Disaster recovery refers to the restoration of facilities and other resources following partial or complete destruction resulting from a natural calamity or security infraction. In practice, however, disaster recovery is used in reference to the restoration of IT systems and architecture following a disaster ( Snedaker, 2013 ; Maitra , 2010) . As a result, DR can be conducted on-site or at an alternative location with alternative infrastructure. This is dependent on the magnitude of the damage to the IT infrastructure. Disaster recovery can involve but is not limited to data restoration, reinstalling applications, rebuilding servers and re-establishing network services among others. Combined, these strategies lead to the restoration of an organization’s IT infrastructure.
Business continuity, on the hand, refers to the ability of an organization to maintain the availability of its products/services in the wake of a disruptive event ( Sahebjamnia et al., 2015; Saleem , 2008) . To achieve business continuity , organizations depend on IT infrastructure and specific technologies. With regards to technology, business continuity requires access to computing, applications, and network services both virtually and through physical network access. Likewise, it requires access to server hardware, failback, data center, redundant shared storage, replication, as well as networking and networking infrastructure. Business continuity is perceived in terms of failover which is measured in terms of seconds ( Snedaker, 2013 ) .
Delegate your assignment to our experts and they will do the rest.
Data recovery and business continuity are complementary and therefore are usually planned concurrently based on several best practices. Before beginning the process, the implications of the disaster must be considered, and critical risks understood. As a result, a BIA is a vital part of the process. Subsequently, DR and business continuity plans (DRBCPs) must be formulated by recovery and continuity experts in conjunction with the organization’s functional and IT employees ( Snedaker , 2013) . Tiers and applications are then prioritized based on the cost of downtime for each tier and application . Service catalogs are then defined from which the organization can choose. Subsequently, plans are based on infrastructure redundancy such as networking, cooling or telecommunication failure. These plans should be tested periodically, ideally every quarter, with results being documented and vulnerabilities rectified. Further, quarterly reviews should be followed by annual reviews which also assess the vulnerabilities of virtual server orphans. At this stage, optimization technologies are deployed in anticipation of network latency, congestion and data growth challenges. The role of the cloud is then introduced in the DRBCPs. Finally, the recovery infrastructure and network resources are evaluated in view of future recovery and continuity requirements ( McLaughlin , 2013).
My organization provides ride-sharing services via web and smartphone applications. Thus, the organization operates in the technologically driven environment. During the creation of DRBCP, the steering team was comprised of staff members from the IT, customer relations and partner management departments. This in-house team was joined by a team from Google, who were our recovery and continuity consultants. After constituting the recovering and continuity team , it proceeded to prioritize the recovery of our ride-sharing services app based on perceived risks and their potential impacts. The perceived risks were determined to be partial/complete network and server redundancy. Both were perceived to have the impact of causing short term and long term unavailability of our services.
The DRBCP recommended that backup networking services be contracted to Verizon and T-Mobile. Verizon was selected due to its technical competency while T-Mobile was selected based on the fact that its server networks are based in Europe thus consequently spreading the risk. The organization further proceeded to settle on Google’s servers as a backup due to the tech giant’s competency in recovery and continuity. Also , our service level agreement (SLA) with Google stipulated that we could back up our virtual system onto their cloud at no extra cost.
In this plan, a disruptive event was defined as an IT-based event that causes a service disruption for more than one hour. In case of one, the IT department is expected to advise the chief technology officer (CTO) via a written memo to initiate the DRBCP. The CTO is then supposed to contact our project manager at Google, who consequently launches the implementation of SLAs with other service providers. The DRBCP is supposed to be evaluated on an annual basis . However, due to resource constraints, we have only been able to review it once in the four years it has been in existence. The review recommended that we adopt satellite communication to activate the plan in the event traditional communication channels fail too. However, due to financial constraints, this recommendation is yet to be patched into the plan . Undeniably, this goes against the best practice.
References
Maitra, S. (2010, February). Disaster recovery and business continuity planning. In Proceedings of the International Conference and Workshop on Emerging Trends in Technology (pp. 1001-1001). ACM.
McLaughlin, K. (2013). Disaster recovery and business continuity planning. Information Security Fundamentals , 145.
Sahebjamnia, N., Torabi, S. A., & Mansouri, S. A. (2015). Integrated business continuity and disaster recovery planning: Towards organizational resilience. European Journal of Operational Research , 242 (1), 261-273.
Saleem, K., Luis, S., Deng, Y., Chen, S. C., Hristidis, V., & Li, T. (2008, May). Towards a business continuity information network for rapid disaster recovery. In Proceedings of the 2008 international conference on Digital government research (pp. 107-116). Digital Government Society of North America.
Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals . Newnes.
