In a previous blog, we talked about the importance of disaster recovery plan for companies’ survival. To gain more insights into disaster recovery plan, we’ve interviewed M-Theory Group’s CEO, Chant Vartanian and asked him about the top 9 disaster recovery questions that people frequently ask. Here are his answers;
1- What is the likeliness that a company will face a disaster?
All companies will face some disaster or another. In terms of infrastructure, disaster does not necessarily mean a natural disaster, such as an earthquake, fires or flood, although depending on your geography, this may be likely. Disaster, in our industry, for a business can simply mean the lack of access to mission critical business applications, data, or entire infrastructure. All companies, small or large will face this type of disaster.
2- Can you give an example of a company facing disaster without a DR plan?
I will give two. Delta Airlines recently made headlines due to a system outage. The impact to the business is yet to be determined. Disasters such as this are cancerous and have unforeseen and unpredictable financial impact. Having a DR plan doesn’t mean you have a true DR solution that works. It is crucial to test your DR on a regular basis to minimize downtime.
Another example is a well-known managed hosting business (a former client of ours). The service provider had a few small outages last year, causing their largest client to cancel services. The end result was a loss of a $50-million-dollar contract (estimated) and ultimately shutting down the managed services firm.
3- What are the risks that a company faces if its core applications are unavailable for a day, a week, or longer?
This is a tough question. The impact can vary. Typically, core applications are mission critical, which means the applications are the lifeblood of the business. Even the loss of a day can shut down an entire business. Imagine the impact on healthcare. If a major clinic or hospital was down, they couldn’t treat patients properly or even at all. A patient’s medical history lives in the digital world, not physical charts. The result of not having accurate real-time medical history can prove fatal.
4- Who are the key stakeholders and decision makers who need to be involved in the recovery process?
The IT departments for sure, typically led by the company CIO/CTO. Depending on the application or service that is down, the IT management group supporting the environment will immediately be involved. Assuming mission critical infrastructure is affected, then everyone in upper management is involved.
5- What are the recovery time objectives (RTOs) by facility and application?
That depends on the actual application or service provided or required by the end customer. RTOs will vary from company to company and from application to application.
6- Does a recovery plan meet all compliance objectives?
Not necessarily. Compliance driven industries, such as healthcare require higher levels of security. For example, HIPAA requires Data@rest encryption for production data / backup data. However, it also requires Data in Transit Encryption for data that is moving across a WAN to the DR site.
7- Against which type of disaster usually companies protect themselves?
These days Ransomware causes major disasters. However, companies try to protect themselves from all sorts of disasters, natural or otherwise.
8- How often should a company complete a full recovery test?
At the very least quarterly, however for extreme mission critical applications, monthly failover and failback test should be executed and part of the plan.
9- What does M-Theory provide as a disaster recovery plan?
Our DR service, known as DataRealm is custom built on our popular managed technology delivery service, CapEx-as-a-Service™. We deliver a single tenant DRaaS solution that is built to exact specifications using various technologies suitable for each client.