lowest possible cost. To help you understand the savings that an Axxana Phoenix System investment can provide, we developed an ROI white paper. I hope you find it helpful.