Executive Brief
IT Disaster Recovery
IT Innovation. Business Value.
4 Stages of IT Disaster
Recovery Planning —
Are You Resilient?
As the enterprise IT landscape becomes more complex, customers more
demanding, and computing devices more abundant and powerful, the need for
business resiliency is of critical importance. Resilience is the ability for a company
to adapt and recover from any unplanned changes to the IT environment by
managing risk and implementing contingency and continuity planning.
Companies develop disaster recovery plans to ensure that they have a
Secure-24 is a
event of a man-made or natural disaster. In general, a “disaster” is defined as any
leading provider of
made to move those operations to an off-site recovery location.
managed IT
Disaster recovery plans are designed to restore the company’s applications, data,
operations, hosting
impact on the business, with respect to lost revenue and operational interference.
and cloud services,
with mandatory business regulations—regulations that have penalties for non-
providing highly
documented, detailed, tested blueprint for directing the IT recovery process in the
event that causes sufficient interruption of computer operations that the decision is
and physical network within established critical timeframes that minimize the
Furthermore, disaster recovery planning is also critical to ensure compliance
compliance ranging from monetary fines to loss of business.
available
IT environments and
expert management
and support for your
business.
26955 Northwestern Highway, Southfield, MI 48033
Phone: 800-332-0076
[email protected]
www.secure-24.com
IT Innovation. Business Value.
4 Stages of Planning
Developing an effective disaster recovery plan involves more than “backing up
to tape” — there are seven distinct, critical steps that must be performed:
Access
Test
• Develop and architect your recovery strategies
• Test and validate to confirm that activities outlined
• Define the recovery team organization, identify key
in a DR plan will be successful and that RTO/RPO
• Develop and document the procedures that will be
• It is important to establish a testing frequency and
individuals, and provide training
executed in the event of a disaster
objective can be satisfied.
monitoring to verify that your DR plan remains
effective.
Design
Maintenance
• Develop and architect your recovery strategies
• Because business process and IT system change
• Define the recovery team organization, identify key
individuals, and provide training
• Develop and document the procedures that will be
executed in the event of a disaster
over time, disaster recovery plans should undergo
scheduled reviews to identify potential sources
of change such as to key staff attrition, new
compliance requirements or changes to critical
RTO/RTP levels.
For the Disaster Recovery Plan to be viable and effective, it is critical
that a methodology be followed — from identifying applications used
throughout the enterprise, to reviewing and testing the plan on a regular basis.
As infrastructure updates and new software applications are implemented in
the enterprise, the plan must be revised to reflect these innovations.
There also needs to be consensus from the management team on both
the critical business definitions and the role that management will play in
executing the plan.
Executive Brief
IT Disaster Recovery
pa g e 2 o f 6
IT Innovation. Business Value.
Business Impact Analysis (BIA)
Performing a careful and complete Business Impact Analysis (BIA) is critical
to developing an effective Disaster Recovery Plan. During this phase, system
requirements, functions, and interdependencies are analyzed — the results
are then used to identify system contingencies as well as setting priorities.
The Business Impact Analysis drives the Disaster Recovery Plan by identifying
the applications and systems that will significantly impact the business in the
event of a disaster.
During this phase, it is vital that input be obtained from departments across
the enterprise, from Human Resources and Customer Service, to Information
Technology and Accounting. In addition to using this information gathering
to define critical timeframe, the BIA is also an effective strategy to educate
the enterprise on the need for a Disaster Recovery Plan and to identify any
alternative manual procedures that could potentially minimize the impact of an
interruption in system availability.
Defining RPO and RTO
Critical to BIA is determining the Recovery Point Objective (RPO) and the
Recovery Time Objective (RTO). The RPO is the point in time to which data
must be recovered; the RTO is the overall length of time an IT component can
be in recovery before it negatively impacts critical business processes.
The analysis is important because different applications and IT components
will have different RPOs and RTOs. For example, an application that supports
a mission-critical application, such as customer order processing, may have
a short RPO/RTO, while an application that runs an internal, non-customerfacing of low import may have a much longer RPO/RTO.
Executive Brief
IT Disaster Recovery
pa g e 3 o f 6
IT Innovation. Business Value.
