Disaster-recovery plans still need work

By Deni Connor , Network World , 09/01/2003

Share/Email
Tweet This
Comment
Print

Nearly two years after the Sept. 11 attacks, many organizations remain woefully unprepared to quickly recover their IT systems and key business processes in the event of a disaster.

While interest in disaster-recovery systems peaked in the immediately after the terrorist siege, IT managers acknowledge they have yet to follow through on many of their intentions. A lack of funds has been a big reason, but other factors include miscommunication between IT executives and other top executives, and the realization by some companies that their basic IT infrastructures needed shoring up first.

Proxy Not a Product, Just a Feature : Download now

"Since 9/11, we have built in replication services, but don't have an off-site location yet to replicate data to," says Rich Banta, senior enterprise systems engineer for St. Vincent Hospital and Health Services in Indianapolis, which backs up data onsite and stores tapes at another one. "We plan to do mirroring over fiber-optic [cables] in the next six months, although it's not cheap," he says, adding it would cost of at least $2,000 a month per mile.

Disaster recovery to go
Here’s a checklist of items that are key to a good disaster-recovery plan.

•	Select a coordinator to develop plan objectives, a methodology and an overview.
•	Identify critical business processes and systems.
•	Formulate hardware system and end-user recovery objectives, and identify critical network operations.
•	Assess threats — fire, environmental contamination, physical and software security.
•	Create a records-retention procedure.
•	Implement a back-up and storage strategy.
•	Define and test storage , back-up and application systems.
•	Identify an alternate site for end-user s to work out of and contract with provisioning vendors.
•	Develop network recovery and relocation strategies, as well as replacement options for hardware and service.
•	Implement a hot site.
•	Define teams, develop notification tree, document disaster-recovery plan and test plan.

Click to see:

Maimonides Medical Center in New York also cited financial issues for stalling its advanced data replication ambitions.

Related Content

"After 9/11, the government made available [Federal Emergency Management Agency] money for hot sites," says Mark Moroses, senior director of technical services and security officer at the healthcare organization. "Then New York state [government took all the money back] and the governor reallocated it to the Port Authority, which hurt us. . . .We still rely on a warm site at Comdisco that can be brought up in 12 hours."

According to a recent Gartner survey, one in three U.S. businesses would lose critical data or operational capabilities if struck by a disaster. Only one in five companies has hot sites where people can connect with their most important applications, according to a recent Harris Poll of 52 Fortune 1000 company executives.

"The flurry of activity and interest in disaster-recovery services didn't translate into a lot of people necessarily doing anything about it," says David Palermo, vice president of marketing for SunGard Availability Services, a company with a big stake in the business-continuity market. IDC estimates that the business-continuity was a $27.5 billion market in 2002.