Ray Richards is founder of Mindspan Consultants and a technology journalist hailing from Ottawa, Canada

Skip site navigation and move to main content of page.

Disaster Recover Planning

Last month we celebrated our anniversary issue with a retrospective column; temporarily abandoning our discussion on Network Resource Management. This month we will delve into an often unperceived, key aspect of this discipline: Disaster Recovery Planning (DRP).

What is DRP?

Disaster Recovery Planning is essentially formulating a strategy by which the desired business objective of functional operational resumption is achieved via a set of securely documented procedures in event of a "Disaster"; and is (or should be) a fundamental part of any IT savvy organization's security blueprint. A DRP is based in part upon Threat and Risk Assessments of internal systems (e.g.: an accounting system) which are in turn based upon Statements of Sensitivity for component elements (e.g.: payroll or accounts receivable). We will discuss both of these in detail a little later in the column.

Why Bother?

Well, let's first define what constitutes a "Disaster" in order to get a better perspective on the scope of the topic. While the word brings to mind the obvious: fire, flood, earthquake, Godzilla etc., there are several events which can occur within an organization that can severely hamper or even terminate standard operations. Disasters occur when injury from realized threats is sufficient to severely curtail an organization's ability to function. Threats fall under one of five classifications:

Disclosure - This threat class pertains to IT assets which possess intrinsic high confidentiality within a firm. Examples would be: proprietary, private or time sensitive information, software prototypes, documents containing potential for damaging corporate image, etc. Some threats that compose this class are: Compromising Emanations, Interception, Improper Maintenance Procedures and of course Hackers. An illustration of Disaster by Disclosure would be a new company's prototype designs for a product being intercepted by an established competitor which brings it's greater resources to bear in order to patent and introduce the product to market in advance of the true originator; compelling the less established firm to cease operation.

Interruption - This class of threat directly impacts the availability of an asset (be it information, equipment or personnel) to those who require it. The duration of interruption and the degree to which an affected asset is deemed mission critical determines the extent of injury. Natural disasters, power failures, viral infections and Server crashes are some examples of this class of threat. Disaster by Interruption might occur if a corporation's president is flattened by a bus on his way to work, and possessing no contingency plan for restructuring of management or control of operating capital, the concern quickly becomes defunct. Of course, a more common example would be a severe and lengthy network crash.

Modification - This threat class is directly concerned with asset integrity, particularly informational (integrity in this case including both completeness and accuracy of data). Data Entry Errors, Viral Infections / Malicious Code, and Hackers are some instances that fall under this threat category. An example of Disaster by Modification might be a hacker altering a public corporation's web site, posting false and unfavorable quarterly results; eventuating a severe decline in stock value and shareholder confidence.

Destruction - This one is pretty straight forward Fire, Flood, Earthquake, Vandalism, and Power Spikes are some threats that are found within this class. Disasters occur primarily when assets that have a high availability requirement are destroyed.

Removal / Loss - Also obvious, asset Removal / Loss impacts organizations by degrees depending on the asset's availability requirement or confidentiality of information contained therein. A Disaster by Removal / Loss could occur if a corporation's server containing all accounting information is stolen along with the backup tapes which have been foolishly left on site.

Now that we have obtained a clearer understanding of the aggregate of what may be accounted Disastrous, the "why bother?" question should be reasonably answered for most. For the rest, let me state the following: statistics assert of enterprises that experience Disasters, fully 50 percent go out of business, 90 percent of those within 24 months. For larger concerns, the information is even more frightening: A University of Minnesota study concluded that while the average period between a Disaster and resumption of operation for a Fortune 500 company is only three to five days, 20 percent of these corporations would fold after only 48 hours.

An illustration of the staggering cost of a seemingly relatively minor Disaster on a company (which fortunately has very deep pockets) can be found in Texas Instruments' experiences during the earthquake in Kobe, Japan. On January 16, 1995, when the earthquake hit Kobe, KTI (Kobe Texas Instruments), situated 50 miles from the epicenter, was relatively unaffected with the exception of a 5 day loss of it's 64-kilobit-per-second communications link with TI's world headquarters in Spring Creek TX. Texas Instruments reckons the loss of revenue to be approximately 3.5 million dollars due to the down time. Had the plant been destroyed, losses would have been in the billions.

A Tough Sell

Despite the obvious benefits of DRP, the majority of companies still spend only the merest fraction of their IT budgets on this issue; the reason? — dividends are only realized in the event of a Disaster (and surely one will never happen to us!). In a perfect world, the appropriate DRP budgetary expenditure is between four and six percent of the overall IT allowance. Most organizations only commence Disaster Recovery Planning when they have experienced a Disaster, and as explained above, this is often too late.

How Do I Get Started?

If you have wisely determined to count your enterprise among the 50 percent who survive a Disaster and chosen to prepare for the various contingencies you may encounter, you may wonder what goes into a successful DRP. To begin with, let me stress that while conceptually simplistic, a thorough Recovery Plan is far too detailed and complex an undertaking for most organizations to begin on their own. Their are several specialists in the field who will save you a great deal of time and money in the long run. Locally, Dr. Jeff Williams, with whom I have often worked, is recognized as a world authority on the subject and has even produced a software product called Phoenix (very appropriate name I thought!) which will assist those who are determined to go it alone. You may contact Dr. Williams and learn more about Phoenix at www.binomial.com, or please feel free to contact me for further information.

Here we go...

One of the often neglected procedures in Disaster Recovery Planning that bears mention is Business Impact Analysis (BIA).

The best way to begin a Disaster Recovery Plan is to perform Threat and Risk Assessments on all of your soft and hard assets. This will determine your state of vulnerability and provide you with a baseline by which you may judge your progress toward Disaster Prevention. As this will involve a great deal of discussion, and I have come to the end of my allotted space, we will pick up where we left off next month. ‘Till then, be safe!

Originally published in Monitor Magazine, September, 1997, by technology columnist, Ray Richards.

Sidebar

Article Index