Architecting Your Recovery Strategies
Developing a solid Disaster Recovery strategy requires a comprehensive
approach. Key items that need to be considered include network requirements,
infrastructure needs, data recovery, data and record management, security
and compliance.
After the critical applications and data recovery objectives are identified, the
company needs to architect the specific strategies and solutions to make
sure the recovery objectives for applications, network and data are restored
in the appropriate timeframes. Meeting these recovery objectives may involve
deploying new architecture, tools, and infrastructure internally or with the
DATA Recovery Models
• Tape
• Disk2disk
assistance of an external service provider.
Options to be considered include electronic vaulting, tape retention, or a dual
data center approach.
• Asynchronous Replication
Testing and Training
• Snapshot
Performing thorough analysis and developing sound recovery strategies are
• CDP
• Local Mirroring
critical to a solid Disaster Recovery Plan; however, testing the plan and training
staff on executing the plan is vital to successful DR planning. The only way to
validate that your plan will work is to test the plan on a regular basis and put a
• Synchronous Replication
function in place to ensure it is updated to reflect changes in the environment.
• Multi-Data Center
There are various levels of testing, with varying degrees of involvement—from
Mirroring
a structured walkthrough with key technical resources verbally assessing the
plan, to simulation testing where a disaster is simulated so the plan can be
implemented, to full interruption testing, in which the disaster recovery plan is
activated in total. The organization needs to establish the testing required to
effectively assess the validity of the plan.
In tandem with testing the plan is the need to train assigned personnel both on
their roles in the disaster recovery scenario and on the broader content of the
plan itself. Like testing, the organization needs to regularly revisit the training
plan to address the organizational changes, new hires, and attrition that are
inevitable.
Executive Brief
IT Disaster Recovery
pa g e 4 o f 6
IT Innovation. Business Value.
Secure-24 DR Solutions
Secure-24 runs customer operations from data centers connected via a highavailability SONET ring. This multi-data center approach enhances the ability
to recover quickly because one facility acts as backup recovery for the other.
Not only is there complete redundancy for the components within the data
center, but the data centers themselves are redundant.
Secure-24’s disaster recovery services for hosting and private cloud customers
include an in-depth analysis of our customers’ current IT infrastructure, as well
as the critical data and applications, including:
• Detailed assessment and definition of risks, timeframes, required
performance, and functionality levels supported by well defined Service
Level Agreements (SLAs)
• Implementation, ongoing management, and solution support
• Synchronous and asynchronous disaster recovery offerings
• Disk-to-disk plus additional tape backup options
• Dual-data center approach with unique Geographic High-Availability (GHA)
internet fiber connection between data centers
• Highly experienced and knowledgeable teams to restore systems and
minimize business impact
• Command center facilities that allow key personnel to continue operations in
the event of an emergency
SONET Connectivity
Metropolitan Area Network (MAN)
Executive Brief
IT Disaster Recovery
pa g e 5 o f 6
IT Innovation. Business Value.
About Secure-24
As a leading provider of managed IT operations, Enterprise Hosting and Cloud
Computing Services, Secure-24 delivers full technical support of business
critical applications with proven methodology and demonstrated successes in
infrastructure, management, upgrades, migrations and support engagements.
Secure-24 manages complex IT landscapes for mid-market and large
companies that operate globally, providing robust, strategic and transformative
To learn more about how
technologies that help organizations to be innovative and competitive.
outsourcing your applications and
infrastructure to Secure-24 can
help your organization achieve its
business goals, contact us at:
Secure-24
26955 Northwestern Highway
Southfield, MI 48033
www.secure-24.com
Local: 248.784.1021
Toll-Free: 800.332.0076
Fax: 248.784.1024
Info: [email protected]
Sales: [email protected]
HR: [email protected]
Secure-24 is committed to helping your organization succeed by bringing
the best innovations and technology to your IT needs. That’s why we have
developed strategic relationships with market-leading business and technology
companies and emerging players. Working closely with our network of
alliance partners strengthens our ability to deliver genuine business value to
the enterprise and help clients make the most of their IT investments.
Executive Brief
IT Disaster Recovery
pa g e 6 o f 6