Are disaster recovery plans extremely expensive?

As mentioned above, the size, complexity and level of detail varies dramatically in DR plans. As with most plans, it is important to identify the objectives and goals and then build a plan to meet those goals. Consider what you really need, and how much you are willing to pay.

For example, one key factor to consider is your Recovery Point Objective (RPO) – which identifies the number of recovery points you can recover from. You may want to consider this on an application-by application basis. In a simple DR plan, you may have a recovery point objective of no more than 48

hours. In other words, I can recovery from any failure but not lose more than 48 hours worth of data. Other environments you may decide you cannot afford to lose more than 5 minutes worth of data. It is important to understand your RPO.

Another factor to consider is your Recovery Time Objective (RTO) – which identifies the amount of time it takes to recover. Stated differently, how much time can you afford to be offline. Once you set your objectives, then you can begin to apply technology to meet those objectives. The sections below describe how the cost of a DRP can be dramatically reduced, to an affordable one.

Must the DR site be a physical mirror of the main site?

This is not typically true. It is only a very small percentage of DR implementations that require a complete physical mirror of equipment, networks, people, and other resources at the DR site. Not all applications and operations at the main site are mission critical. Therefore, not all of them have to be restored

immediately. Some applications and operations can afford a longer RPO and RTO than others. For example, if an internal R&D team develops applications for internal use, this activity is far from being critical. The DR site may therefore exclude the storage capacity, servers and working environment for

this team. Once priorities have been established for each application and operation, equipment and resources for the DR site can be identified. In most cases, the main site is well–equipped, providing adequate capacity to handle peak-loads plus some excess. However, the DR site typically does not need to be configured to support extreme loads. This allows the DR configuration to be far more cost-effective than the primary site. If a disaster should occur, the DR site will be fully functional for the short period of time it is required to support the operation. The goal is to return operation to the primary site as quickly as possible. If it is not possible to return to the primary site in a short amount of time, and peak periods are expected, upgrades to the DR site can be made. One could argue that the storage applications responsible for mirroring the data to the DR site, operate only with the same storage systems, and therefore, lower cost solutions would not be available. This was indeed true several years ago when storage vendors held more of a closed system mentality.

Several independent software vendors offer mirroring between heterogeneous storage devices, providing the option to choose the most suitable storage system for the DR site – regardless of the vendor. Tthe efficiency of the mirroring solutions support mirroring from high-performance devices to lower-performance solutions.

Is the DRP only for physical disasters?

No. If this was the case, you would not be able to recover from a massive virus attack or a total data corruption due to a rogue application.

Research has shown that more than 93% of errors are “logical” failures rather than “physical” failures. While some of these errors are not considered “disasters”, others (e.g., viruses, data corruption, or accidental file deletion) can be just as devastating as a physical catastrophe. The net result is the same – the business is taken offline.

A good data protection plan needs to enable rapid recovery from both physical and logical failures at the main site, while guaranteeing that logical errors are not propagated to the DR site. The most common and effective protection against logical failures is the use of snapshots. Several vendors now offer low-capacity snapshots that consume storage space only for changes made after the most recent snapshot. These snapshots can be used to recover within seconds, eliminating the need to spend hours recovering from traditional tape (or disk) backup solutions.

How far should the DR site be located?

Recent events such as September 11th, the Tsunami and Hurricane Katrina show that a DR site, close to the main site may not be a sufficient approach. In these cases, entire regions were hit by disasters and the only way to resume operation was from a DR site far away from the main site. The use of asynchronous mirroring can extend a mirror to the opposite side of the earth. Asynchronous mirroring solutions are very efficient and can work over low-bandwidth IP lines. Some vendors are even offering this option without any further hardware. On the other hand, synchronous mirroring usually requires Fibre Channel (FC) lines that are indeed limited to roughly 10 kilometers. Nevertheless several vendors are offering today FC extensions that can reach more than 1000 miles. It is recommended that you pick a vendor that offers both synchronous and asynchronous mirroring to give you the flexibility to apply the technology that best meets your needs.

Implementing a DR Plan is much like having insurance – the business can operate without it, but the risk is just too high. Data protection is a very real requirement in the market and many new solutions are now available that provide advanced functionality not previously available. Many of the myths from years ago prevail in discussions, but are no longer true. Problems that not long ago were considered unsolvable (or too expensive to solve) now have affordable solutions. By looking beyond the myths and choosing the right solutions, every business can create a cost-effective DRP that best matches their requirements.